Privacy, Consumer Groups Urge FTC, CFPB To Investigate Experian, T-Mobile Breach
More than 25 privacy advocates and national consumer groups, including the Center for Digital Democracy, Consumer Action, Consumer Watchdog, Consumers Union, Electronic Privacy Information Center and the World Privacy Forum, sent a letter to FTC Chairwoman Edith Ramirez and Consumer…
Sign up for a free preview to unlock the rest of this article
Timely, relevant coverage of court proceedings and agency rulings involving tariffs, classification, valuation, origin and antidumping and countervailing duties. Each day, Trade Law Daily subscribers receive a daily headline email, in-depth PDF edition and access to all relevant documents via our trade law source document library and website.
Financial Protection Bureau Director Richard Cordray Thursday, expressing “grave concerns raised by the early reports of the significant data security breach affecting T-Mobile customers and applicants whose information was stored by Experian” (see 1510020051). Since Experian is one of three nationwide consumer reporting agencies (CRAs), “each holding data on over 200 million consumers,” the groups asked the agencies to “fully investigate this breach, including whether other Experian databases have been breached,” the letter said. The groups asked the agencies to determine how hackers would be allowed to “access the information of T-Mobile customers but not the main credit report files,” and determine if different security measures are in place. “If there are no such differences, doesn’t this raise the troubling possibility that the servers holding highly sensitive credit and personal information of over 200 million Americans is vulnerable to a data hack by identity thieves?” the letter asked. A breach of a credit reporting agency takes the problem of data breaches to a “whole new and dangerous level given the extraordinarily large amounts of critical financial information they hold,” the letter said. “Identity thieves could play havoc of an unimaginably huge scale with access to such data, with potentially devastating consequences to consumers, financial institutions, and the American economy,” it said. The groups also expressed concern with Experian’s decision not to offer a security or credit freeze to consumers, which is the only way to stop new account financial identity theft, the groups said. The “breached firms are only offering weaker credit monitoring, so we also ask the regulators: Is there any authority for the CFPB to require the nationwide CRAs to provide free security freezes to affected consumers?” it said. Meanwhile, Missouri Attorney General Chris Koster issued a news release Wednesday saying as many as 263,000 people in the state could be affected by the breach.