Wednesday, October 28, 2015

The Experian Experience

The other day I got a letter from the credit service Experian. They were writing to tell me that there may have been an unauthorized disclosure of my personal information.  On September 15, 2015 they discovered that an unauthorized party had accessed Experian servers. They immediately began to investigate what had happened. They also took additional security measures.

About a week later Experian notified the company maintain information for that a breach had taken place. The information the hackers got was essentially all of my information. No credit card or banking information was obtained. But everything else was.

The letter went on to say that they apologized for the incident. Then this line I found particularly amusing: We recognize that this issue can be frustrating, and we are taking steps to protect you and your personal information. Frustrating is not a word I would use to describe. Alarming because it happened. 
 
And just how reliable are the steps they are taking to protect you and your personal information. Seems to me that the cats out of the bag on that one. The horse has left the barn. Insert any other cliche you might like. The damage has been done. That Experian is sincerely apologizing for what happened doesn’t mitigate in any way shape or form that it happened.

My information is out there for anyone to use. Who needs any credit card information when they have all of my other pertinent information. They can use that to open as many credit card accounts they want.

I was a little pissed. Until I really read the letter more carefully.

The company that Experian said I had an account with I don’t have an account with at all.

It then occurred to me that maybe I’d open someone else’s mail. I made sure I found the envelope the letter had come in just in case I had to put it back in the mail. And it turns out I had opened some else’s mail. But well only sort of. It had another name but my address. I had to look at the address for a while and think yeah that’s my address. The had the zip plus four on the address as well.

I thought a little while as to what I should actually do at this point. Clearly Experian had gotten their information wrong. (Makes you really have faith in what they do. They can’t keep the information they have secure and they can’t seem to properly notify people that their information has been hacked.)

I decided I should call up Experian and let them know what happened.

First and foremost it took a really really long time to actual get a real human being to talk to. I did finally get someone. I explained what had happened. His response was oh then just throw the letter out. I asked him again and he said the same thing.

I was surprised to say the least. I had other things to do so I just hung up. 
 
But as I thought about it more; it made me angry. Experian had no interest in trying to find the person whose name appeared on the letter I received. It raised so many question. How was my addressed obtained in the first place? How many other people received letters the same way? The response certainly belies the tone of the letter that Experian is somehow concerned about the fact that sensitive personal information has been breached. 
 
I put a fraud alert on my credit that will alert merchants that my information might have been hacked. If you do it with one of the credit bureaus the information is passed on to the other two. Needless to say I did not go through Experian to this. 

In the future I will certainly think long and hard about doing any sort of business with Experian.

No comments: