is  great source of information on credit issues. A post today discusses data breaches of various descriptions and how each stacks up in terms of their impact on consumers.

The authors first remind people that you are not your credit card–there’s a big difference between a risk or breach involving only one account and a breach that exposes one’s entire identity.  But the risk increases when a breach extends beyond one card or account to include personal information such as your DOB and SSN.

Your credit card is stolen or hacked

Scenario 1. Your credit card is stolen or hacked
Someone stole your wallet and with it, your credit card. Or, maybe you still have the credit card but someone somehow got the number and charged items on your account.
The thief wants to spend as much money as possible before you and/or your card issuer get wise to the theft.
The good news:
Under the Fair Credit Billing Act, you’re on the hook for only $50 and probably not even that. Most credit card issuers have zero-liability policies that mean you won’t pay a cent. Plus, the thief has access to just that one account number — not other personal info that could put your entire financial identity at risk.
The bad news:
You have to get the card replaced and change any recurring automatic payments made with the card. In the meantime, you don’t have the credit card, which is a problem if that’s your only card.
 If your credit card is stolen, it’s a hassle but it’s no big deal it’s an inconvenience.

 Your debit card is stolenScenario 2. Your debit card is stolen Someone stole your wallet and with it, your debit card.Why: To clean out your account before you find out about the theft.

The good news: The thief has only your debit card — not anything linked to your identity.
The bad news:
You’re not protected for such theft the way you are with a credit card theft or breach. Under the Electronic Funds Transfer Act if your debit card is stolen, in most cases your liability is limited to $50 if you report the theft within two days. But if you wait more than two days, you could be liable for $500. After 60 days, you could be on the hook for the entire stolen amount, although most banks will review such theft on a case-by-case basis.

Even if you do report the theft right away, the bank account linked to the card will be frozen and you’ll lose access to the funds while the issue is being resolved. Meantime, you can’t pay your bills or get cash. For people who are already living on the financial edge, this can cause a domino effect. No money for gas means no way to get to work, which puts a job in jeopardy.

 You friend a fraudster

Scenario 3. You friend a fraudster
A fraudster posing as one of your friends asks to connect on social media and you quickly accept. Then you realize you’re already connected and this new social media “friend” is a fraudster. Now all the personal info you share with your real friends is available to an identity thief.
The fraudster may already have some account information on you and now is trying to fill in missing puzzle pieces or get information about your identity that could be used to answer your password security questions, such as “Name your first pet” or “Where did you go to high school?” The fraudster could use this information for full-scale identity theft or to hack one account at a time.
The good news:
You could be safe if you catch the mistake and delete the fraudulent friend right away. If the hacker is doing this on his own, he’ll need time to comb through your account.
The bad news:
If the hacker is using software to scrape personal info from your page, you might be at risk the minute you click accept.
 Change-of-address fraud

Scenario 4. Change-of-address fraud
You haven’t gotten any snail mail for days; you see your mailman as he drives by and he says the post office received a change of address notice from you. You didn’t fill one out.
The thief first wants access to mail so he can get account information and other personal identifiers. Next, he wants to make sure you don’t receive mail notifications when he changes passwords, PINs or other key information for those accounts, and opens new accounts in your name.
The good news:
You missed a few days of junk mail.
The bad news:
This scenario is a major indicator of ID theft.

 Hackers expose your data in a major federal breach

Scenario 5. Hackers expose your data in a major federal breach
You’re among the millions of victims whose extensive personal information was exposed in the federal data breaches at the Office of Personnel Management.
Thieves can use that information to open new accounts in your name for apartments, cell phones, car loans and more.
The good news:
You’re not alone; about 22 million people were affected in two separate breaches.
The bad news:
Thieves now have access to a lot of your personal info — the breaches included Social Security numbers and information used for security clearances, as well as employment, educational, residential, financial and health histories.

