Bank Systems & Technology is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Data & Analytics

05:48 PM
Tony Kontzer
Connect Directly
RSS
E-Mail
50%
50%

PC Containing Consumer Credit Data Stolen

TransUnion will review its data handling processes after loss of desktop system with information on more than 3,600 consumers

With federal legislators mulling over options for fighting identify theft and fraud, TransUnion LLC, one of three companies that maintain consumer credit histories, provided the latest scare Wednesday, revealing that a password-protected PC containing personal credit information on more than 3,600 consumers was stolen from a regional sales office in California last month.

TransUnion's disclosure follows a string of compromised data incidents that have hit companies such as Bank of America, CardSystems Solutions Inc., ChoicePoint Inc., Citigroup, and HSBC North America, as well as numerous universities.

Upon learning of the theft, TransUnion promptly sent notices to 3,623 consumers last month alerting them to the breach and offering complimentary monitoring of credit reports for a year. The Chicago-based company also notified local law enforcement, and launched an internal investigation into the incident. The focus of that internal investigation is to find out why the information was stored on a far-flung PC rather than on TransUnion's secure network, says a company spokesman.

The spokesman says TransUnion also will take a close look at its internal security and data-handling processes. Initial indications are that the burglary was centered on the computer itself, not the data within it. While a portion of the information was encrypted, "some data may have been stored in a back-up file on an unencrypted portion of the computer's hard drive," the spokesman said in an E-mail.

The TransUnion breach comes less than a week after Microsoft chief counsel Brad Smith told the Congressional Internet Caucus that the software giant supports comprehensive legislation to tackle data privacy issues at the federal level. Smith suggested a four-part piece of legislation that would mandate baseline standards, more transparent data collection practices, individual control over use and disclosure of personal information, and minimal security requirements around storage of sensitive consumer data.

TransUnion and its two rivals in the consumer credit-history market, Equifax and Experian, said in September that they would work together on development of an encryption standard they would all use to protect consumer data as it's moved between information providers and within the companies themselves. Last month, TransUnion made its fraud and identity management products available for mortgage lenders to integrate into their loan origination and underwriting systems.

Register for Bank Systems & Technology Newsletters
Slideshows
More Slideshows
Video
All Videos
Bank Systems & Technology Radio
Archived Audio Interviews
Join Bank Systems & Technology Associate Editor Bryan Yurcan, and guests Karen Massey and Jerry Silva from IDC Financial Insights, for a conversation about the firm's 11th annual FinTech rankings.
FULL SCHEDULE | ARCHIVED SHOWS