1. Select a discrete app icon.
notes
Life Unlocked
LifeLock responds to claims that abusers opened fake accounts to stalk their victims
- Jan 08, 2018
At a recent women’s conference in Phoenix, Ariz., Erin Brockovich was one of the featured speakers—you know, the woman made famous when Julia Roberts portrayed her life story in the 2000 Academy Award-winning film Erin Brockovich.
Brockovich was there to talk about how women can overcome even the toughest of situations. “We have to learn to persevere when we want to give up,” she said.
During the Q&A that followed, Suzanna Quintana, 49, raised her hand. She had a story to tell about persevering. She had been stalked by her abusive ex-husband, she said, for two years, maybe longer—she couldn’t be exactly certain when it started, or even if it was over. In part, he had used the identity theft protection company, LifeLock to do so.
Quintana had explored every avenue to get him to stop—the police, the court system, anyone at LifeLock who would listen. It seemed no one was overly concerned. Brockovich nodded with understanding. Quintana’s story ran parallel to the very thing Brockovich had spent the last two decades fighting—big companies that thought they were immune to the law because they had better lawyers, more money and more power.
“I’ll give you my email address. We’ll talk,” Brockovich told Quintana. We, too, wanted to talk, so DomesticShelters.org reached out to Quintana and asked if she would share her story.
From Wealth to An Allowance
In 2012, after 13 years of emotional, mental and financial abuse at the hands of her husband, Quintana left her Wyoming home with her two youngest sons, ages 9 and 12 and moved to Arizona and in with her mother. The couple also had a 19-year-old away at college. Quintana left under the pretense that she was relocating out West for its better schools. It was a half-truth. She says she couldn’t yet admit she was a victim of domestic violence.
“You think you’re immune to [domestic violence] because you’re wealthy,” she says. The couple lived in a 10,000 square foot house on 10 acres and owned several businesses together. “I used to berate myself because of the stigma of this. When you get out of abuse, the first question people always ask is, ‘Why did you stay?’ I was educated, a business owner. But, more importantly, I always considered myself a woman who wouldn’t take sh*t.”
The couple ended up divorcing, a process that Quintana says cost her almost $40,000, which she either borrowed from her parents or put on credit cards because her husband controlled their finances. She maxed out credit cards to afford basic necessities for her and her children.
“During the divorce, he would send me an allowance—or what he thought was appropriate—that wasn’t even enough to live on.” Quintana at one point told her husband it wasn’t fair that he was controlling the finances, to which he replied “You shouldn’t have left me then.”
She tried to open her own credit card. Her husband intercepted the card, impersonated her to the credit card company and was able to close the account. The move was foreshadowing.
A Sinister Discovery
By the spring of 2015, Quintana says she was beginning to heal. “I was taking steps forward every day to establish a new life.” But her ex had other ideas.
“My son was in Wyoming visiting his dad for spring break. He was using his dad’s computer when he came across a spreadsheet,” she says. Her son, suspecting it was something insidious, sent it to his mom. When she opened it, Quintana’s jaw hit the floor. The five-page document detailed every account she had—from email to social media to bank accounts—listing her username and password for each. It included the password to her phone records, her parents’ license plate numbers, even her computer log-on password. The list went on and on, each item more intrusive and unbelievable than the last.
Quintana had suspected her husband would continue to be controlling and obsessive when she left him because of previous incidents, like when she was still living with him and found out he had been recording her phone conversations on their landline. She had opened up all new accounts after their divorce and made “crazy, asinine passwords.” She had created aliases for answering security questions on bank accounts. Even created a new email she was sure he could never guess. He had them all.
Then, she noticed information about two LifeLock accounts—one was in his name and one in hers.
“He had been tracking my financial activity and I wasn’t even aware of it,” she says. She would later discover he needed only her social security number to open the account which he did using his credit card and his Wyoming address even though the account was in Quintana’s name. He set up alerts from LifeLock to be sent to his address. He was able to see when she got a new cell phone, applied for a car loan or changed her address with her bank.
“The worst part of it all was that if my son hadn’t found this spreadsheet with all my information, I would never have known I was being cyberstalked in such a drastic way,” Quintana says.
She contacted LifeLock, but says the multi-million dollar company was initially unhelpful. “I told them I had an emergency order of protection [against her ex] and that he had stolen my identity. I was dismissed. They suggested closing the account and opening a new account so ‘they could protect me.’” Quintana laughs about that now.
