Vivint Will Pay $20 Million Penalty, Compensation to Customers

Vivint Will Pay $20 Million Penalty, Compensation to Customers

Vivint has agreed to pay a $20 million settlement from allegations that the company failed to use credit reports properly to help unqualified customers to obtain financing for products and services.

The terms of the settlement from the Federal Trade Commission (FTC) will break up the fine with $15 million paid as a civil penalty; the remaining $5 million will be used as compensation to affected customers. This is the largest settlement to date for a Fair Credit Reporting Act case.

The FTC filed the complaint, which implied that some Vivint staff were using the credit reports in violation of the Fair Credit Reporting Act., and that Vivint had violated FTC’s Red Flags Rule for failure to implement an identity theft prevention program. This program is required by certain companies that regularly use of seek a credit report.

The claim made by FTC is that Vivint sales staff used a process known as “white paging.” This method helps a sales person find a consumer name or a similar name in the White Pages app to use their history and qualify that prospective client for financing. Many Vivint sales rep work door-to-door, and when the sales team finds a potential client by this means, they asked customers to provide the names of relatives or someone else they might know who had better credit as a co-signer on the account without that person’s permission. If the customer then defaulted, Vivint allegedly referred the innocent party to a debt buyer. According to FTC, Vivint knew of this problem and even fired a number of sales staff, but rehired them shortly thereafter.

“Vivint’s sales staff stole people’s personal information to approve others for loans,” said Daniel Kaufman, Acting Director of the FTC’s Bureau of Consumer Protection. “For misusing consumer credit reports and other sensitive data, and harming people’s credit, this company will pay $20 million.”

In addition to the monetary judgment—the largest to date for an FTC FCRA case—the settlement requires Vivint to implement an employee monitoring and training program, as well as an identity theft prevention program. The company must also establish a customer service task force to verify that accounts belong to the right customer before referring any account to a debt collector, and must assist consumers who were improperly referred to debt collectors.
“We are pleased to have resolved this matter related to certain historical practices. We had already taken steps before the FTC began its review to strengthen our compliance policies, and will continue to make this a focus going forward. We are deeply committed to operating with integrity and delivering exceptional service to our customers,” according to a company spokesperson.
In addition, Vivint must obtain biennial assessments by an independent third party to ensure the company is complying with the FCRA. Vivint is also prohibited from engaging in the types of improper conduct detailed in the complaint.
People who did not sign up for Vivint’s services but were contacted by debt collectors or found Vivint accounts improperly listed on their credit reports may be eligible for compensation from this settlement should contact FTC.

“Vivint’s misconduct harmed its actual customers and the unsuspecting individuals whose identities were stolen. They need help fixing their credit reports, fending off debt buyers and debt collectors seeking payments for debt they don’t owe, and obtaining compensation for these financial harms,” said FTC Commissioner Rohit Chopra. “The Commission has requested that the Attorney General charge Vivint with violating the Fair Credit Reporting Act and for selling fake debts. I believe the Commission should have also alleged that the company violated the FTC Act’s prohibitions on deceptive practices by falsifying credit applications. I also believe that Vivint turned a blind eye to obvious compliance failures by its sales force, which violated the FTC Act’s prohibition on unfair practices.”

Oddly enough, Vivint was named as Business Intelligence Group’s 2021 Excellence in Customer Service Award. The business awards program recognizes companies that are providing a differentiated level of customer service.

“Vivint is in the business of providing peace of mind, particularly during challenging times,” said David Porter, senior vice president of Customer Excellence at Vivint. “Customer obsession is a core company value at Vivint. This award recognizes our commitment to provide our customers the highest levels of service and support as we protect their homes and families.”

About the Author

Ralph C. Jensen is the Publisher/Editor in chief of Security Today magazine.

Featured

  • New Report Reveals Top Trends Transforming Access Controller Technology

    Mercury Security, a provider in access control hardware and open platform solutions, has published its Trends in Access Controllers Report, based on a survey of over 450 security professionals across North America and Europe. The findings highlight the controller’s vital role in a physical access control system (PACS), where the device not only enforces access policies but also connects with readers to verify user credentials—ranging from ID badges to biometrics and mobile identities. With 72% of respondents identifying the controller as a critical or important factor in PACS design, the report underscores how the choice of controller platform has become a strategic decision for today’s security leaders. Read Now

  • Overwhelming Majority of CISOs Anticipate Surge in Cyber Attacks Over the Next Three Years

    An overwhelming 98% of chief information security officers (CISOs) expect a surge in cyber attacks over the next three years as organizations face an increasingly complex and artificial intelligence (AI)-driven digital threat landscape. This is according to new research conducted among 300 CISOs, chief information officers (CIOs), and senior IT professionals by CSC1, the leading provider of enterprise-class domain and domain name system (DNS) security. Read Now

  • ASIS International Introduces New ANSI-Approved Investigations Standard

    • Guard Services
  • Cloud Security Alliance Brings AI-Assisted Auditing to Cloud Computing

    The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing environment, today introduced an innovative addition to its suite of Security, Trust, Assurance and Risk (STAR) Registry assessments with the launch of Valid-AI-ted, an AI-powered, automated validation system. The new tool provides an automated quality check of assurance information of STAR Level 1 self-assessments using state-of-the-art LLM technology. Read Now

  • Report: Nearly 1 in 5 Healthcare Leaders Say Cyberattacks Have Impacted Patient Care

    Omega Systems, a provider of managed IT and security services, today released new research that reveals the growing impact of cybersecurity challenges on leading healthcare organizations and patient safety. According to the 2025 Healthcare IT Landscape Report, 19% of healthcare leaders say a cyberattack has already disrupted patient care, and more than half (52%) believe a fatal cyber-related incident is inevitable within the next five years. Read Now

New Products

  • Connect ONE’s powerful cloud-hosted management platform provides the means to tailor lockdowns and emergency mass notifications throughout a facility – while simultaneously alerting occupants to hazards or next steps, like evacuation.

    Connect ONE®

    Connect ONE’s powerful cloud-hosted management platform provides the means to tailor lockdowns and emergency mass notifications throughout a facility – while simultaneously alerting occupants to hazards or next steps, like evacuation.

  • Unified VMS

    AxxonSoft introduces version 2.0 of the Axxon One VMS. The new release features integrations with various physical security systems, making Axxon One a unified VMS. Other enhancements include new AI video analytics and intelligent search functions, hardened cybersecurity, usability and performance improvements, and expanded cloud capabilities

  • Camden CM-221 Series Switches

    Camden CM-221 Series Switches

    Camden Door Controls is pleased to announce that, in response to soaring customer demand, it has expanded its range of ValueWave™ no-touch switches to include a narrow (slimline) version with manual override. This override button is designed to provide additional assurance that the request to exit switch will open a door, even if the no-touch sensor fails to operate. This new slimline switch also features a heavy gauge stainless steel faceplate, a red/green illuminated light ring, and is IP65 rated, making it ideal for indoor or outdoor use as part of an automatic door or access control system. ValueWave™ no-touch switches are designed for easy installation and trouble-free service in high traffic applications. In addition to this narrow version, the CM-221 & CM-222 Series switches are available in a range of other models with single and double gang heavy-gauge stainless steel faceplates and include illuminated light rings.