Experian Sold Social Security Numbers To ID Theft Service 390
realized writes "Experian — one of the three national U.S. credit bureaus — reportedly sold SSNs through its subsidiary, Court Ventures, to the operators of SuperGet.info who then offered all of the information online for a price. The website would advertise having '99% to 100% of all USA' in their database on websites frequented by carders. Hieu Minh Ngo, the website owner, was recently been indicted for 15-counts filed under seal in November 2012, charging him with conspiracy to commit wire fraud, substantive wire fraud, conspiracy to commit identity fraud, substantive identity fraud, aggravated identity theft, conspiracy to commit access device fraud, and substantive access device fraud."
Re:And, who has the Obamacare ID validation contra (Score:2, Informative)
No, but he does make an interesting comparison. It is worth at least mentioning. Is it not? Last I read the contract was a no-bid(aka no competition) contract. Usually those are given to companies that are getting "special privledges" from those high in the political ranks.
Re:And when will Experian be charged? (Score:4, Informative)
Re:Probably a downmod coming but.. (Score:5, Informative)
WHAT THE FUCK!!!?!!!?
According to TFA, basically the company that Experian purchased had already been selling information to the notorious 24-year old cyber criminal. Once the company was purchased, Experian didn't review its own transactions closely enough and inadvertently sold our SSNs to the guy too. Monthly. The Secret Service found out, captured the 24-year old, and it's unknown if Experian, credit watchdog, will suffer for sleeping on the job.
I'm not sure who appointed Experian watchdog (though I'm certain someone on Slashdot will point out how ignorant I am for not knowing), but for a company with so much power over your own life in terms of credit, it would be nice if, with the power came some sort of responsibility -- and accountability. I suppose we'll need to off Experian's Uncle Ben to get our point across...
Experian one of the worst (Score:4, Informative)
My family and I were looking to move recently. Of course, we have to print out our credit reports. It used to be nice years ago when Yahoo had a service where you could easily get all 3 in just a few mins. But I'm sure since that was actually useful in real life, someone had to end it. So now, you have to log into the big 3 separately and request your 'free' report.
Of course, it's not 'free' since there's quite a bit of time involved in just getting it. You have a right by law to get this information once a year, but in order to do so, you have to put in your credit card. Red flag right there. This 'entitles' you to a free month of credit 'protection'.
After your done with your 'free' month, you have to call and cancel or else they'll charge you. Yup, you're right, no easy way to do that, no cancel account link or button to click - you gotta get on a phone and do an old school call. To keep the good times rolling, once you're actually off hold and connected to someone, it's some call center in another country. Mine happened to be India. What ensued next was back and forth on just getting the fucking thing canceled. There were many "just a moment" pauses and even a few upsells. I had to tell the guy 3 times I want to cancel. Just click the cancel button in your crappy web app.
30 mins later, I was off the phone. This company and the people that work for it are trash, plain and simple. They are a scourge on society and a drain on humanity. And along with banking (and warring I guess), credit 'scoring' and manipulation has to be one of the worst human endeavors ever. I don't understand how these people sleep at night and I'm not surprised they're selling people's info to whomever will pay.
Re:And no one at experian will ever be charged. (Score:5, Informative)
Sadly, the people whose identity was stolen will also be punished by having to spend time, energy, and money restoring their credit files and getting the bogus accounts removed. In some cases they will have to prove that they really didn't open the lines of credit to Experian - the very company who is responsible for the mess they are in. They will also need to watch their credit closely for the rest of their lives wondering when the next line of credit will open up or deal with the hassle of freezing their credit and not being able to open new lines of credit when they want. (Though, as an ID theft victim who did the latter, it's really not that much of a pain. Just stinks that it is necessary.)
Experian, on the other hand, will face a vicious finger wagging by Congress. At the very worst. Maybe a token fine that they can make back in 2.3 seconds of doing their normal business.
Re:And no one at experian will ever be charged. (Score:2, Informative)
Read the article - it wasn't Experian selling the info.
As stated also in the summary, it was a company called Court Ventures, although what the summary doesn't say is that although Court Ventures is currently a subsidiary of Experian, it was already illegally selling this information before it was aquired by Experian, and also that the Secret Service contacted Experian about it after the aquisition.
It also should be noted that the information itself did not originate from Experian, but from US Info Search, and that the information is apparently aggregated from public sources (i.e. court records, driver records etc)
They were allowed to sell the information to US companies for ID checking and theft prevention, just not to foreign companies, and not to companies using it for other purposes.
I don't entirely like what Experian do, but I don't really think they're the bad guys here.
Re:Why is SSN secret? (Score:4, Informative)
Not that mother's maiden name is any protection. When someone opened a credit card in my name, they had my name, address, social security number, and date of birth. They got the mother's maiden name wrong, though. It wasn't even close. Didn't stop Capital One from approving the card application, though, and almost giving the people a line of credit in my name. (The only thing that stopped them was a fluke where they paid for rush delivery of the card and immediately changed the address from mine to theirs. The two processes crossed paths and the card arrived on my doorstep. Had it worked as intended, they would have gotten the card and run up a huge bill under my name.)
