Tag Archives: Experian

White Lodging Confirms Second Breach

April 13, 2015

In February 2015, KrebsOnSecurity reported that for the second time in a year, multiple financial institutions were complaining of fraud on customer credit and debit cards that were all recently used at a string of hotel properties run by hotel franchise firm White Lodging Services Corporation. The company said at the time that it had no evidence of a new breach, but last week White Lodging finally acknowledged a “suspected” breach of point-of-sale systems at 10 locations.

Convicted Tax Fraudster & Fugitive Caught

March 19, 2015

44 Comments

Lance Ealy, an Ohio man who fled home confinement last year just prior to his conviction on charges of filing phony tax refund requests on more than 150 Americans, was apprehended in a pre-dawn raid by federal marshals in Atlanta on… Read More »

Premera Blue Cross Breach Exposes Financial, Medical Records

March 17, 2015

58 Comments

Premera Blue Cross, a major provider of health care services, disclosed today that an intrusion into its network may have resulted in the breach of financial and medical records of 11 million customers. Although the company isn’t saying so just yet, there are independent indicators that this intrusion is once again the work of state-sponsored espionage groups based in China.

The Rise in State Tax Refund Fraud

February 17, 2015

72 Comments

Scam artists stole billions of dollars last year from the U.S. Treasury by filing phony federal tax refund requests on millions of Americans. But as Uncle Sam has made this type of fraud harder for thieves to profit from, the crooks have massively shifted their focus to conducting refund fraud at the state level. Or at least according to Intuit Inc., the makers of TurboTax: The company says it believes that shift is responsible for a whopping 3700 percent increase in fraudulent state tax refund filings this year in some states.

Toward a Breach Canary for Data Brokers

December 8, 2014

53 Comments

When a retailer’s credit card systems get breached by hackers, banks usually can tell which merchant got hacked soon after those card accounts become available for purchase at underground cybercrime shops. But when commercial data brokers get hacked or are tricked into giving consumers’ data to identity thieves, there is no easy way to tell who leaked the information when it ends up for sale in the black market. In this post, we’ll examine one idea to hold consumer data brokers more accountable.

ID Theft Service Customer Gets 27 Months

October 1, 2014

58 Comments

A Florida man was sentenced today to 27 months in prison for trying to purchase Social Security numbers and other data from an identity theft service that pulled consumer records from a subsidiary of credit bureau Experian.

An Allegation of Harm

April 21, 2014

97 Comments

In December 2013, an executive from big-three credit reporting bureau Experian told Congress that the company was not aware of any consumers who had been harmed by an incident in which a business unit of Experian sold consumer records directly to an online identity theft service for nearly 10 months. This blog post examines the harm allegedly caused to consumers by just one of the 1,300 customers of that ID theft service — an Ohio man the government claims used the data to file fraudulent tax returns on dozens of Americans last year.

U.S. States Investigating Breach at Experian

April 3, 2014

59 Comments

An exclusive KrebsOnSecurity investigation detailing how a unit of credit bureau Experian ended up selling consumer records to an identity theft service in the cybercrime underground has prompted a multi-state investigation by several attorneys general, according to wire reports.

Are Credit Monitoring Services Worth It?

March 19, 2014

146 Comments

In the wake of one data breach after another, millions of Americans each year are offered credit monitoring services that promise to shield them from identity thieves. Although these services can help true victims step out from beneath the shadow of ID theft, the sad truth is that most services offer little in the way of real preventative protection against the fastest-growing crime in America.

Experian Lapse Allowed ID Theft Service Access to 200 Million Consumer Records

March 10, 2014

108 Comments

In October 2013, KrebsOnSecurity published an exclusive story detailing how a Vietnamese man running an online identity theft service bought personal and financial records on Americans directly from a company owned by Experian, one of the three major U.S. credit bureaus. Today’s story looks deeper at the damage wrought in this colossal misstep by one of the nation’s largest data brokers.