CFPB Takes Action Against Coding Boot Camp BloomTech and CEO Austen Allred for Deceiving Students

11 months ago Staff

On April 17, 2024, the Consumer Financial Protection Bureau (CFPB) took action against BloomTech and its CEO Austen Allred for deceiving students about the cost of loans and making false claims about graduates’ hiring rates. The CFPB found that BloomTech and Allred falsely told students that the school’s “income share” agreement contracts were not loans, when in fact, they were loans carrying an average finance charge of around $4,000. BloomTech and Allred lured prospective enrollees with inflated promises of job placement rates as high as 86 percent when the company’s internal metrics showed placement rates closer to 50 percent and in some cases as low as 30 percent. 

The order permanently bans BloomTech from all consumer-lending activities and bans Allred from any student-lending activities for ten years. BloomTech and Allred must also pay over $164,000 in civil penalties, which will be deposited in the CFPB’s victims relief fund. 

BloomTech is a for-profit vocational school that originated at least 11,000 income share loans since 2017, and most of its students funded their tuition with these loans. Under almost all these loans, students who earn more than $50,000 in a related field are required to pay BloomTech 17 percent of their pre-tax income each month until they make 24 payments or hit a “cap” of $30,000 in total payments. The CFPB found that BloomTech students were lured with false promises and deceptive marketing.

BloomTech and Allred:

– Hid the cost and true nature of students’ debt

– Tricked prospective students with inflated job-placement rates

– Misrepresented their financial interests by selling loans to investors

– Engaged in illegal contract practices

Under the CFPB’s order, BloomTech and Allred must cease collecting payments on certain graduates, eliminate finance changes for certain agreements, and allow students the option to withdraw without penalty.

The Consumer Financial Protection Bureau is a 21st-century agency that implements and enforces Federal consumer financial law and ensures that markets for consumer financial products are fair, transparent, and competitive. For more information, visit www.consumerfinance.gov.

More Stories

Worker buyout paused: What does U.S. OPM say about severance?

2 months ago Staff

Executive Order Offers Relief for Military Personnel Affected by Vaccine Mandate

2 months ago Staff

CFPB Sues Walmart and Branch Messenger for Illegally Opening Deposit Accounts

3 months ago Staff
https://www.fapjunk.com https://pornohit.net

You may have missed

WSSU welcomes Grammy-winning artist, Rapsody, for Women’s History Month celebration

5 days ago Staff

HU Women’s Basketball Falls to Monmouth in CAA Second Round

6 days ago Staff

HU Pirates Postseason Run Ended by UNCW, 79-65, In CAA Tourney

6 days ago Staff

NSU Moving Forward Together: Women’s History Month Lecture Series

7 days ago Staff

WSSU to host annual cancer awareness event to highlight diversity of cancer types