She filed a police report. She didn’t want LifeLock to immediately close the account because she thought investigators might need the information for evidence. She also didn’t want to tip off her ex. “I was afraid he would destroy the evidence on his computer,” she says.
Donate and change a life
Your support gives hope and help to victims of domestic violence every day.
She took screenshots of everything in her account. Within a week, she changed her account name and password so her ex couldn’t access it anymore. Automatically, LifeLock sent an alert to her abuser. He closed the account. The company told Quintana she could now no longer access her own information even though she tried to explain it had been her husband who closed it.
Eventually, Arizona police transferred the cyberstalking case to Wyoming where her abuser lived. Once the case was accepted by the County Attorney’s office, the prosecuting attorney made no effort to even get a search warrant for her ex’s computer, and also never contacted any witnesses, such as LifeLock, who Quintana says tried several times to get in contact and were more than willing to help her case and hold her abuser accountable for his crimes.
“Because of the actions—or lack of—by the County Attorney’s office, a year later my ex got off with a slap on the wrist and a fine of less than $200,” says Quintana.
How Could This Happen?
This wasn’t the company’s first time being accused of doing the opposite of providing protection. In a 2010 settlement, LifeLock agreed to pay $11 million to the Federal Trade Commission and $1 million collectively to 35 state attorney generals in response to claims that the company used false claims in its advertising, overpromising its service could protect consumers. The FTC alleged LifeLock’s protections were not nearly as robust as promised, and that sensitive client data was “vulnerable and could have been exploited by those seeking access to customer information.”
LifeLock boasts on their homepage, “We see the identity threats you could miss.” However, Kristi Bonfiglio, legal counsel for the company, told DomesticShelters, “Just as no one can prevent identity theft, the same applies in a situation where a domestic partner or family member has a victim’s personal information and past passwords and is intent on doing harm.”
Quintana’s story got the attention of the press—her story was on the front page of The Arizona Republic before national media picked it up. It was enough to make LifeLock pay attention. Without admitting wrongdoing, LifeLock made a public apology to Quintana and said they would pay her attorney fees. As of this writing, Quintana says “I’ve resolved issues pertaining to my case with LifeLock and they have fulfilled their obligation to me.”
As for the future with LifeLock, “I’ve agreed to work with LifeLock on further efforts relating to the problem of identity theft by domestic partners,” Quintana says, hoping that she can help prevent what happened to her from happening to anyone else.
Another Victim Steps Forward
Greyden Smith says it’s easier to get a LifeLock account in someone else’s name than it is to renew your library card. She knows because she tried to do just that recently—renew her library card. They told her she needed to come in and talk to a library supervisor.
“I said I couldn’t have my new address out there,” says Smith, a victim of cyberstalking for the past three years. “They extended my card for a month, but I have to go in. I have to show photo ID and prove this is me. With a LifeLock account, you don’t even need an ID.”
Bonfiglio didn’t address Greyden’s claim directly in her statement on behalf of the company, but did say, “The authentication process for enrollment uses non-public information from trusted third party sources, such as financial institutions and credit bureaus, to identify whether the person is who they say they are. Additionally, personal information, such as name, date of birth, Social Security number and credit card information, is supplied by the applicant and required for enrollment.”
Smith says a male family member used a fake LifeLock account in her name for years in order to keep tabs on Smith and generally terrorize her. LifeLock wouldn’t help her and police said she didn’t have enough proof of a crime. Her own family didn’t believe her. She says she started to feel like she was losing herself and become increasingly isolated as a result.
That is, until she saw Suzanna’s story in the press and reached out. The two connected and have been advocating for change together since.
“Connecting with Suzanna helped me move forward. It reminded me who I was,” says Smith who self-published a manual for others finding themselves in the midst of cyberstalking. Dismissing the word victim, she refers to those who have been cyberstalked as “targets.” Cyber-Abuse: The Target Handbook 2017 is “written for targets, by a target. Its purpose is to offer targets a chance to assess and redirect their circumstances before their lives become unmanageable,” Smith says.
As for any changes LifeLock plans to make in light of Quintana’s and Smith’s cases, Bonfiglio says the company has “conducted training designed to sensitize agents to the issues presented by domestic abuse and how to respond to a caller’s concerns and to escalate the issue for handling. We work regularly with law enforcement and aid in investigations in connection with a member’s stolen identity event.”
She adds, “LifeLock is continually working to enhance our product offerings and to add new technologies as they become available for the security of our members’ personal information.”
Read more about the way abusers can harass survivors using technology in “Abusers Go Online.”