Jump to content


  • Posts

  • Joined

  • Last visited

Recent Profile Visitors

576 profile views
  1. I dunno, you come across as a pretty straight shooter As to Hege, while I do value your point of view, I will choose to exercise my prerogative in this instance.
  2. I have done so in the past, but it seems that a flippant Hegemony reply is like a tax that must be paid for putting a post here, and I'm done paying; he's on ignore.
  3. As it turns out, that was Experian themselves at 5:40pm. So strange because the new email they assigned to it was a gmail account. I got it back yet again and then they said they were locking "me" out of it. I have no doubt that I could go right back in and reset the account if I needed to but it's just not worth it. It's a shame I think between the three they actually have the nicest website and I'm trying to improve my credit so it was helping me. But I scanned for root kits, deep scan, below OS level, and nothing found so I think if EX says they locked it this time, then it was them.
  4. Yeah going to need to. They re-hacked Experian today at 5:40pm. I have no idea how they're doing it. No root kit/malware. Exp is just going to hard lock the account and no online access, as Trans is doing.
  5. Yes, I agree with your assessment and I am somewhat mystified as to how they got all the pieces needed to ultimately compromise the account. When it was compromised previously it may have been using a reused password, but when I updated it, it was totally unique, randomized by LastPass. Also, I had the maternal grandmother's maiden name, and an account PIN, which cannot be exposed, only reset, and they weren't. This means, by my review, given they don't have access to my email, PIN or family maiden name info, they don't have enough information to access or request a reset. The only thing I can surmise is that they somehow had a way of changing the account's contact email, and thus unraveled it from there. Also, to wit, they went to town on TransUnion, 5 fraudulent inquiries over the last month. TU advised that the account is being access by Credit Sesame (which I didn't open an account for), they're saying that I removed the freeze and that they won't remove the inquiries without a police report and perhaps not even then. I live alone and have the usual antimalware/antivirus/defender running. Only thing I can think is a root kit?
  6. Good question. So, when I first got the email the first thing I did was go to the login page (by typing it in) and tried to log in. My credentials no longer worked. So, yes, the credentials including email had indeed been changed and the email alerted as such. Also, the email didn't have any links, it just said that if this was not a requested change, email membership services, (with the written out email). So I forwarded the email, and wrote out the email address, which is a valid email address, and all I put was my account was hacked I did not request this change.
  7. Hi all, So I did end up getting everything back, but it was a big hassle (a given) and I had to call the new business customer sales line (the only one where they actually want to speak to people) and get transferred to membership support. From a little bit deeper digging, I don't think an Experian membership account can actually be secured, a cautionary note to all board members who also have an account. Basically, all that's needed to get the username is to put the birthdate/social into the "obtain username" form. This is laughably easy, this information is all over the dark web for basically everyone at this point. Second, while they do offer Gmail login, thus allowing 2FA, it still maintains the Experian login, there's no way to turn it off and fully switch to only the Google login; so nothing is really improved. I can say I don't know exactly the method, but the bottom line is they don't hack the password, they use known information to reset the password, and then they're in. The hacker really did a number on my account: they changed the username/pass/email/phone/address on the account. They changed my address back to my old address because they are trying to line everything up on that address and probably access the physical mailbox. Wile correcting everything, I actually was given the hacker's email address (which was my name and a couple numbers at gmail) because it was used as the username. I actually emailed that email address, forwarding the password reset notification email and saying "Hey a**hole, I'm contacting the police." I know they will see it (even though yes it's a bluff because the police don't care). I also reported the fraudulent email address to Google. Ironically, on one of the addresses one of the fraudsters put on my CHEX report was some address in Miramar, Florida. I'm kind of wondering since I actually have a physical street address to go on (rare in ID theft cases) if there might actually be a point in opening a police report. In my case it's a really high degree of bespoke targeting, not the usual bulk/low-effort stuff. Very strange (and unsettling). Anyway, my EX/EQ were frozen already, TU freeze had lapsed and they managed to pop off one app to Discover student loans, got the call this morning, called them back and reported fraud now gotta get the inquiry off. Things had quieted down in July and I let the freeze lapse, reactivated it obviously. Good lord this whole system is broken...
  8. Yes they have already succeeded in doing that. I tried the phone number, it showed up on my recently called list, tried it again, dead-end robomenu all directions. Nothing to do but wait until tomorrow. Just burns me that they have free reign over the account all weekend, but, it is what it is. Thanks for your concern, will definitely report back tomorrow.
  9. Thanks, What mystifies me is given that my email is 2FA and that is required for any password reset to get the reset link (none received), the only way they could get in is if Experian itself were insecure and they could get the password through other means. I'll give that number a try to see if I can get anyone. It seems that they roll up the carpets on the weekend (excepting of course the business sales department whose live person who refused to transfer me got an earful). Will report back. PS- They may have got in but the joke's on them because with 632 and 92% UT, hats off to them if they can successfully get someone to lend them a pen to fill out the application!
  10. Agreed totally Wander, and on Monday once I can get this straightened out, I'm actually going to switch from Experian login to their Gmail option, wherein I do have 2FA; since Experian is seemingly unable to keep their customers' accounts secure.
  11. hegemony, my post was sufficiently clear, plus I stated my specific use case in a follow up post. I don't know why you have to respond to posts with this kind of silly dismissive commentary all the time. Seems like you could find something to snark about with every single thing anyone posts unless they're one of your buddies. Just stop.
  12. I have kind of a different issue. My Experian login has been hacked, twice. I got the email 8:48pm Eastern last night (Friday) of the email address change, and I'm apparently SOL until Monday.
  13. I'm just wondering what things actually make them move, or what if any leverage a sole consumer might have over one of them that they can wield if necessary. If any.
  • Create New...

Important Information