A global cyber fraud operation is thought to be behind what may be the biggest credit data breach ever reported, eclipsing the 2007 TJX breach that compromised the data of 45 million customers.
The breach occurred on the internal computer network of Heartland Payment Systems, a major payment processing company that processes 100 million transactions each month from about 250,000 businesses nationwide.
How did this happen?
After a customer swipes a credit or debit card, the information is then transmitted to obtain authorization from a bank or payment company. During this brief transmission, the data is unencrypted. "Sniffer" software, which may have been installed on Heartland's network as far back as May 2008, captured card numbers, expiration dates, and some cardholder names and internal bank codes during this authorization period. Personal security codes are not believed to have been compromised.
What credit and debit cards are impacted?
Visa, MasterCard, Discover and American Express customers are vulnerable.
How many people could be affected?
An exact number of compromised customers is not available; however, according to a report in the New York Times, 600 million or more cardholders might be affected.
When was this breach discovered?
The breach was discovered last week by a forensic investigator following inquiries by Visa and MasterCard of suspicious activity surrounding processed card transactions.
What remedies do customers have?
Heartland has set up a Web site to provide updates to customers about the incident: www.2008breach.com. Cardholders are not responsible for unauthorized fraudulent charges made by third parties. The United States Secret Service and the Department of Justice are actively involved
Please review your credit card statements carefully each month for any charges that you don't recognize.
Showing posts with label data breach. Show all posts
Showing posts with label data breach. Show all posts
Wednesday, January 21, 2009
Tuesday, July 8, 2008
Thieves Steal Gas With Stolen Sweetbay/Hannaford Customer Credit Cards
With gas prices floating over $4 a gallon and diesel approaching $5 a gallon, fuel is a valuable commodity that is attracting thieves along the East Coast.
The arrest of five Florida men who drove pickup trucks with hidden gas tanks that could hold up to 1,000 gallons of fuel brought to light a disturbing trend – the use of stolen credit card numbers to purchase excessive quantities of fuel at gas stations in several states. Murphy Oil, which runs Wal-Mart gas stations, reported losses of $1 million in one month as a result of similar gas thefts.
New cases involving the 4.2 million stolen credit and debit card numbers from the recent Hannaford/Sweetbay breach are being investigated as the crooks continue to try to convert the stolen numbers to cash.
If you used a credit or debit card at Sweetbay or Hannaford stores between Dec. 7 and March 10, keep a close eye on your bank or credit card statements and immediately challenge any purchases that are not yours.
The arrest of five Florida men who drove pickup trucks with hidden gas tanks that could hold up to 1,000 gallons of fuel brought to light a disturbing trend – the use of stolen credit card numbers to purchase excessive quantities of fuel at gas stations in several states. Murphy Oil, which runs Wal-Mart gas stations, reported losses of $1 million in one month as a result of similar gas thefts.
New cases involving the 4.2 million stolen credit and debit card numbers from the recent Hannaford/Sweetbay breach are being investigated as the crooks continue to try to convert the stolen numbers to cash.
If you used a credit or debit card at Sweetbay or Hannaford stores between Dec. 7 and March 10, keep a close eye on your bank or credit card statements and immediately challenge any purchases that are not yours.
Friday, April 25, 2008
LendingTree.com: "When Banks Compete, Your Identity May Be at Risk…"
LendingTree, an online leads company that purports to help consumers shop around for the best mortgage deals, recently admitted in a letter to customers that some of their former employees helped unauthorized mortgage lenders hack into their databases. Customer information collected between 2006 and 2008 – including personal data often used to conduct identity theft, such as name, address, Social Security number, income and employment information – was stolen.
While they say the information was merely used to market mortgage loans, not to commit identity theft, the fact remains that LendingTree's lax security measures contributed to a significant data breach that may very well increase the likelihood that their customers will become identity theft victims.
According to the letter, LendingTree did not disable the passwords of their former employees, some of whom shared the confidential login information with unauthorized lenders who then tapped into the databases to "access LendingTree's customer loan request forms."
LendingTree's Response
LendingTree would not confirm the number of customers affected, and is not offering much in the way of compensation or solutions. They recommended that their customers use their "free annual credit report" benefit to check their credit report for any suspicious activity and monitor their credit reports for the next 24 months.
LendingTree also has filed lawsuits against three small home loan companies based in California in connection with the data breach.
