Experian Registered ExperianDataBreach.com in 2009 – Conspiracy Theorists Rejoice
Written by Brad Hayes 10/2/15
It seems that even companies that offer data breach resolution services, can find themselves the victim of a massive intrusion by hackers, isn’t it ironic, don’t ya think, a little too ironic…
I discovered today that Experian, who unfortunately was the recent victim of an attack that has left 15 million T-Mobile customers (or applicants) with their personal information exposed, registered the domain ExperianDataBreach.com all the way back in 2009. CSC Corporate Domain Services is in control of the URL on behalf of Experian. It redirects to a landing page that I’m not entirely sure is really meant for public consumption as there are some obvious issues with it, including references to it being a test page.
Aside from the odd phone number placement, and layout that’s a bit off, there’s this glaring issue below.
You wouldn’t expect to see “Test” or a test content section on an important website for the leader in credit reporting. You certainly can’t help but chuckle at the irony of one of the images found on this page, especially considering the circumstances. That said, this really sucks for consumers, and I’m certain that Experian is going to be moving mountains in order to make it right. They’ve already offered two years of free credit monitoring services to any of the 15 million consumers potentially effected by this.
ExperianDataBreach.com Was Registered How Long Ago?
They not just registered the .Com all the way back in 2009, but they grabbed the .Net as well. So what does this all mean? Well conspiracy theorists will say that this is just evidence that Experian had planned this “data breach” and that there is something “Machiavellian” at play here. Maybe throw in something about the banks working in conjunction with the credit bureaus to tank a large percentage of the US populations credit scores so that fewer people can apply for loans while interest rates are so low… Oh it’s fun to speculate when it isn’t your problem. We shouldn’t do that, cyber intrusions are becoming more and more sophisticated and it was only a matter of time before even one of the big three credit reporting agencies got hit.
In reality, I think Experian, who has a history of not only registering many different combinations of their company name as domain names, but also defending them from “domain squatters”, was simply under the impression that they could use this URL from a marketing perspective. It’s probably a work in progress, which the URL registration sort of indicates, as well as the page within the Experian site where the ExperianDataBreach.com URL redirects to. It looks like the work of a very large, slow moving company, which is a hallmark of most of the companies that fall within the Fortune 500.
Now had they registered ExperianTMobileDataBreach.com all the way back in 2009, then I think the people who wear tinfoil hats and line their walls with copper might actually have a real conspiracy theory. This is nothing more than just an unfortunately ironic coincidence.
For what it is worth, the other two major credit bureaus don’t have the equivalent domains registered. Note to the “domainers” in the readership, I highly suggest you not register them. Equifax and TransUnion are both just as aggressive in filing UDRP and lawsuits against “domain squatters”.
Consumers who have been effected by this, which could be anyone who has become a T-mobile customer or applied to become one from September 1st, 2013 through September 16th, 2015, can get two years of Premium Experian Credit Monitoring Services, which has a nearly $500 value, for free by going to this link.