Medical ID theft

Scenario 6. Medical ID theft
Your doctor’s office gives you a form to sign confirming that you’ve moved; but you’ve lived in the same house for years. This could be a sign of medical ID theft, one of the fastest growing forms of identity theft.
Medical ID thieves seek to get free medical care, free drugs, free equipment or to commit other fraud.
The good news:
It could be human error.
The bad news:
If it’s medical ID theft, the implications go beyond financial. When your medical history is intertwined with someone else’s, you’re at risk for misdiagnosis, being prescribed a drug that doesn’t work with current prescriptions, having insurance claims denied or even losing your insurance. Nearly two-thirds of victims in a 2014 survey by MIFA paid out-of-pocket expenses averaging $13,500 including services received by the ID thief.
The most severe consequences are not financial — they’re related to a consumer’s health as the result of confusion about the victim’s true medical condition and health history because it’s corrupted with information about the identity thief’s health conditions.

Foiling fraudsters
You can’t prevent some of the scenarios above but you can take action to help prevent being an individual target.

  • Set up your debit card so that it’s only an ATM card and can’t be used to buy things and clean out your account, Weisman says.
  • Choose strong passwords, change them often and don’t keep them written down in an obvious place.
  • For security questions linked to your accounts, make up fake answers that are easy to remember yet have nothing to do with your real first pet, high school or mother’s maiden name. “Give a nonsensical answer,” Weisman says. “For ‘Where did you go to high school?’ answer ‘Grapefruit.’ It’s just silly enough you won’t forget it.”
  • Read the explanation of benefits notices your insurance company sends out, even if they say you don’t owe anything. That will alert you to any procedures or doctor visits that didn’t involve you.

And if your credit check engine light comes on, investigate immediately.


We and other consumer advocates have long advised consumers to send disputes to the credit reporting agencies by mail rather than using the agencies’ online option.  The main reason for using old-fashioned mail was that there was no way to send in documents to the agencies to show the consumer is right and the reports are wrong.  Now, however, the bureaus online systems allow consumers the ability to upload documents, such as documents showing proof of payment.

Consumers understandably like the online option because it is easier and faster. There is still a downside to online disputes even if the consumer sends in supporting documents and that is the lack of a paper trail. This problem may be avoided by preparing a detailed dispute letter and upload it along with any documents. In case your dispute doesn’t get immediate results, you should save copies of your dispute letter, documents, and the agencies’ response.

The NY Times covers this subject in an article in its Personal Business section.

  • To the surprise of no one who has watched how furnishers of credit–banks, finance companies, and the like–deal with consumers’ disputes, today the Consumer Financial Protection Bureau said many furnishers lack adequate policies for accurately reporting information to consumer reporting agencies and for responding to disputes. The CFPB press release states that the CFPB examiners “continue to find a lack of reasonable written policies and procedures for accurately reporting deposit account, debt collection, and student lending information to the consumer reporting agencies. The CFPB found that many furnishers did not have systems in place to properly receive, evaluate, and respond to consumer disputes regarding the information provided to consumer reporting agencies. In particular, examiners found that certain furnishers did not notify consumers about the outcome of investigations about disputes over consumer reporting information. In other instances, some furnishers did not notify consumers when they took adverse action against them based on information in their reports.”

 According to a survey commissioned by FICO, 62 % of consumers who received non-FICO credit scores online believe they had received actual FICO® Scores.  More than 8 in 10 consumers believe the scores they obtained from the non-FICO sources are scores widely used by lenders to make credit decisions, which is not the case.

The survey found that 71% of consumers agree it is important that the credit scores they obtain are scores widely used by lenders to make credit decisions.  But the only scores used in 90% of credit decisions is the FICO® score.“Because other credit scores look similar to FICO Scores, consumers have no way of determining, through the credit score itself, whether or not it’s a FICO Score.  Credit scores are unlike other products; the consequences of not recognizing credit scores from different companies can be much more serious,” according to Jim Wehmann, executive vice president for scores at FICO. “The new research findings bring to light an important issue: If the majority of consumers are confused about these non-FICO credit scores being provided to them, then millions of Americans are mistaken about their actual creditworthiness.”