Criticism of LendingTree Practices
Much criticism has been leveled against the leads company for the way it conducts business. Some customers claim that when they selected to have four lenders review their application, LendingTree actually sent it to 10… or more.
Other consumers reported that they started the application process, but changed their minds mid-way. Yet LendingTree sold their incomplete applications – and they started getting bombarded with calls.
"I have worked for 2 big mortgage companies and a broker," wrote one mortgage broker. "I've learned that LendingTree not only sells your information to 2 or 3 lenders, they sell it to other small lenders and broker shops. And then after a while, they resell your information again so they can have continuous profit. If you ever applied with LendingTree, make sure that you have read the Terms & Agreement. They sell it to anyone that can possibly help you."
Some complained that they had so many inquiries generated on their credit reports that their credit score dropped by 60-100 points. Hard inquiries are inquiries where a potential lender is reviewing your credit because you've applied for credit with them. These include credit checks when you've applied for an auto loan, mortgage or credit card. Each of these types of credit checks count as a single inquiry. One exception occurs when you are "rate shopping". That's a smart thing to do, and your FICO score considers all inquiries within a 2 week period for an auto or mortgage as a single inquiry.
However, because LendingTree doesn't just sell information to a handful of lenders one time – they sell them repeatedly over a long period of time – this can, in fact, contribute to a decreased credit score.
Jackie Story – Are You Out There?
For four years, your Credit Mama has fielded phone calls from mortgage brokers and call centers all over the world looking for "Jackie Story." Apparently Jackie Story used to have my cell phone number. It didn't take long for me to figure out that she used LendingTree to apply for a mortgage or refinance. What did surprise me, though, was the sheer number of phone calls I received long after the first few rolled in.
At some point I finally started telling the callers that they had wasted their money by purchasing very old, very useless leads. I still wonder, though, if Jackie Story ever got that low interest rate she was looking for, and if her credit has been negatively impacted by all of the people who received her original application and tried to process it.
It's Not Just LendingTree
What many people don't know is that your information can also be purchased from the credit bureaus. "Trigger leads" – leads generated when you apply for a mortgage – plague mortgage brokers. When you apply for a mortgage, your phone number and address are sold by the credit bureaus to other mortgage companies. That's why many applicants begin receiving volumes of solicitations from companies they have never heard of.
Be wary of any lead company, such as LendingTree.com or LowerMyBills.com. And if you do not wish to receive pre-approved or pre-screened offers for credit or insurance, the Fair Credit Reporting Act allows you to "opt out" of receiving them. To opt-out, call toll free to 1-888-567-8688 or visit optoutprescreen.com.
While they say the information was merely used to market mortgage loans, not to commit identity theft, the fact remains that LendingTree's lax security measures contributed to a significant data breach that may very well increase the likelihood that their customers will become identity theft victims.
According to the letter, LendingTree did not disable the passwords of their former employees, some of whom shared the confidential login information with unauthorized lenders who then tapped into the databases to "access LendingTree's customer loan request forms."
LendingTree's Response
LendingTree would not confirm the number of customers affected, and is not offering much in the way of compensation or solutions. They recommended that their customers use their "free annual credit report" benefit to check their credit report for any suspicious activity and monitor their credit reports for the next 24 months.
LendingTree also has filed lawsuits against three small home loan companies based in California in connection with the data breach.
Criticism of LendingTree Practices
Much criticism has been leveled against the leads company for the way it conducts business. Some customers claim that when they selected to have four lenders review their application, LendingTree actually sent it to 10… or more.
Other consumers reported that they started the application process, but changed their minds mid-way. Yet LendingTree sold their incomplete applications – and they started getting bombarded with calls.
"I have worked for 2 big mortgage companies and a broker," wrote one mortgage broker. "I've learned that LendingTree not only sells your information to 2 or 3 lenders, they sell it to other small lenders and broker shops. And then after a while, they resell your information again so they can have continuous profit. If you ever applied with LendingTree, make sure that you have read the Terms & Agreement. They sell it to anyone that can possibly help you."
Some complained that they had so many inquiries generated on their credit reports that their credit score dropped by 60-100 points. Hard inquiries are inquiries where a potential lender is reviewing your credit because you've applied for credit with them. These include credit checks when you've applied for an auto loan, mortgage or credit card. Each of these types of credit checks count as a single inquiry. One exception occurs when you are "rate shopping". That's a smart thing to do, and your FICO score considers all inquiries within a 2 week period for an auto or mortgage as a single inquiry.
