Brian Krebs reports:
A class action lawsuit has been filed against big-three consumer credit bureau Experian over reports that the company did little to prevent identity thieves from hijacking consumer accounts. The legal filing cites liberally from an investigation KrebsOnSecurity published in July, which found that identity thieves were able to assume control over existing Experian accounts simply by signing up for new accounts using the victim’s personal information and a different email address.
Read more at KrebsOnSecurity.
Krebs helpfully uploaded the complaint in Hopgood v. Experian here (pdf).