Who has our credit file?

October 6, 2021 admin 0 Comments

Interesting question, isn’t it?

Who has our credit file …

The problem with answering that question is that there is no simple answer we want to hear, because the truth is a hard pill to swallow.

To do this, I would like us to look back at our most recent history, so that we can follow a chain of events that leads us to where we have ended today. I will first introduce you to some scenarios, so that you think in the same terms as we do in my Data / Information Security business.

Let’s start with our credit scores; We all know that we must have a good credit score to be able to do the things that are necessary in life, such as buying a car or a house, obtaining a loan, and opening credit card accounts. Now, most of us also know that there are “credit bureaus” that are responsible for those numbers. However, how often have you considered that they must track your information and all your purchases to produce and maintain those records?

The truth is: this is done continuously. Not only by the credit bureaus, but also by a myriad of other organizations that have the sole purpose of monitoring and recording our transactions; They are Information Agents. Our personally identifiable information (PII) is something that is widely monitored by numerous groups for one purpose or another, and that information is also bought and sold by information aggregators.

Very interesting, right? I also thought the same!

Of course, this information brokering is very benign in nature, because many companies rely heavily on the sharing of this personal information, including law enforcement and the federal government. Did you know that there are also organizations linked to the same credit bureaus that provide us with our credit scores, that operate as information brokers and aggregators of information?

I also found it very interesting, and I will explain why.

Many of these credit bureaus also have subsidiaries or side companies that provide “identity theft” related services, which amounts to nothing more than your clients paying them to monitor their credit, which is something your organization is already doing. So now, let’s add insult to injury in the fact that federal laws have been enacted more or less requiring corporations that are unfortunate victims of data breaches, and that number is increasing daily, apparently to offer their clients (the innocent victim) “identity theft” services. Remember the services I just mentioned that are offered by secondary companies? Well guess what, take a look at who owns the business providing the services on offer the next time you read a news report about a new business experiencing a data breach.

Let’s recap what has been covered: credit bureaus monitor our information; Information brokers collect our information for credit bureaus; Information aggregators buy and sell our information that was collected by information brokers; Credit bureau side companies offer us credit monitoring services when we become victims of identity theft due to data breaches.

Now imagine for a moment what would happen if an identity thief impersonated one of these information aggregators … Scary, right? Well, unfortunately, it already happened at least once; You will remember it as when one of the well-known credit bureaus alerted the public that you had been the victim of a violation. I’m afraid it will happen again

I have found that companies have a lot at stake when it comes to their employees falling prey to the scenarios I have mentioned, both with corporate results and productivity, as well as with employees suffering more health-related problems caused For undue stress.

Leave a Reply

Your email address will not be published. Required fields are marked *