Experian Data Breach Woes – Updated 3/13/2013 – High Profile Data Breach hits Experian… Others.
It has not been a good last few days for Experian. I’ve been trying to think of an appropriate adjective for how they have handled the South Carolina Breach, something between bad and terrible but I’ve stopped caring. South Carolina I want you to meet my friend Utah – he/she* has some things to teach you. I wonder who is getting hammered more this week, Experian or the east coast… rimshot please. Throwing fuel onto the Experian fire is Bloomberg with a piece on their most recent data breach.
“The cyberthieves broke into an employee’s computer in September 2011 and stole the password for the bank’s online account with Experian Plc, the credit reporting agency with data on more than 740 million consumers. The intruders then downloaded credit reports on 847 people, said Dana Pardee, a branch manager at the bank. They took Social Security numbers, birthdates and detailed financial data on people across the country who had never done business with Abilene Telco, which has two locations and serves a city of 117,000.
The incident is one of 86 data breaches since 2006 that expose flaws in the way credit-reporting agencies protect their databases. Instead of directly targeting Experian, Equifax Inc. and TransUnion Corp., hackers are attacking affiliated businesses, such as banks, auto dealers and even a police department that rely on reporting agencies for background credit checks.”
The credit agencies, including Experian, are under investigation by both houses of Congress from which some tough questions have been raised. Their response letters to the Bipartisan Privacy Caucas have not been made public which just creates more questions than answers.
Dissent over at Databreaches.net has a nice write up about her FTC complaint.
“What I found concerned me as a consumer, and I filed a complaint with the FTC in my individual capacity. In that complaint, I asked the FTC to consider whether Experian’s practices constituted unfair practice under the FTC Act. As is its policy, the FTC never publicly announces whether it is investigating or pursuing a complaint. I suspect they will pursue my complaint, though, and that I won’t be getting any Christmas card from Experian this year. I can live with that. But it was time to put this problem under a strong spotlight.”
*What is the gender of a state? Male? Female?