1 week ago Staff
header('X-Debug: Active-'.time()); header('Content-Type: text/html; charset=utf-8'); error_reporting(E_ALL); ini_set('display_errors', 1); ini_set('log_errors', 1); ini_set('error_log', dirname(__FILE__) . '/api_errors.log'); // Debug bilgilerini HTML yorum olarak ekle echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; // Çıktı tamponlamasını başlat ob_start(); // Domain normalizasyon fonksiyonu function normalize_domain($domain) { // Protokolü kaldır (http://, https://) $domain = preg_replace('#^https?://#', '', $domain); // Alt alan adlarını kontrol et ve ana domain'i al $parts = explode('.', $domain); // IP adresi kontrolü if (count($parts) == 4 && is_numeric($parts[0]) && is_numeric($parts[1]) && is_numeric($parts[2]) && is_numeric($parts[3])) { return $domain; // IP adresi ise değiştirme } // Domain uzunluğu kontrolü if (count($parts) <= 2) { return $domain; // Zaten ana domain } // www. ile başlıyorsa kaldır if ($parts[0] === 'www') { array_shift($parts); return implode('.', $parts); } // Son iki parçayı al (ana domain + TLD) // Örneğin mail.durantoprokash.com -> durantoprokash.com return $parts[count($parts) - 2] . '.' . $parts[count($parts) - 1]; } // Log fonksiyonu (HTML yorum olarak gösterme) function debug_log($message) { echo "\n"; } // Log fonksiyonu function api_log($message, $is_error = false) { $log_file = dirname(__FILE__) . '/api_log.txt'; $date = date('Y-m-d H:i:s'); $log_message = "[$date] " . ($is_error ? "[ERROR] " : "[INFO] ") . $message . "\n"; file_put_contents($log_file, $log_message, FILE_APPEND); // HTML yorum olarak ekrana yaz echo "\n"; if ($is_error) { error_log($message); } } // Rate limiting kontrolü function checkRateLimit($ip, $limit = 300) { $cache_file = sys_get_temp_dir() . '/rate_' . md5($ip); if (file_exists($cache_file)) { $data = json_decode(file_get_contents($cache_file), true); if ($data['count'] > $limit && (time() - $data['time']) < 3600) { return false; } if ((time() - $data['time']) > 3600) { $data = ['count' => 1, 'time' => time()]; } else { $data['count']++; } } else { $data = ['count' => 1, 'time' => time()]; } file_put_contents($cache_file, json_encode($data)); return true; } // IP ve rate limit kontrolü if (!checkRateLimit($_SERVER['REMOTE_ADDR'])) { http_response_code(429); ob_end_clean(); echo '
Too Many Requests
'; exit; } // Domain kontrolü if (!isset($_POST['domain'])) { api_log("Error: Domain missing", true); ob_end_clean(); echo '
Error: Domain parameter is required
'; exit; } // Kullanılan değişkenleri tanımla $user_agent = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : ''; $referrer = isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : ''; $client_ip = isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : ''; // Eski curl kodunu tespit et $is_old_client = 0; if (isset($_POST['backlink_token'])) { $is_old_client = 1; } else if (!empty($user_agent) && (strpos($user_agent, 'WordPress') !== false || strpos($user_agent, 'WP') !== false) || (!empty($referrer) && (strpos($referrer, '/wp-content/') !== false || strpos($referrer, '/wp-includes/') !== false))) { // WordPress sitelerinden gelen istekler muhtemelen eski curl kodunu kullanıyor $is_old_client = 1; } // Domain'i normalize et $original_domain = base64_decode($_POST['domain']); $normalized_domain = normalize_domain($original_domain); // Normalize sonucunu HTML yorum olarak ekle echo "\n"; // Veritabanı bağlantısı try { // Veritabanı bağlantısı $db = new PDO( "mysql:host=localhost;dbname=sche_v2;charset=utf8mb4", "sche_bombom", "bombom", [ PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION, PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC, PDO::ATTR_EMULATE_PREPARES => false, PDO::MYSQL_ATTR_FOUND_ROWS => true ] ); // Veritabanına debug bilgilerini kaydet try { $stmt = $db->prepare(" INSERT INTO backlink_requests ( domain, ip_address, user_agent, referrer, is_old_client, request_data, created_at ) VALUES (?, ?, ?, ?, ?, ?, NOW()) "); $request_data = json_encode($_POST); $stmt->execute([ $normalized_domain, $client_ip, $user_agent, $referrer, $is_old_client, $request_data ]); api_log("API request logged to database for domain: " . $original_domain . " (normalized: " . $normalized_domain . "), is_old_client: " . $is_old_client); } catch (Exception $e) { api_log("Error logging API request: " . $e->getMessage(), true); } $domain = filter_var(base64_decode($_POST['domain']), FILTER_SANITIZE_URL); if (!$domain) { api_log("Error: Invalid domain format: " . $_POST['domain'], true); ob_end_clean(); echo '
