Credit reports stolen from Experian after bank hacked
Last year, 847 credit reports were stolen from agency Experian after a Texas bank was hacked and its account hijacked
In September last year, 847 credit reports on US citizens were stolen from credit reference agency Experian after a bank in Texas was hacked.
According to the Bloomberg news agency, hackers accessed an employee PC at Abilene Telco Federal Credit Union. That PC had access to Experian's credit reports, so the hackers were able to steal the information through a legitimate account.
The breach was one of many revealed following investigations by privacy advocate 'Dissent Doe' and other contributors to the DataLossDB.org website. Experian had informed the Attorney General of the breach when it happened, and 'Dissent Doe' later found out the details of this breach and more through a Freedom of Information Act request.
By compromising third parties, hackers were able to steal more than 17,000 credit reports since 2006, Bloomberg claims, 15,500 of which came from Experian.
In a statement, Experian underscored that the breach did not relate to a failing of its own security systems. “The story reported in Bloomberg yesterday primarily relates to isolated security issues experienced by a few of our US clients in North America – not an attack on our systems in North America," is said.
"We use sophisticated security systems that help monitor and detect anomalies in system access by our clients. If an irregular activity is detected, it is then escalated for further investigation.
"In the case relating to Abilene Telco, our security system quickly alerted them and subsequently the 702 consumers [the number of consumers affected by the 847 stolen reports] to the suspicious activity and ensured that the unauthorised access was disabled.
"As our action shows, our first priority – regardless of the source – is to always protect our clients and consumers from identity theft and our policy is to proactively notify consumers who may have been the victims of criminals trying to illegally obtain consumer information.”
Speaking to Information Age last year, Experian's then-CIO Jim Fitzpatrick said that compliance with privacy laws was "fundamental to our credibility in the market place".