The scores for the same person vary by as much as 100 points because the mathematical formulas used by the scoring companies are significantly different from their FICO Scores. These large differences cause confusion and without an accurate impression of how a lender views his or her credit risk, a consumer may forego a valuable mortgage refinancing, for example.“ For more about FICO Scores, go to Consumers may get their true FICO scores by accessing FICO’s Score Open Access Program.


The credit agencies are eager to sell you credit monitoring at about $20/month. Here are reasons not to buy it. It doesn’t prevent ID theft, it only tells you after the theft has been committed – the proverbial shutting the barn door after the horse has run away.
If you are really threatened with identity theft, you can put a security freeze on your credit files that actually prevents the ID theft by locking out access from the credit reports.
Credit monitoring is not a good value proposition.  You can check your credit report regularly by downloading one from Experian, Equifax or Trans Union every 4 months.
Some believe that daily reports on your credit score will only make you nervous. According to Chi Chi Wu at the National Consumer Law Center, if you really want to monitor your credit score, you can do it for free now with FICO’s Open Access program, as long as you can qualify for a Discover, Amex, or Barclays card.  You can sign up to check your FICO monthly if you want to do so. For information on FICO’s Open Access program, go to

Liz Weston’s Answer: There’s so much fraud in the credit repair industry that you’re likely better off doing it yourself rather than exposing yourself to rip-offs. Credit repair companies aren’t supposed to take money upfront or promise things they can’t deliver, but many do.

One of the scammers’ most common ploys is to flood the credit bureau with disputes and to take credit for any negative information that temporarily disappears. By the time the negative information pops back up on the file, the scam artists have disappeared with your money. Another approach they recommend is starting over with a “clean” slate, sometimes using borrowed or stolen identification numbers. That’s fraud, and even if it works, you’ll often find yourself worse off with no credit history than with a flawed history.

The Federal Trade Commission has some helpful advice on do-it-yourself credit repair. You’ll need to first get copies of your credit reports from each of the three credit bureaus, which you can do once a year for free at Dispute any inaccurate information, such as collection accounts that aren’t yours or late payments that you made on time. Follow up with any creditors that persist in reporting bogus information.

An inaccurate negative report on one’s credit report can slow down the process of getting a mortgage. The challenge is to get the credit bureaus to correct the report in a timely manner paving the way to obtaining a mortgage. CoreLogic Credco is a leading reseller of three-in-one or “trimerge” credit reports tailored for the mortgage industry. Credco has a service called Rapid Recheck that speeds up the bureau-level dispute process. Credco promises the process provides a faster way to update a borrower’s credit reports and get an updated FICO score.  Credco’s website states it gets results in 3-5 days.

Mortgage brokers simply forward their clients’ documentation showing a report is inaccurate to Credco. Credco then “screens” the documentation and accepts or rejects it. If it accepts the documentation, Credico forwards it onto the credit bureaus with a request for a credit report update.

How well this process works compared to consumers submitting their own disputes is unknown. If a consumer initiates a dispute, the results from the bureaus may take 30-35 days.

Query, if Rapid Recheck works for some people, why won’t this accelerated process work for everyone?


Consumer Reports magazine September edition has a special report on how insurance companies use (really misuse) credit scores in determining how much to charge you for your car insurance. Each insurer cherry-picks about 30 of almost 130 elements in a credit report to come up with its own proprietary score. That score will be quite different than your FICO score. Customers with low credit scores are made to pay a lot more than customers with better scores. For example, a single driver in Kansas who incurred one moving violation would get an increase in his premium of $122/year, but if his credit score was only “good,” the increase would be $233 and a poor credit score would add $1,301 to the premium on average! In another example, a single adult Florida driver with excellent credit may pay $1,409 on average for insurance as compared to $1,721 if the driver had good credit, and a whopping $3,826 for a driver with bad credit.

