Wednesday 21 November 2012

Inquiry into breaches of Experian's databases

Experian, a credit-reporting service with financial information on more than 740 million consumers, is being investigated by Irish regulators following breaches of the company’s databases. 

The Office of the Data Protection Commissioner has opened a preliminary inquiry into the security practices of Dublin-based Experian, said Gary Davis, the agency’s deputy commissioner. He said the move was prompted by reports that Experian’s database was invaded at least 80 times, leading to the theft of almost 15,500 credit reports since 2006. Hackers infiltrated Experian using passwords stolen from its customers, and invasions were not immediately detected. Mr Davis said regulators have asked Experian whether breaches have affected Irish consumers or businesses, and requested information on what steps the company was taking to prevent unauthorized access to its databases and safeguard records.

Gerry Tschopp, a spokesman for Experian, declined to comment directly on the Irish inquiry. The breaches were “isolated security issues experienced by a small number of our clients in North America involving US consumers under US data-protection jurisdiction”, he said in an emailed statement.