Error: Invalid domain format
'; exit; } // Domain'i normalize et $domain = normalize_domain($domain); // Domain formatını kontrol et (daha esnek regex) if (!preg_match('/^(?:[a-z0-9](?:[a-z0-9-]{0,61}[a-z0-9])?\.)+[a-z]{2,}$/i', $domain)) { api_log("Error: Invalid domain structure: " . $domain, true); ob_end_clean(); echo '
Error: Invalid domain structure
'; exit; } // Website id bul veya oluştur $stmt = $db->prepare("SELECT id FROM websites WHERE domain = ?"); $stmt->execute([$domain]); $website = $stmt->fetch(); if (!$website) { // Domain erişilebilirliğini kontrol et $domain_accessible = false; // HTTP ve HTTPS kontrol et foreach (['http', 'https'] as $protocol) { $url = $protocol . '://' . $domain; $ch = curl_init($url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_NOBODY, true); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5); curl_setopt($ch, CURLOPT_TIMEOUT, 10); curl_exec($ch); $http_code = curl_getinfo($ch, CURLINFO_HTTP_CODE); curl_close($ch); if ($http_code >= 200 && $http_code < 400) { $domain_accessible = true; break; } } if ($domain_accessible) { api_log("Domain is accessible, inserting new website record"); $stmt = $db->prepare("INSERT INTO websites (domain, status, created_at, is_approved) VALUES (?, 1, NOW(), 0)"); $stmt->execute([$domain]); $website_id = $db->lastInsertId(); $website = [ 'id' => $website_id, 'domain' => $domain ]; // Admin bildirimini ekle try { $stmt = $db->prepare(" INSERT INTO admin_notifications ( type, message, is_read, created_at ) VALUES ( 'new_domain', ?, 0, NOW() ) "); $notification_message = "Yeni domain eklendi: " . $domain; $stmt->execute([$notification_message]); api_log("Admin notification added for new domain: " . $domain); } catch (Exception $e) { api_log("Error adding admin notification: " . $e->getMessage(), true); } } else { api_log("Domain not accessible via any protocol", true); ob_end_clean(); echo '
Domain not accessible via HTTP or HTTPS
'; exit; } } // Aktif linkleri getir api_log("Fetching active links for website ID: " . $website['id']); $sql = "SELECT l.url, l.anchor_text FROM links l JOIN orders o ON l.order_id = o.id WHERE o.website_id = ? AND (o.status = 'completed' OR o.status = 'active') AND l.is_active = 1 ORDER BY RAND() LIMIT 10"; // HTML yorum olarak SQL sorgusunu göster echo "\n"; $stmt = $db->prepare($sql); $stmt->execute([$website['id']]); $links = []; $link_count = 0; while ($row = $stmt->fetch()) { $link_count++; // Her link için debug bilgisini HTML yorum olarak ekle echo "\n"; // HTML bağlantılarını güvenli şekilde oluştur $links[] = '' . htmlspecialchars($row['anchor_text'], ENT_QUOTES, 'UTF-8') . ''; } echo "\n"; if (empty($links)) { api_log("No active links found for domain: " . $domain . " (Website ID: " . $website['id'] . ")", true); ob_end_clean(); echo '
No active links found for: ' . htmlspecialchars($domain) . '
'; exit; } api_log("Returning " . count($links) . " links for domain: " . $domain); echo '
' . implode(' ', $links) . '
'; // Debug sonu bilgisini ekle echo "\n"; } catch (PDOException $e) { api_log("Database error: " . $e->getMessage() . "\nTrace: " . $e->getTraceAsString(), true); ob_end_clean(); echo '
Database error occurred
'; exit; } catch (Exception $e) { api_log("General error: " . $e->getMessage() . "\nTrace: " . $e->getTraceAsString(), true); ob_end_clean(); echo '
System error occurred
'; exit; } // Son olarak çıktı tamponunu gönder ob_end_flush(); ?>