all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Experian Privacy Vulnerability

Add to bookmarks
Jan. 12, 2023, 12:18 p.m. | Bruce Schneier

Schneier on Security www.schneier.com

Brian Krebs is reporting on a vulnerability in Experian’s website:


Identity thieves have been exploiting a glaring security weakness in the website of Experian, one of the big three consumer credit reporting bureaus. Normally, Experian requires that those seeking a copy of their credit report successfully answer several multiple choice questions about their financial history. But until the end of 2022, Experian’s website allowed anyone to bypass these questions and go straight to the consumer’s report. All that was needed …

big brian brian krebs bypass consumer copy credit credit reporting end experian exploiting financial history identification identity identity theft impersonation privacy questions report reporting security thieves vulnerability weakness website

Visit resource

More from www.schneier.com / Schneier on Security

Friday Squid Blogging: Squid Purses 1 day, 5 hours ago | www.schneier.com
blog blogging can guidelines +6
My TED Talks 1 day, 8 hours ago | www.schneier.com
conferences controls data internet +9
Rare Interviews with Enigma Cryptanalyst Marian Rejewski 1 day, 15 hours ago | www.schneier.com
crack cryptanalysis enigma history of cryptography +5
The UK Bans Default Passwords 2 days, 15 hours ago | www.schneier.com
act and telecommunications ban bans +19
AI Voice Scam 3 days, 15 hours ago | www.schneier.com
artificial intelligence bbc money scam +4
WhatsApp in India 4 days, 15 hours ago | www.schneier.com
courts encryption end end-to-end +5
Whale Song Code 5 days, 15 hours ago | www.schneier.com
basic broadcast code cold +18
Friday Squid Blogging: Searching for the Colossal Squid 1 week, 1 day ago | www.schneier.com
blog blogging can cruise +7
Long Article on GM Spying on Its Cars’ Drivers 1 week, 1 day ago | www.schneier.com
article cars companies data +10

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

DevSecOps Engineer

@ Material Bank | Remote
View on infosec-jobs.com

Instrumentation & Control Engineer - Cyber Security

@ ASSYSTEM | Bridgwater, United Kingdom
View on infosec-jobs.com

Security Consultant

@ Tenable | MD - Columbia - Headquarters
View on infosec-jobs.com

Management Consultant - Cybersecurity - Internship

@ Wavestone | Hong Kong, Hong Kong
View on infosec-jobs.com

TRANSCOM IGC - Cybersecurity Engineer

@ IT Partners, Inc | St. Louis, Missouri, United States
View on infosec-jobs.com

Manager, Security Operations Engineering (EMEA)

@ GitLab | Remote, EMEA
View on infosec-jobs.com
View more jobs