Re:Experian one of the worst (Score:3, Informative)
Stop spreading FUD. No credit card info is required to get your free annual credit report.
You don't have to agree to upsell features like FAKO credit score and credit monitoring.
Re:Experian one of the worst (Score:5, Informative)
Re:Since you mentioned Experian (Score:2, Informative)
They can't use FICO because it's owned by a third party (Fair Isaac), what they CAN do is use a similar algorithm on the data they hold (FICO includes inputs from all 3 major credit bureaus).
Re:Experian one of the worst (Score:5, Informative)
All of this confusion and scamming could be eliminated if the government would just move the real site to the
Re:Since you mentioned Experian (Score:5, Informative)
You have no idea what you're talking about. Indeed, the FICO score is strictly a model from the Fair Isaac Corporation. However, that model is licensed out to the major credit bureaus, and they will indeed provide you a FICO score. However, any FICO score is only as good as the information it's based on. Since all three credit bureaus can happen to have different info on you, you can have a different FICO score with each of them. That's why all the ads you see talk about checking your three FICO scores - the algorithm is the same in all cases, it's just coming up with different results due to different inputs.
Now as to what the GP was saying, Experian has it's own, non-FICO score too, that they'll sell you (in addition to selling you a FICO score, should you pay for that), for a price. That's the "even more made up" number the GP is referring to, which has the name VantageScore. It's not your FICO score, and due to the less licensing and federal regulation surrounding it, costs less. However, the GP is wrong in sticking this with Experian - all three major bureaus jointly use VantageScore.
And lastly, folks pulling credit history that aren't making a direct loan (ex: insurers), usually don't pull a FICO score, since it's expensive, relatively speaking, but will pull yet another number made up by the three bureaus (what it is depends on what you're looking to insure - they have separate scores for auto and homeowner's insurance). All of this has made the FICO score itself much less important than it used to be. It's still the gold standard for big, big ticket items, where a mortgage company has no problem spending the $ to get the FICO score from all three bureaus to insure their hundreds of thousands of lending to you.
Re:And, who has the Obamacare ID validation contra (Score:4, Informative)
What did you read?
"The work on Healthcare.gov grew out of a contract for open-ended technology services first issued in 2007 with a place-holder value of $1,000. There were 31 bidders. An extension, awarded in September 2011 specifically to build Healthcare.gov, drew four bidders, the documents show, including CGI Federal."
Search for part or all for source. Now, last you read it was a bid contract, invalidating your point.
Re:Why is SSN secret? (Score:3, Informative)
Here's a dirty little secret about SSN's. They were never intended to be used as unique identifiers. In fact, it says on the card For social security only, not to be used for identification [apfn.org]. Even more, they are not secure in the least, up until recently you could get the first 3-5 numbers just by knowing a little bit about the person, see ID by state of issue [about.com], and it's pretty simple to identify the group number [about.com] as well. Last 4? those were sequential. Basically, they were never designed to be secure, and now we have to treat them as such. Better keep your birthplace/birthday secret too.
Re:Probably a downmod coming but.. (Score:5, Informative)
Not much. Harsh punishments are less effective at deterring crime than are moderate punishments that are more likely to happen...unless, of course, you are likely to be punished even if innocent. To be effective the punishment only needs to be sufficient that the net benefit of an act is negative...but they need to be expected to happen if you are guilty. And sooner is much more effective than later.
Yeah, I know these requirements are in conflict. If it were simple, someone would have had a decent government by now.
Former Experian employee (Score:2, Informative)
As a former Experian employee and Systems Administrator to boot - I have only this to say, "Buwahhhhhhhhhaaahhhahhhhahhhahhhaaaa! Oh god, stop it! You're making my sides hurt!"
Ah - the good old days of Experian! For the record, this was my original CIO's personal nightmare that he shared in nearly every "All Hands" meeting while I was there. He got cut loose and within 3 years so did I and most of the technical experts in the US. RIF'd because we're expensive help. Remember, Experian is NOT an american company. It is listed in the London stock exchange since it was originally bought by "GUS Plc" back when it was TRW. So, now that the Experian CIO position has shifted back to the Brits (it was an American when I first started), they're GUTTING the IT infrastructure staff in all of the "expensive" locations (i.e. - the US) and outsourcing to places like Costa Rica. No offense to anyone in Costa Rica - but they are very late players in this corporate reshuffle and have NO voice in any IT decisions. We (the US IT infrastructure staff) have been warning senior management for nearly a decade (I was employed for 8 years) that they were SERIOUSLY screwing up each and every corporate acquisition company integration. Since there was NO oversight of the IT integration (at any level) is it any kind of shock that there was little to no oversight of the account management of customers in these subsidiary's?
It's a shame that the good people I know in that company will now pay the price for senior management greed and stupidity. And yes - I agree with everyone who posted about the predatory website and practices by Experian with the so called "free credit report". What a freaking racket. If it's any consolation - I argued against it (and so did all of the web developers and IT staff) but senior management was looking to hook all customers any way they could. Sorry if this sounds disgruntled - truly I'm more disillusioned and saddened because I know how much effort the good guys are expending trying to make it right from within. Poor bastards.
Re:Probably a downmod coming but.. (Score:4, Informative)