However, because LendingTree doesn't just sell information to a handful of lenders one time – they sell them repeatedly over a long period of time – this can, in fact, contribute to a decreased credit score.
Jackie Story – Are You Out There?
For four years, your Credit Mama has fielded phone calls from mortgage brokers and call centers all over the world looking for "Jackie Story." Apparently Jackie Story used to have my cell phone number. It didn't take long for me to figure out that she used LendingTree to apply for a mortgage or refinance. What did surprise me, though, was the sheer number of phone calls I received long after the first few rolled in.
At some point I finally started telling the callers that they had wasted their money by purchasing very old, very useless leads. I still wonder, though, if Jackie Story ever got that low interest rate she was looking for, and if her credit has been negatively impacted by all of the people who received her original application and tried to process it.
It's Not Just LendingTree
What many people don't know is that your information can also be purchased from the credit bureaus. "Trigger leads" – leads generated when you apply for a mortgage – plague mortgage brokers. When you apply for a mortgage, your phone number and address are sold by the credit bureaus to other mortgage companies. That's why many applicants begin receiving volumes of solicitations from companies they have never heard of.
Be wary of any lead company, such as LendingTree.com or LowerMyBills.com. And if you do not wish to receive pre-approved or pre-screened offers for credit or insurance, the Fair Credit Reporting Act allows you to "opt out" of receiving them. To opt-out, call toll free to 1-888-567-8688 or visit optoutprescreen.com.
Wednesday, March 19, 2008
Sweetbay Supermarket Latest Data Breach Victim
Another day, another data breach. This one affects more than 4 million Sweetbay/Hannaford customers in New England, New York and Florida who used their credit or debit cards between Dec. 7, 2007 and March 10, 2008.
The breach was discovered in late February when a payment card clearinghouse notified Hannaford of an unusual number of payment card transactions. Hannaford transmits its data over phone lines and uses encrypted wireless communications to transmit numbers inside its stores. The hackers snatched the credit/debit card data sometime between when the customers swiped their cards in the reader at the register and when those transactions were approved.
According to news reports, Hannford's security measures met industry standards with regard to how data is stored and maintained (unlike the TJX breach, which was blamed on lax security). Experts are anticipating that this may be just the first of many cases to surface this year wherein the affected retailer was hacked even though it appeared to be following all of the security rules laid out by the credit card associations.
Cybertrust's Bryan Sartin said,
Each of you should be regularly reviewing your financial institution and credit card statements, and immediately contacting your credit card company or issuing bank with any questions or concerns about individual charges. If you are concerned that your credit/debit card data has been compromised, you may file a fraud alert on your credit report by calling one (just one) of the three major credit bureaus:
Equifax: 1-800-525-6285
Experian: 1-888-397-3742
TransUnion: 1-800-680-7289
The fraud alert is good for 90 days. Once you place a fraud alert on your credit report, you will receive information via mail about ordering one free credit report from each of the companies. You may want to wait a month before ordering the report as it may take some time for suspicious activity to appear on the report.
The breach was discovered in late February when a payment card clearinghouse notified Hannaford of an unusual number of payment card transactions. Hannaford transmits its data over phone lines and uses encrypted wireless communications to transmit numbers inside its stores. The hackers snatched the credit/debit card data sometime between when the customers swiped their cards in the reader at the register and when those transactions were approved.
According to news reports, Hannford's security measures met industry standards with regard to how data is stored and maintained (unlike the TJX breach, which was blamed on lax security). Experts are anticipating that this may be just the first of many cases to surface this year wherein the affected retailer was hacked even though it appeared to be following all of the security rules laid out by the credit card associations.
Cybertrust's Bryan Sartin said,
"[We have] found with a number of very recent compromises that attackers have seized control over the very terminals that control cash registers or point-of-sale systems within a retail store, or the server through which all registers connect to pass transaction data out across the Internet to the store's payment processor." Once these systems have been compromised, the attackers typically eavesdrop on the network using "sniffer" programs that can extract credit and debit card data as it moves across the wire, before it even leaves the store's network.Kevin Mandia, president of Mandiant Corp., a company that specializes in investigating data breaches, said, "We're seeing at least two new companies a week discovering that they've lost credit card numbers, and at the rate we're going [the criminals] are going to exhaust U.S. retailers as targets.."
