On November 20, Experian notified the New Hampshire Attorney General’s Office of yet another breach involving the compromise of a client’s login credentials to their credit report database. The credentials were misused to obtain identity information on an unspecified number of consumers’ Social Security numbers, dates of birth, and/or account numbers.
In this case, the client whose credentials were compromised was Pacific Supply Company. The criminal access to Experian’s database occurred between November 6 and November 9, and Experian reports they detected and stopped the problem quickly. And as they have done in numerous other similar cases, they have blocked the login credentials, issued new ones, added access restrictions, and reported the matter to law enforcement.
And as it has also done in numerous similar cases, Experian offered affected consumers two years of complimentary enrollment in its own product, Experian ProtectMyID Elite.
For those keeping count: that’s now 108 breaches I’ve tabulated where client login credentials were misused to access the credit report database to steal consumers’ identity information.
When will the FTC do something?