Remember thr Equifax breach?

On the heels of the Equifax breach, we’ve had several months of renewed media focus on our (lack of) data privacy. And what we can do about it.

We recently pointed out some financial institutions that did a good job making customers aware of the Equifax issues and basic techniques for monitoring their credit reports (see previous post, and CBC National Bank screenshot above).

But most FIs have seemingly washed their hands of the whole mess, pointing customers to Equifax’s breach response site (which has had its own litany of woes) where they are expected to figure out what to do on their own.

We as industry, owe our customers far more than that, especially since much of the compromised data came from FIs in the first place.

It’s been almost 2 months since the Equifax debacle become public. Finally, last week I received an email (see below) from someone actively trying to help me understand my exposure and more importantly, do something about it. And it came from none other than Credit Karma, who mission is to help consumers understand their credit, and save money using it wisely.

Credit Karma Breach Education email to existing customers (26 Oct 2017)

How it works
  1. Head to Credit Karma’s ID monitoring landing page¬†(screenshot #1)
  2. Enter your email address
  3. Receive a list of data breaches associated with your email address (screenshot #2)
  4. Read about the breaches and find out what of your personal info was compromised
  5. Follow action steps to shore up your defenses against this specific breaches and improve security in general

Bottom line: Every bank, credit union, card issuer and broker should provide this level of security UX service, at a minimum, to customers.

Even better, create fee-based security protections so customers with the most security concerns can purchase peace of mind on an ongoing basis. There are several third parties, including Credit Karma, that can help.

Screenshot #1: Credit Karma breach inquiry landing page

#2: Results of email address search

#3: Detailed info on each breach and action recommendations