Information giant Experian has hit back at claims that it has left itself open to a deluge of data breaches after watchdogs revealed they are investigating the company’s security procedures.
The issue was first highlighted late last month after Bloomberg published a report about flaws in how credit reporting agencies, including Experian and Equifax, protect their databases.
In the report, Bloomberg totalled 86 data breaches since 2006 that demonstrate how hackers have broken into computer networks of Experian’s customers, stealing their passwords to access credit reports online.
Those breaches led to the theft of almost 15,500 credit reports in the US since 2006.
As a result, Ireland’s Office of the Data Protection Commissioner, which enforces privacy law in the country, is now investigating Experian’s security practices. Ireland’s regulators aim to find out whether Dublin-based Experian can be held responsible for failing to detect such fraud.
A spokesman for Experian told Bloomberg: “[The breaches were] isolated security issues experienced by a small number of our clients in North America involving US consumers under US data-protection jurisdiction.”
In fact, Experian’s clients bear the responsibility to monitor and maintain the security of their own systems, the spokesman said, adding: “[We use] sophisticated technology to detect anomalies that might indicate suspicious activity in systems access, which we immediately flag to the client and, when appropriate, to consumers and law enforcement.”