Fifty Groups Ask FTC, CFPB To Investigate Experian Over Security Flaw

Media Contacts


This week, fifty leading state and national consumer, civil rights, military family, faith and other groups joined U.S. PIRG (letter to regulators) in urging the FTC and CFPB to investigate a security flaw (apparently fixed) at the credit bureau Experian. As originally reported by Nerdwallet, whose findings were confirmed by U.S. PIRG, access to “secret” PINs to temporarily lift credit freezes was left available to anyone. The PINs could be retrieved by simply answering “none of the above” to all security questions, providing an opportunity for identity thieves to retrieve PINs, remove freezes, and apply for new credit accounts. This put all consumers with an Experian credit freeze at risk, including deployed servicemembers who might not discover any fraud until after they return.

Statement of U.S. PIRG Senior Director for Consumer Programs Ed Mierzwinski:

“The credit bureaus have only one job, collecting and selling personal information, yet first Equifax and now Experian don’t seem to grasp the importance of keeping our financial DNA safe. That’s why we’ve asked regulators to carry out a detailed investigation and impose robust penalties if warranted. At the very least, Experian should notify all who may be at risk because their PINs were retrieved before the flaw was fixed. We also urge all consumers to change their PINs.”