April 22, 2014

Krebs: Credit bureaus have security problems

April 23, 2014 – Security expert Brian Krebs says that in light of security breaches at the credit bureau Experian, credit bureaus need to address problems in how they store data.

Krebs told American Banker that there needs to be a debate about the repeated data security problems at places like Experian.

"Experian figured out what was going on after somebody else told them. You have to wonder how many times this has happened where nobody notified them and they kept it quiet," Krebs said. "And Experian's not the only company in this business. There are several other credit bureaus that take consumer data and bundle it up in different ways and resell it. I think we need to have a national debate about what the role of these companies is and what their proper role is when it comes to protecting people's identity and privacy."

Krebs continued, "I think it's telling that in an era when it seems every day there's another major data breach, the default response for a company is to sign other customers up to give more information to Experian, which is in the business of building dossiers on people and selling that information."

NAFCU was the first financial trade association to push Congress to implement national data security standards, in response to the massive breach at Target. NAFCU estimates that breach alone will cost the credit union industry $28 million.