To date, about 2,000 cases of fraud have been reported in the Hannaford/Sweetbay breach. The company is asking that consumers contact them with questions or information about their data being used fraudently at 866-591-4580.
Each of you should be regularly reviewing your financial institution and credit card statements, and immediately contacting your credit card company or issuing bank with any questions or concerns about individual charges. If you are concerned that your credit/debit card data has been compromised, you may file a fraud alert on your credit report by calling one (just one) of the three major credit bureaus:
Equifax: 1-800-525-6285
Experian: 1-888-397-3742
TransUnion: 1-800-680-7289
The fraud alert is good for 90 days. Once you place a fraud alert on your credit report, you will receive information via mail about ordering one free credit report from each of the companies. You may want to wait a month before ordering the report as it may take some time for suspicious activity to appear on the report.
Thursday, March 13, 2008
Another Victim of the Housing Market Meltdown: Your Privacy
During the recent housing bubble, millions of Americans purchased or refinanced their homes with mortgage lenders throughout the country. With the implosion of the housing market, many of these mortgage shops closed their doors permanently.
It probably occurred to very few applicants that their files -- loaded with all kinds of personal data, from Social Security numbers and bank statements to tax returns, retirement accounts and credit reports -- would ever be in danger. Yet the records of thousands have been compromised - and not from a gang of thieves breaking into these offices. It seems that once the business is shut down, some mortgage lenders are simply disposing of all these paper records in public dumpsters. According to MSNBC:
The breaches leave thousands of consumers at risk for identity theft. For former customers of now-defunct lenders, there isn't much recourse. The best safeguard is vigilant monitoring of your credit report.
It probably occurred to very few applicants that their files -- loaded with all kinds of personal data, from Social Security numbers and bank statements to tax returns, retirement accounts and credit reports -- would ever be in danger. Yet the records of thousands have been compromised - and not from a gang of thieves breaking into these offices. It seems that once the business is shut down, some mortgage lenders are simply disposing of all these paper records in public dumpsters. According to MSNBC:
- First Magnus Financial Corp., one of the nation’s largest mortgage lenders whose headquarters was one of the biggest employers in Tucson, Ariz., threw away thousands of mortgage loan records in an unlocked trash dumpster in Ft. Lauderdale, Fla.
- The records of hundreds of former customers of the defunct Alpha Mortgage Services were left in a recycling bin behind a grocery store in Toledo.
- After Union Mortgage Services of Ohio shut down last month, confidential files on hundreds of people were thrown out in a dumpster behind a pizza shop in Cleveland.
- American United Mortgage Co. of Northbrook, Ill., left hundreds of borrowers’ financial documents in an unlocked dumpster, many of them in open trash bags.
- Sheriff’s deputies in DeKalb County, Ga., outside Atlanta, found the mortgage records of at least 1,200 former customers of Ameriquest Mortgage Co. in a dumpster behind an apartment complex in October, two years after the company, once one of the nation’s biggest subprime lenders, went out of business.
- In Honolulu last year, a handyman hired by the former president of the defunct Fidelity Escrow Services dumped 39 boxes of financial records in a recycling bin.
The breaches leave thousands of consumers at risk for identity theft. For former customers of now-defunct lenders, there isn't much recourse. The best safeguard is vigilant monitoring of your credit report.
Tuesday, March 4, 2008
Attention TJ Maxx and Marshall's Shoppers!
If you made purchases or returned items at TJX Cos. such as T.J. Maxx, Marshalls, HomeGoods, A.J. Wright, Winners and HomeSense, you may be entitled to compensation.
Notices are just now beginning to go out to millions of customers who may have been affected by the largest data breach in history. Last year, TJX disclosed that information from nearly 46 million debit and credit cards was stolen by hackers, and that nearly a half million people who returned items without their receipts may have had personal data (such as driver's license numbers) stolen. Court filings by banks that are suing TJX indicate a much bigger breach, saying that more than 100 million cards may have been compromised.
The breach is believed to have begun in mid-2005 but wasn't detected until December 2006. The stolen information covers transactions dating as far back as December 2002.