Insurance companies don’t tell customers how they have been scored. Consumer Reports found that this all started in the mid 1990s when some insurers began working with Fair Isaac Corporation, the company that created the FICO score, on the theory that scores might predict claim losses. (Query whether there is a correlation between low credit scores and claims made). By 2006, almost every insurer was using credit scores to set premiums. Fortunately for drivers in California, Hawaii and Massachusetts, these states prohibit insurers from using credit scores to set pricing. What’s unfair about this practice is that customers with low or even good credit scores pay for accidents they have not caused and may never happen. Plus, good drivers who have good driving records get penalized big time! Every state should ban insurance companies from using credit scores. The use of credit scores by car insurance companies surely is just an excuse to overcharge consumers. And why no transparency? Why don’t insurance companies let consumers know their credit scores?

Does having too much credit hurt your credit score? Should you close credit cards to reduce your credit available? These are questions addressed by Barry Paperno a contributor to Conventional wisdom 20 years ago was that if a borrower had access to too much credit, he or she would be tempted to use too much credit and get in trouble. But in the 1980s, FICO did a study and found that there was no evidence that having “too much” credit would change the consumer’s behavior. The same research confirmed that open long-held cards in good standing are associated with lower credit risk. However, some mortgage brokers still cling to the myth that a borrower may have too much credit.

The number of cards a person’s hold is a minor factor in credit scoring. Closing them won’t change the number. Positive payment histories remain on credit reports for up to 10 years. FICO publishes a profile of common attributes of persons with scores greater than 785 which is interesting.



The American Banker magazine has an article that asks “Can credit bureaus can finally be tamed?”

The article describes a “tough fix-it order” imposed by federal and state officials that was supposed to force the bureaus to clean up inaccuracies and better respond to consumer complaints. But that happened 25 years ago and the problems with the bureaus persist.

The article notes that lawyers, advocates and regulators agree that problems of accuracy and how disputes are handled continue to be problems. In 2012 the FTC found that one in four consumers have potential mistakes on their credit reports and one in 20 may have errors significant enough to negatively impact how much he or she pays for a loan, or whether credit is available. That means 11 million consumers have material errors on the reports that may affect whether they can get a mortgage loan, a car or even a job. In 2014, the Consumer Financial Protection Bureau received 45,000 complaints about the credit bureaus.

Consumers have a right to dispute inaccurate or misleading information on their credit reports. The problem is the process does not work very well for consumers. Chi Chi Wu of the National Consumer Law Center describes the dispute process as a “Kafkaesque.” Instead of conducting substantive investigations when consumers lodge a complaint, the bureaus have typically relied on an automated system that boils down concerns into two- or three-digit codes that are sent to the creditors and others (the furnishers). Those furnishers often do little more than check to see if the data in their systems matches what’s in the report and, to compound the problem, the credit bureaus typically accept whatever the furnishers say.  This practice, known as “parroting” is contrary to the dictates of the FCRA.

The three credit bureaus makes tons of money selling consumers credit monitoring and education products. In this business, the bureaus profit from consumer insecurity about stolen credit information and identity theft. Those fears, along with general concerns about credit reporting errors, drive the sale of monitoring products, which go for as much as $19.95 a month. The products can provide a false sense of security because they only monitor certain kinds of fraud. Experian boasted in an investor presentation in May that consumer monitoring and identity protection accounted for 21% of revenue last year. Equifax, meanwhile, reported to the SEC in April that its “personal solutions” segment — products sold directly to consumers, including monitoring services — earned the company over $65 million, about 10% of total operating revenue for the first quarter of 2015.  In this way, the agencies profit from their own inaccurate information.

A major change is that the industry now has oversight from the Consumer Financial Protection Bureau. The CFPB vows to force changes in the industry to protect consumers. One CFPB investigation is apparently underway concerning the industry’s sales of credit scores and credit monitoring products. Equifax disclosed to the SEC some months ago it received a civil investigative demand from the CFPB back in February 2014 “as part of its investigation to determine whether nationwide consumer reporting agencies have been or are engaging in unlawful acts or practices relating to the advertising, marketing, sale or provision of consumer reports, credit scores or credit monitoring products.” Experian told analysts last summer that it got a similar request.