This post contains references to products from one or more of our advertisers. We may receive compensation when you click on links to those products. For an explanation of our Advertising Policy, visit this page.
After a wild year of Equifax recovering from its massive data breach, which exposed personal information of millions of Americans, a new credit reporting bureau is in hot water.
A report by NerdWallet has revealed a serious flaw in Experian’s security system, which was supposed to protect the pins of customers who wanted to unfreeze their credit reports.
Experian explains what a credit freeze is on its website, but issues in its own system allow criminals to do exactly what the company says a credit freeze is supposed to prevent in the first place:
“A security freeze will prevent potential lenders from accessing your credit report, stopping a thief from opening an account or getting credit—even if they have your personal information,” Experian writes.
Experian’s system issued consumers a PIN to access their frozen credit reports. However, if a consumer forgot their pin and wanted to retrieve it, they had to answer a set of security questions. Anyone could potentially access your report because Experian would accept a blanket “None of the above” answer to these questions.
Once someone had access to an account they could unfreeze the credit report and start to open credit cards in customers’ names — pending other personal details like social security number and date of birth.
“This means that even if you had taken the step to freeze your Experian credit report, an identity thief could have unfrozen it and still tried to open a credit account in your name,” Mike Litt, a director for consumer group PIRG, told Yahoo Finance.
Experian confirmed the loophole did exist.
“While we are confident that our authentication is secure and no credit files are at risk, we have taken additional steps to make the process more secure,” Experian said in a statement. “We continue to regularly monitor our systems, taking immediate action when warranted to strengthen data security.”
Many consumers took advantage of credit freezes in the wake of the Equifax breach in hopes of protecting their identity and credit score. The Equifax breach exposed more than 148 million Americans’ personal data including their social security number, address and more.
Since a credit freeze may not even protect your information it’s important to routinely check your credit report to ensure that no new accounts have been opened in your name. A slew of banks like Chase, Citi and Capital One allow you to check your credit score for free through their websites.
Featured image by i_frontier / Getty Images.
With some great bonus categories, the American Express Gold Card has a lot going for it. The card offers 4x points at US restaurants, at US supermarkets (up to $25,000; then 1x), and 3x points on flights booked directly with airlines or through amextravel.com. It is currently offering a welcome bonus of 35,000 bonus points after you spend $2,000 in the first three months.
- Earn 35,000 Membership Rewards® Points after you spend $2,000 on eligible purchases with your new Card within the first 3 months.
- Earn 4X Membership Rewards® points at U.S. restaurants. Earn 4X Membership Rewards® points at U.S. supermarkets (on up to $25,000 per year in purchases, then 1X).
- Earn 3X Membership Rewards® points on flights booked directly with airlines or on amextravel.com.
- Earn up to $10 in statement credits monthly when you pay with The Gold Card at Grubhub, Seamless, The Cheesecake Factory, Shake Shack, and Ruth's Chris Steak House. This is an annual savings of up to $120. Enrollment required.
- $100 Airline Fee Credit: up to $100 in statement credits per calendar year for incidental fees at one selected qualifying airline.
- Choose to carry a balance with interest on eligible charges of $100 or more.
- No Foreign Transaction Fees.
- Annual Fee is $250.
- Terms apply.
- See Rates & Fees