Customers who believe their personal financial data was stolen or put at risk, and believe they were harmed, can join the class action lawsuit. They can send in a claim form to ask for benefits if they are eligble, ask to be excluded from the settlement (if they provide notice by June 24) or object to the terms.
Terms of the proposed settlement
TJX will offer vouchers to customers who show they shopped at TJX stores in the U.S., Canada and Puerto Rico — except Bob's Stores — during the breach and incurred costs.
TJX also will provide three years of credit monitoring and identity theft insurance to certain customers who returned merchandise without a receipt and were sent letters notifying them that their driver's license or other identification information may have been compromised.
For more information, call toll-free to 1-866-523-6770 or visit http://www.tjxsettlement.com/.
Notices are just now beginning to go out to millions of customers who may have been affected by the largest data breach in history. Last year, TJX disclosed that information from nearly 46 million debit and credit cards was stolen by hackers, and that nearly a half million people who returned items without their receipts may have had personal data (such as driver's license numbers) stolen. Court filings by banks that are suing TJX indicate a much bigger breach, saying that more than 100 million cards may have been compromised.
The breach is believed to have begun in mid-2005 but wasn't detected until December 2006. The stolen information covers transactions dating as far back as December 2002.
Customers who believe their personal financial data was stolen or put at risk, and believe they were harmed, can join the class action lawsuit. They can send in a claim form to ask for benefits if they are eligble, ask to be excluded from the settlement (if they provide notice by June 24) or object to the terms.
Terms of the proposed settlement
TJX will offer vouchers to customers who show they shopped at TJX stores in the U.S., Canada and Puerto Rico — except Bob's Stores — during the breach and incurred costs.
TJX also will provide three years of credit monitoring and identity theft insurance to certain customers who returned merchandise without a receipt and were sent letters notifying them that their driver's license or other identification information may have been compromised.
For more information, call toll-free to 1-866-523-6770 or visit http://www.tjxsettlement.com/.
Friday, January 18, 2008
650,000 Affected in Latest Credit Data Breach
In yet another case of sensitive data becoming MIA (missing in action), the personal information of 650,000 people, including names, addresses, account numbers, Social Security numbers, and other information, was comprised when GE Money Americas and its backup storage vendor, Iron Mountain, lost an unencryted backup tape.
The backup tape contained data on customers for JC Penney and up to 100 other retail store customers.
GE Money alerted the New Hampshire Attorney General's office of this security breach on Dec. 28, 2007. According to their notice, the tape was checked into Iron Mountain's secure facility and never checked out, but a search of Iron Mountain's premises and theirs has been unable to locate it.
It is hard to assess if the information on the missing tape is being used inappropriately or whether it will be misused in the future. GE Money is offering 12 months of credit monitoring for those persons that had Social Security numbers on the lost tape.
As anyone familiar with the TJ Maxx data breach knows, 12 months is a short blip in the lifespan of sensitive personal data like Social Security numbers. It becomes the consumer's burden to regularly and consistently check his or her credit report for possible identity theft issues. If you fear that your personal identifiable information has been compromised, you can elect to implement a "freeze" on your credit.
To contact GE Money, call toll-free Monday through Friday, 9:00 am to 7:00 pm EST, at 1-866-913-6690.
The backup tape contained data on customers for JC Penney and up to 100 other retail store customers.
GE Money alerted the New Hampshire Attorney General's office of this security breach on Dec. 28, 2007. According to their notice, the tape was checked into Iron Mountain's secure facility and never checked out, but a search of Iron Mountain's premises and theirs has been unable to locate it.
It is hard to assess if the information on the missing tape is being used inappropriately or whether it will be misused in the future. GE Money is offering 12 months of credit monitoring for those persons that had Social Security numbers on the lost tape.
As anyone familiar with the TJ Maxx data breach knows, 12 months is a short blip in the lifespan of sensitive personal data like Social Security numbers. It becomes the consumer's burden to regularly and consistently check his or her credit report for possible identity theft issues. If you fear that your personal identifiable information has been compromised, you can elect to implement a "freeze" on your credit.
To contact GE Money, call toll-free Monday through Friday, 9:00 am to 7:00 pm EST, at 1-866-913-6690.
Wednesday, December 19, 2007
Put a Freeze on Identity Thieves
Earlier this year, the parent company of TJ Maxx disclosed that information from nearly 46 million credit and debit cards was stolen by hackers - the biggest data breach in history. The stolen information covers transactions dating as far back as December 2002.
