Experian Customers Unsafe as Hackers Steal Credit Report Data

[InfoSec News <alerts () infosecnews org>]

http://go.bloomberg.com/tech-blog/2012-10-29-experian-customers-unsafe-as-hackers-steal-credit-report-data/

By Jordan Robertson
Bloomberg
Oct. 29, 2012

When hackers broke into computers at Abilene Telco Federal Credit Union 
last year, they gained access to sensitive financial information on 
people from far beyond the bank’s home in west-central Texas.

The cyberthieves broke into an employee’s computer in September 2011 and 
stole the password for the bank’s online account with Experian Plc, the 
credit reporting agency with data on more than 740 million consumers. 
The intruders then downloaded credit reports on 847 people, said Dana 
Pardee, a branch manager at the bank. They took Social Security numbers, 
birthdates and detailed financial data on people across the country who 
had never done business with Abilene Telco, which has two locations and 
serves a city of 117,000.

The incident is one of 86 data breaches since 2006 that expose flaws in 
the way credit-reporting agencies protect their databases. Instead of 
directly targeting Experian, Equifax Inc. and TransUnion Corp., hackers 
are attacking affiliated businesses, such as banks, auto dealers and 
even a police department that rely on reporting agencies for background 
credit checks.

“This is profoundly important, because it illustrates a growing problem 
when it comes to data breaches and security –the chain is only as strong 
as its weakest link,” Senator Richard Blumenthal of Connecticut, a 
former attorney general who has investigated credit-rating agencies 
before, said in an interview. “If their customers have inadequate 
security practices, so do the credit bureaus.”

[...]

______________________________________________
Visit the InfoSec News Security Bookstore
Best Selling Security Books and More!
http://www.shopinfosecnews.org