Experian fixed a weakness with a partner website that let anyone look up the credit score of tens of millions of Americans just by supplying their name and mailing address, KrebsOnSecurity has learned. Experian says it has plugged the data leak, but the researcher who reported the finding says he fears the same weakness may be present at countless other lending websites that work with the credit bureau.
Nearly half of financial frauds being uncovered involve criminals trying to use someone else’s stolen personal details, Experian warns. The credit checking company says that identity theft is a “significant and rising threat,” accounting for 46 percent of financial frauds detected this year – that’s almost double the rate of cases seen in 2012 (27 percent).
Security researcher Brian Krebs has uncovered the involvement of credit bureau Experian in an ID theft operation, according to ZDNet. Experian became involved through their March 2012 acquisition of Court Ventures.