The company, which also owns Marshall's and other stores in the U.S. and U.K., revealed that an additional 455,000 customers who returned merchandise without their receipts also had their personal data stolen, including driver's license numbers.
Identity theft is one of the world's fastest growing crimes. A report issued in March by Gartner banking security analyst Avivah Litan estimates 15 million Americans will become victims of identity theft in 2007, up 50% from 2005. Average loss: $3,257 in 2006, up from $1,408 in 2005. With new state laws now requiring the reporting of data breaches, more than 500 incidents of such losses have been reported since February 2005 - losses involving more than 155 million records.
Fifteen percent of identity theft cases involve the opening of new accounts. Criminals use stolen information to open credit card and cell phone accounts, take out loans, and pay medical bills. The victims are left with a corrupted credit history that can take years to correct - and suffer with higher interest rates until their files are cleared.
Consumer advocates and even state governments have been advocating for greater consumer protection in the form of a credit "freeze." Put simply, a freeze prevents the credit bureaus (Experian, Equifax and TransUnion) from releasing your credit report to lenders. Because few lenders will issue credit without this information, it is a good deterrent.
Not surprisingly, this did not sit well with the bureaus, whose core business is making money by selling credit report data. The Big Three issue billions of credit reports each year, amounting to a combined annual revenue of more than $4 billion.
The Center for Responsive Politics reports that the Consumer Data Industry Association (which serves the interests of the credit bureaus) spent $1.4 million on federal lobbying in 2006, trying to fight consumer-ordered freezes and working hard to convince politicians that identity theft wasn't as big an issue as people thought. (Tell THAT to anyone who shopped at TJ Maxx!)
With growing pressure on legislators to enact consumer protection laws, TransUnion decided to offer a file freeze in all 50 states and D.C. this past October. The other two bureaus soon followed.
All three credit bureaus must be contacted for a full credit freeze. Costs are typically free for identity theft victims, and generally $10 or less for non-victims (depending on the state) each time you "freeze" or "unfreeze". This does mean that you will have to unfreeze your file each time you wish to apply for credit - but the increased protection from identity thieves is often worth it.
The company, which also owns Marshall's and other stores in the U.S. and U.K., revealed that an additional 455,000 customers who returned merchandise without their receipts also had their personal data stolen, including driver's license numbers.
Identity theft is one of the world's fastest growing crimes. A report issued in March by Gartner banking security analyst Avivah Litan estimates 15 million Americans will become victims of identity theft in 2007, up 50% from 2005. Average loss: $3,257 in 2006, up from $1,408 in 2005. With new state laws now requiring the reporting of data breaches, more than 500 incidents of such losses have been reported since February 2005 - losses involving more than 155 million records.
Fifteen percent of identity theft cases involve the opening of new accounts. Criminals use stolen information to open credit card and cell phone accounts, take out loans, and pay medical bills. The victims are left with a corrupted credit history that can take years to correct - and suffer with higher interest rates until their files are cleared.
Consumer advocates and even state governments have been advocating for greater consumer protection in the form of a credit "freeze." Put simply, a freeze prevents the credit bureaus (Experian, Equifax and TransUnion) from releasing your credit report to lenders. Because few lenders will issue credit without this information, it is a good deterrent.
Not surprisingly, this did not sit well with the bureaus, whose core business is making money by selling credit report data. The Big Three issue billions of credit reports each year, amounting to a combined annual revenue of more than $4 billion.
The Center for Responsive Politics reports that the Consumer Data Industry Association (which serves the interests of the credit bureaus) spent $1.4 million on federal lobbying in 2006, trying to fight consumer-ordered freezes and working hard to convince politicians that identity theft wasn't as big an issue as people thought. (Tell THAT to anyone who shopped at TJ Maxx!)
With growing pressure on legislators to enact consumer protection laws, TransUnion decided to offer a file freeze in all 50 states and D.C. this past October. The other two bureaus soon followed.
All three credit bureaus must be contacted for a full credit freeze. Costs are typically free for identity theft victims, and generally $10 or less for non-victims (depending on the state) each time you "freeze" or "unfreeze". This does mean that you will have to unfreeze your file each time you wish to apply for credit - but the increased protection from identity thieves is often worth it.
Subscribe to:
Posts (Atom)
