JUST HOW SAFE IS EXPERIAN? AND WHY IS SOUTH CAROLING PAYING THEM?
South Carolinians by the tens of thousands are signing up with Experian – one of the nation’s largest credit reporting firms – to protect their data in the wake of an unprecedented security breach at the S.C. Department of Revenue (SCDOR). In fact the state of South Carolina is paying (up to $12 million) to cover the costs associated with this protection – even though Experian is likely to make millions in recurring business off of the deal.
But will such a move do anything to make our state’s data safer?
And just how safe is Experian?
On October 29 – just three days after S.C. Gov. Nikki Haley first alerted Palmetto State residents that their personal information had been compromised – a Bloomberg report revealed that Experian’s network was also recently exposed to hackers. The company itself wasn’t hacked, but a Texas credit union – Abilene Telco – was breached (giving the hackers access to the bank’s Experian password).
“Cyberthieves broke into an employee’s computer in September 2011 and stole the password for the bank’s online account with Experian,” the Bloomberg report notes. “They took Social Security numbers, birthdates and detailed financial data on people across the country who had never done business with Abilene Telco.”
According to Bloomberg, there have been nearly 90 similar breaches at the major credit reporting agencies over the last six years.
Experian’s response to the breach wasn’t exactly comforting, either, with a company spokesperson telling Bloomberg that its “first line of defense lies with end users who are obligated to manage and protect their credentials.”
More fundamentally, why is South Carolina paying $12 million to this company? After all, the cost of providing a year of free credit protection is nothing compared to the recurring business that Experian is going to generate as a result of signing up so many new customers.
Also a credit reporting expert told The (Columbia, S.C.) State newspaper this week that it was “negligent on the state’s part” to pay Experian – and that “this is not the best service to have chosen.”
More than 3.6 million Social Security numbers, nearly 400,000 credit and debt card numbers and tax information for up to 650,000 businesses were stolen from SCDOR beginning on August 27 of this year. The breach was never detected by the state – and it wasn’t until October 10 that the U.S. Secret Service alerted state leaders about the intrusion. After that it took Haley’s administration another 16 days to notify the public.
Haley has been roundly criticized for her handling of the breach, including numerous inconsistencies and outright lies included in statements she has made to the press. Haley will also miss an upcoming cyber security panel – scheduled by S.C. Treasurer Curtis Loftis prior to the breach – due to her political schedule.
***
7 comments
I didn’t make much money coaching at Clemson, but I didn’t work as hard as these young fellows do either. I only had to lay sod in Memorial Stadium or clean up the locker-room.
When a farm boy from Orangeburg or Clarendon county, a steelworker’s son from Pittsburgh, a longshoremen’s son from New Jersey, or a boy from the “mill hill” in Spartanburg or Greenville got a scholarship offer, he was only too glad to get it. It was his ticket out and to an education.
These young coaches nowadays have to beg, cajole, babysit, and kiss the rear of 18 year olds who take special pleasure in jerking them around.
Robert seems to have a level head. His Mama, on the other hand, seems to be a damn fool.
Oops, I got a little mixed up here. You know I played football at Alabama with a leather helmet. I get a little confused now in my old age.
What you say? You’re dead? Yeah, I forgot that too.
the hell are you talking about frank?
I don’t rightly know. I’m sleeping on Cemetary Hill right behind the South Stands at Memorial Stadium.
Walk lightly if you come by, you might wake me and wife.
The beat goes on, the beat goes on
Drums keep pounding a rhythm to the brain
La de da de de, la de da de da
Experian is the credit-reporting and data-mining firm responsible for the heavily advertised “FreeCreditReport.com”. The company had issues with the FTC because of the essential duplicity of the ads. South Carolina and its citizens would be foolish to rely on Experian for protection of their personal financial data, as this article in Bloomberg News reports:
http://go.bloomberg.com/tech-blog/2012-10-29-experian-customers-unsafe-as-hackers-steal-credit-report-data/
The data mining industry–which includes, in addition to TRW, Equifax and Experian, “Google”, “Facebook”, and many other venues on the web.
I know the word “regulation” is an abhorrent utterance on this website. However, SC’s hard-working state treasurer, at his scheduled symposium on “Fraud Detection and Prevention in Government Programs” Symposium on November 13th, would be wise to examine the extent to which the public’s personal (and governmental) information is scattered up in the “cloud” to be exploited, to be merchandised, by careless and unscrupulous vendors–whose business model makes criminal access to data possible, often easy.
Morons all. There is no unhackable system. have you heard of anonymous.