Skip to comments.Experian Lapse Allowed ID Theft Service Access to 200 Million Consumer Records
Posted on 03/13/2014 11:36:10 AM PDT by aimhigh
In October 2013, KrebsOnSecurity published an exclusive story detailing how a Vietnamese man running an online identity theft service bought personal and financial records on Americans directly from a company owned by Experian, one of the three major U.S. credit bureaus. Todays story looks deeper at the damage wrought in this colossal misstep by one of the nations largest data brokers.
Last week, Hieu Minh Ngo, a 24-year-old Vietnamese national, pleaded guilty to running an identity theft service out of his home in Vietnam. Ngo was arrested last year in Guam by U.S. Secret Service agents after he was lured into visiting the U.S. territory to consummate a business deal with a man he believed could deliver huge volumes of consumers personal and financial data for resale.
But according to prosecutors, Ngo had already struck deals with one of the worlds biggest data brokers: Experian. Court records just released last week show that Ngo tricked an Experian subsidiary into giving him direct access to personal and financial data on more than 200 million Americans.
(Excerpt) Read more at krebsonsecurity.com ...
I signed up for LifeLock just before doing my taxes earlier this year. I’m very happy I did.
That must be how Experian drained my bank account, which resulted in my rent check bouncing.
The bank not only refunded the unauthorized charges made on the account, it refunded the NSF fee as well.
Experian was blocked from debiting my account in the future and my debit card was also changed by the bank as a further precaution.
I know for a fact I personally NEVER ordered a credit monitoring service from them.
ID theft is a service?
The irony is this company is a credit reporting bureau and it couldn’t keep customers’ financial records safe.
Its carelessness resulted in harm to millions of people and I suspect I’m not the only victim of the breach of their records.
200 million is a lot
Both you and me are probably in there.
I have never used nor needed a credit reporting agency, but our almighty govt. forces my data into their databases, i.e. the laws that allow for it. I cannot tell my credit card companies to stop reporting and I have no right over my personal data.
Last month, my Discover Card statement included, unasked, my FICO score, which is quite high. Their explanation (sic) was so that I could use it to make *good* financial decisions. Given my score in the mid-800s, it would seem that I already make good financial decisions.
Point being: we do not have to request a credit monitoring report. It is already provided to our creditors.
This article seems to indicate there is no such thing as safe data.
These big brother like outfits think they can control us. I got furious with Amazon a year ago and closed my online usage of Amazon. It started one day when I was just shopping at the Amazon site. No purchase or checkout on my screen. Amazon flaunted my cashback earnings from my Discover account and I was floored. I had never authorized that, not knowingly. These ‘sleep with each other’ dealings between big box businesses are the biggest risks to data security.
IIRC, if you have Discover as an authorized card on Amazon, you can use your Discover points when shopping there.
Never had any Discover account info ever pop up, even at checkout. In fact, I _think_ I have had to go to *my account* and enable all the login security in order to even check my Amazon points, gift card balance or my Discover Cashback myself.
I use the Discover for small purchases and the Cashback is pretty low. Once a year, I apply it to any outstanding balance.
Lately, my Amazon purchases have been free promotions for Kindle ebooks. I still have some $ on a Kindle gift card from January, so I have been chipping on that, rather than spend anything more. I sub to BookBub, which every day sends me 1-4 Kindle titles in my preferred genres that are free or under $2.