By Patrick Thomas

The New York attorney general's office said Friday it has reached a settlement with five companies accused of failing to keep sensitive information in their mobile apps secure.

The settlement with Western Union Co. (WU), Booking Holdings Inc.'s (BKNG) Priceline.com, Equifax Inc. (EFX), Spark Networks Inc. (LOV) and Credit Sesame Inc. requires each company to implement comprehensive security programs to protect user information.

The New York attorney general's office said the apps had a well-known security vulnerability that could have allowed information, such as passwords, social-security numbers, credit-card numbers and bank-account numbers, to be hacked. The companies also didn't test the apps for the flaw, according to the New York attorney general's office.

The apps allegedly failed to establish a secure connection to the internet and were susceptible to hackers using the same public WiFi in a coffee shop or at an airport, the New York attorney general's office said.

"Businesses that make security promises to their users, especially as it relates to personal information, have a duty to keep those promises," New York Attorney General Barbara Underwood said in a statement.

"The vulnerability mentioned was immediately remediated, and we have no evidence that consumer information was impacted as a result," an Equifax spokeswoman said.

A Priceline spokesman said the company fixed the issue shortly after it was identified and did not uncover evidence that any customer data was affected.

The other companies involved in the settlement didn't respond immediately to request for comment.

Write to Patrick Thomas at patrick.thomas@wsj.com

(END) Dow Jones Newswires

December 14, 2018 19:03 ET (00:03 GMT)

Copyright (c) 2018 Dow Jones & Company, Inc.
Equifax (NYSE:EFX)
Historical Stock Chart
From Mar 2024 to Apr 2024 Click Here for more Equifax Charts.
Equifax (NYSE:EFX)
Historical Stock Chart
From Apr 2023 to Apr 2024 Click Here for more Equifax Charts.