CBR Systems, Inc. has agreed to settle charges by the Federal Trade Commission that it deceived consumers by misrepresenting the security measures it had in place to protect the personal information of its customers. And a federal judge in the Southern District of California has also preliminarily approved a class action settlement. CBR collects detailed personal information from customers as part of its medical services. It claimed that it would ensure that customers’ information would be “treated securely,” but then lost the unencrypted personal information of nearly 300,000 customers when portable devices containing that information were stolen from an employees’ backpack. The FTC started an investigation, and the affected customers filed a class action lawsuit.