I got a treeware letter recently from Experian explaining how one of their servers had been hacked and how my private data (name, address, Social Security number, phone number, birth date, etc) was likely obtained by criminal resellers. The letter was a little more euphemistic than that, but that’s basically what Experian was admitting. To make up for this incident, they were offering me a free two-year membership in their “ProtectMyID elite credit monitoring and identity theft resolution services”.
Now, one might, in these circumstances, ask oneself “Why would I want to enroll in an identity protection service offered by the very company that just admitted they compromised my identity when their server got hacked?”
Fortunately, their own FAQ addresses this question forthrightly:
Q: Since Experian was compromised; can it effectively offer credit monitoring?
A: Absolutely. This was an isolated incident of one server and one client’s data. The consumer credit bureau was not accessed in this incident and no other clients’ data was involved.
Well, that makes the decision easy. I don’t blame them for getting hacked — that could happen to anyone. But no way am I trusting my private data to people who use a semicolon where they should use a comma!