It wouldn’t even show me the four multiple-guess questions. Hen I tried to get my report from Experian via, Experian’s website said it didn’t have enough information to validate my identity. From there, he was sent to Experian’s site for ID validation, where problems began to develop. He decided to take the reported breach for a spin, starting with a stop at. The data leak involves Experian’s verification process that is triggered by visitors to, the website through which Americans can access their federally mandated free credit reports.īrian Krebs was alerted to this leak by Jenya Kushnir, a Ukrainian security researcher who had come across the security hole while lurking on Telegram chat channels used by identity fraudsters. Compounding this is Experian’s ongoing disinterest in fulfilling its federal obligations to supply free credit reports. All that was needed was the person’s name, address, birthday and Social Security number.Īsking people to input the Big Four of PII to access their credit report via an online form is already careless. But until the end of 2022, Experian’s website allowed anyone to bypass these questions and go straight to the consumer’s report. Normally, Experian requires that those seeking a copy of their credit report successfully answer several multiple choice questions about their financial history. Identity thieves have been exploiting a glaring security weakness in the website of Experian, one of the big three consumer credit reporting bureaus. He’s on the leading edge of this one as well, which shows Experian hasn’t gotten any better at protecting the massive amount of personal info it obtains from millions of Americans who have zero say in the matter. Not only has it been fined multiple times for misleading people about access to free credit reports mandated by federal law, it was caught selling personal info to a Vietnamese fraudster who sold this illicitly obtained stash of PII to others.īrian Krebs was the one who broke that story in 2013. A few wrist slaps later and Equifax is still making millions while affected US residents are being asked to make do with $7.85.Įxperian has its own sordid history. The credit reporting agency knew of the breach as early as July but didn’t get around to notifying affected people for another couple of months. In 2017, Equifax leaked personal info pertaining to nearly half the nation (143 million people). They’re more than willing to just leave them exposed. The sad thing is, no one really needs to hack their databases. Data brokers like Experian and Equifax pose tempting targets for malicious hackers looking to find another source for personal info they can hawk online to other malicious people.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |