Although the FTC recently celebrated its 50th data security settlement, it has not slowed its campaign to go after companies with data security practices that it finds inadequate. Recently, it settled enforcement actions brought against Fandango and Credit Karma based on allegations that the companies misrepresented the security of their apps and transmitted their users’ sensitive personal information without adequate security measures. Apparently, the security vulnerabilities were not exploited in either case. But that did not stop the FTC from initiating the enforcement actions