The Experian leak doesn’t sound like that big of a deal. The Experian leak is the perfect example of what we’re talking about: if one of the biggest credit score companies left such a blatant exploit in their software, what’s the rest of the landscape like?Įven worse, most apps require your data to work – and data is valuable for you and threat actors alike. Or, even worse, they’re unsecure through and through. Unfortunately, most apps we use are not as secure as they should be. You can’t stop using APIs, though you should be careful when using them, especially if they will collect your data afterward. The Experian API was supposed to be used by approved vendors alone – and threat actors found a way to use it anyway. We’ve talked about APIs before – and our conclusion wasn’t too happy: APIs are ridden with vulnerabilities from the get-go. That’s how threat actors took advantage of it. In other words, anyone who had access to that public API could get someone’s credit score. However, they didn’t need to log in or get an authorization level to do so. Companies needed a quick and easy way to see if they could approve clients to get a loan, and Experian provided them with a rather unsecure way of doing so.Ĭompanies had to provide the API with basic information to receive a user’s credit score. How Did the Experian Leak Happen?Įxperian used an API to automate the information-gathering process certain vendors had to go through. Threat actors walked away with an unknown number of credit scores, meaning criminal organizations may have a database of people they can target. It’s difficult to put into words or numbers how much damage that caused. That costly mistake ended with the exposed credit scores of countless Americans. That allowed threat actors to gather information on countless people. A vendor only needed a handful of public information (e.g., name and address) to check someone’s score. What’s the 2021 Experian Credit Score Leak?Įxperian used an API to allow certain companies and vendors to check FICO scores. In 2021, Experian suffered its third data breach in less than a decade. Two of the big three had suffered one catastrophic data leak in the past – with TransUnion being the exception. They’re also well-known for having suffered multiple leaks in recent years.Įxperian belongs to the big three reporting companies, alongside Equifax and TransUnion. It has information on more than 200 million Americans and a billion people worldwide. You Should Worry About CybersecurityĮxperian is a data collection company dedicated to consumer credit reporting. Users Shouldn’t Trust Companies (Even Big Ones) What’s the 2021 Experian Credit Score Leak?.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |