FTC warns companies to mitigate Log4j vulnerability

The US Federal Trade Commission (FTC) has warned that companies could face legal action if they fail to protect consumers from the Log4j vulnerability or similar issues. The FTC stated that firms have a legal duty to mitigate known software vulnerabilities under the FTC Act and the Gramm Leach Bliley Act. The statement, made in a blog post, referenced the Equifax data breach of 2017 to emphasise the consequences of software neglect.