Just before the Thanksgiving holiday, The National Law Review reported:
"Experian’s most recent earnings report shows that it has spent $20 million to date on its response to the September 2015 data breach that exposed the personal information of nearly 15 million wireless carrier customers. The exposed information included names, addresses, birthdates, social security numbers, driver’s license numbers, and passport numbers – all information Experian uses to process credit checks as part of the customer registration process. The $20 million spent so far on notification and credit monitoring for affected individuals may only be just the beginning of Experian’s financial woes – the credit monitoring firm still has several pending class action lawsuits to manage as well as cooperating with the government’s investigations in to the matter."
Details about the September breach area available here.
Not good.As I wrote in October,Experian CEO Brian Cassin should resign. The credit reporting agency's track record of breaches is troubling. Paying post-breach related costs (again) is not enough of an incentive to change executives' behavior. Companies won't change until there are direct consequences for executives. Experian executives know better. It is in the business of collecting, archiving, and protecting consumers' sensitive personal and financial information.
If they can't protect it, don't collect it; and go do something else.