Update to How You Can Change Your Experian Credit Freeze PIN
Our consumer campaign director provides an update to how you can change your Experian credit freeze PIN after a security flaw was discovered two weeks ago.
A couple weeks ago, after reading a Nerdwallet news alert about Experian’s faulty credit freeze PIN retrieval form, I tried it out for myself. I, too, was able to retrieve my PIN by selecting “none of the above” for security questions even though the answer was in the list of options.
Here’s a little more context: Experian’s website allows consumers to retrieve their credit freeze PIN, which is needed to temporarily remove a freeze when applying for credit, if they lost it. However, PINs could be retrieved by simply answering “none of the above” to all security questions, providing an opportunity for identity thieves to retrieve PINs, remove freezes, and apply for new credit accounts. This puts all consumers with an Experian credit freeze at risk, including deployed servicemembers who might not discover any fraud until after they return.
The flaw appears to have been fixed the day it was reported on, but who knows how long the flaw was in place. We’re calling on Experian to at least notify all who may be at risk because their PINs were retrieved before the flaw was fixed. We also urge the Federal Trade Commission and the Consumer Financial Protection Bureau to investigate the security flaw, determine how long the flaw existed, verify the validity of Experian’s claim that “no credit files are at risk,” assess Experian’s lack of public notification of the flaw or the steps consumers can take in response to it, and levy robust financial penalties based on the results of the investigation.
In the meantime, the best way to protect the security of your Experian credit freeze is to change your Experian credit freeze PIN. After spending an afternoon with seven different Experian phone representatives and receiving conflicting information, I was told repeatedly the only way to change your Experian PIN is to permanently remove your existing Experian credit freeze and place a new one. While it appears this remains to be the only way to change one’s PIN online, it is in fact possible to change your PIN over the phone without permanently removing your existing freeze. I verified this after receiving two conflicting confirmation letters in the mail after my afternoon with phone reps. (It turns out that I had in fact successfully changed my PIN over the phone, but it was replaced by an even newer PIN after a different representative told me it had not been changed and that I needed to permanently remove my freeze and place a new one instead.)
Below are our revised steps for changing your Experian credit freeze PIN:
Online: To change your PIN online you have to permanently removed your existing credit freeze and place a new one.
-
Permanently remove your credit freeze by filling out and submitting this form.
-
Add a new security freeze by filling out and submitting this form. You will have the option of creating your own PIN or having one generated for you.
Phone: You can change your PIN over the phone without first removing your existing credit freeze:
-
The phone number provided by Experian for credit freezes does not appear to give consumers the option of removing freezes. Instead, call Experian at 1-800-493-1058. This number is actually for Experian’s credit report dispute phone line, but it’s the number we have found to reach a live person who can help you remove your existing freeze and place a new one if you use the following prompts:
-
Experian requires you to enter your Social Security number, ZIP code, and numerical portion of your street address, on your telephone keypad at the start of your call.
-
After entering in your personal information, press option 2 for “general questions about your credit.”
-
Then press option 1 for “questions about your credit report.”
-
Then press option 1 again for “questions about your credit report.”
-
You will then hear a long message about how to get a copy of your credit report and dispute inaccuracies on it. (Again, this is not why you are calling, but it’s how we know to reach a person.) After this message, you will be connected to a live representative.
-
Ask the representative to help you change your credit freeze PIN. The representative will likely ask you for your Social Security number and address again, along with your birthdate, before you can proceed.
-
You’ll be asked for your current PIN. You can either have Experian generate a new PIN for you, or you can set your own PIN, up to 10 numbers in length.
Placing credit freezes at the big three credit bureaus and a fourth smaller one (NCTUE) is still the best way to protect yourself from new account identity theft. Tips for protecting yourself against other types of identity theft are also available here.
Topics
Authors
Mike Litt
Director, Consumer Campaign, U.S. PIRG Education Fund
Mike directs U.S. PIRG’s national campaign to protect consumers on Wall Street and in the financial marketplace by defending the Consumer Financial Protection Bureau, and works for stronger privacy protections and corporate accountability in the wake of the Equifax data breach. Mike lives in Washington, D.C.