The LifeLock Story: When Its CEO Published His Secret Number, and the Lessons Learned

In the world of marketing, some bold campaigns turn into legends, though not always in the way their creators intended. Perhaps the most famous example is the story of Todd Davis, CEO and co-founder of the American identity-theft protection company LifeLock. In a 2007 advertising campaign, Davis did something no one had dared to do: he published his real Social Security number on billboards, on trucks roaming New York, and in television and newspaper ads, under a message that LifeLock makes your personal information "useless to a criminal."

The message was simple and bold: here is my number in front of everyone, and yet I am safe, so imagine what the service can do for you. It seemed like marketing genius, but it became one of the most famous entrepreneurship lessons in how excessive confidence can backfire on its owner.

When the Spell Turned on the Magician

As soon as the number became publicly available, fraud attempts poured in. According to documented press coverage, Davis was a victim of identity theft at least 13 times between 2007 and 2008. The first incident was in 2007, when someone in Texas used his number to take out a 500-dollar loan that ended up with a debt collection agency. The attempts did not stop there; the number was used to open a cell phone account and to file driver's license applications under mocking fake names in some cases. Davis himself acknowledged there were dozens of total attempts, few of which succeeded and most of which failed.

The fatal irony was that the man who promised to protect your identity could not protect his own. The incidents thus undermined the core message the entire campaign was built on, and opened the door to doubting the effectiveness of the service from its foundation.

The Legal Chapter: A 12 Million Dollar Fine

The crisis was not only a marketing one. In 2010, the company settled with the US Federal Trade Commission (FTC) for 12 million dollars, after being accused of making misleading claims in its advertising about the level of protection it actually provided. That amounted to an official acknowledgment that the campaign's promises were greater than the service could fulfill, a costly lesson in the difference between "ambitious marketing" and "misleading claims."

The Surprise: The Company Did Not Die

Despite all this, LifeLock did not collapse. It continued and grew, until it was acquired by Symantec in 2017. This unexpected ending carries a lesson of its own: the strength of the brand and the awareness the campaign created, despite its dismal failure to prove its promise, made the LifeLock name synonymous with identity-theft protection in the public mind. Sometimes a campaign succeeds in "delivering the message" even as it fails to "prove the message."

Lessons Learned for Entrepreneurs and Marketers

The story is not just an anecdote, but a concentrated laboratory of several practical lessons:

First, do not make a promise that can be publicly disproven. The classic advertising rule says: do not build your campaign on a claim that reality can answer with "no." When you guarantee the impossible, you hand your opponents and critics a ready-made ruler to measure your failure.

Second, marketing boldness is no substitute for product robustness. An advertising stunt grabs attention, but it exposes the product rather than hiding it. If the product cannot withstand the challenge you raised yourself, the stunt becomes evidence against you.

Third, mixing the founder's personal confidence with the company's guarantees is a double risk. When Davis made his personal identity the face of the campaign, he tied his reputation to the product's reputation inextricably; every breach of his identity became a breach of the entire company's credibility.

Fourth, security is a probabilistic promise, not an absolute one. No service eliminates risk entirely; the most it offers is reducing the probability and speeding up resolution. The honest framing ("we reduce risk and remediate damage quickly") is sturdier than the absolute framing ("your information is useless to criminals").

Fifth, never voluntarily publish your sensitive data. This lesson is directed at every user, not just entrepreneurs. Even with the best protection, publicly publishing a sensitive number remains an open invitation to fraudsters. What the police said in commenting on the story was clear: do not handle your sensitive information this way.

Conclusion

The LifeLock story remains one of the most eloquent entrepreneurship examples that brilliant marketing is a double-edged sword. Davis wanted to prove his confidence in his product, but instead proved the fragility of any absolute promise in the world of security. The deeper lesson is not that boldness is a mistake, but that boldness must be built on a product that can deliver it, and on promises that reality can confirm rather than refute. Still, the company's survival and growth remind us that a resounding failure can turn, with wise later management, into a commercial awareness that is hard to buy with any budget.