Interesting question, isn’t it?
Who has our credit file …
The problem with answering this question is that there is no easy answer we want to hear because the truth is a pill that is difficult to swallow.
To do this, I want us to look back at our recent history so that we can follow a chain of events that will lead us to where we ended up today. I will first introduce a few scenarios so that you can think the same way as we do in my data / information security business.
Let’s start with our credit scores. We all know that we need to have good credit scores to do the things that are necessary in life, such as buying a car or house, taking out a loan, and opening credit card accounts. Now most of us also know that there are “credit bureaus” responsible for making these numbers exist. How many times have you considered that you need to keep track of your information and all of your purchases to keep and maintain these records?
The truth is: this is done continuously. Not only from the credit bureaus, but also from a variety of other organizations that have the sole purpose of monitoring and recording our transactions. You are an information broker. Our personal data (PII) is comprehensively monitored by numerous groups for one purpose or another. This information is then also bought and sold by information aggregators.
Very interesting, isn’t it? I was thinking the same thing!
Of course, this sharing of information is very harmless since many companies, including law enforcement and the federal government, rely heavily on the exchange of this personal information. Did you know that there are also organizations that are connected to the credit bureaus and provide us with our credit scores that act as information brokers and information aggregators?
I also found this very interesting and will explain why.
Many of these credit bureaus also have subsidiaries or child companies that offer services related to “identity theft”. This is just paying their customers to monitor their loans, which their organization is already doing. Now let’s insult the violation by enacting federal laws that more or less oblige companies that are unfortunate victims of data breaches and that number appears to be increasing daily to offer to their customers (the innocent victim). “Identity Theft” services. Do you remember the services I just mentioned that the children’s companies offer? Guess who owns the company that offers the services offered the next time you read a news story about a new company suffering from data breach.
Let’s summarize what was covered: credit bureaus monitor our information; Information brokers collect our information for the credit bureaus. Information aggregators buy and sell our information collected by information brokers; Children’s credit bureau companies offer us credit monitoring services when we become victims of identity theft due to data breaches.
Now imagine for a moment what would happen if an identity thief pretended to be one of these information aggregators … scary, right? Well, unfortunately, it has happened at least once – you’ll remember when one of the well-known credit bureaus made the public aware that they had been the victim of a violation. I fear it will happen again
I’ve found that companies are at stake when it comes to making their employees fall victim to the scenarios I mentioned, both in terms of productivity and in terms of employees who have more medical problems, caused by the excessive stress.