Oracle Reaches Deal With FTC Over Customer Hacking

Gil C / Shutterstock

The Federal Trade Commission announced Monday (Dec. 21) that software vendor Oracle has agreed to settle on the charges filed against it that accuse the company of lying to its customers about the security of its Java software updates.

According to the FTC’s complaint, Oracle’s Java Platform, Standard Edition software (Java SE), which is installed on more than 850 million personal computers, was impacted by significant security issues that the company was aware of and did not convey to users.

“When a company’s software is on hundreds of millions of computers, it is vital that its statements are true and its security updates actually provide security for the software,” Jessica Rich, director of the FTC’s Bureau of Consumer Protection, said in a statement. “The FTC’s settlement requires Oracle to give Java users the tools and information they need to protect their computers.”

Under the terms laid out by the FTC, Oracle is required to provide users with the ability to uninstall the older versions of Java SE, which are considered to be insecure. The security vulnerabilities found in the older versions of the software reportedly allow hackers to deploy malware to access users’ financial account information and other sensitive personal information.

The proposed consent order also prohibits Oracle from making any further deceptive statements to consumers concerning the privacy or security of its software, as well as the ability to uninstall older software versions, the FTC said.


Latest Insights:

Our data and analytics team has developed a number of creative methodologies and frameworks that measure and benchmark the innovation that’s reshaping the payments and commerce ecosystem. In the November 2019 AML/KYC Report, Zillow’s Justin Farris tells PYMNTS how the platform incorporates stringent authentication without making the onboarding and buying experiences too complex.