Experian API Flaw Raises Questions : comparemela.com

BankInfoSecurity
DougOlenick) •
April 29, 2021    
Get Permission
Some security experts are questioning whether Experian is doing enough to ensure security after a researcher discovered that an API the credit reporting firm uses to allow lenders to check the credit score of prospective borrowers could expose customer's scores.
While visiting one lender's website, Bill Demirkapi, a student at the Rochester Institute of Technology who's a threat researcher, discovered the API issue, he told Krebs on Security. The vulnerability on that website, which Experian says it has since fixed, allowed someone to look up another person's credit score and some additional financial history by inputting their name, address and date of birth. But Demirkapi says he had to enter the birthdate as all zeroes to exploit the vulnerability.

Related Keywords

South Africa , New York , United States , Rochester Institute Of Technology , South African , Sean Nikkel , Austin Berglas , Improvementsdoug Olenick Dougolenick , Tom Garrubba , Sandy Carielli , Twitter , Information Security Media Group , African Banking Risk Information Center , Experian , Application Security , Fraud Management , Fraud Risk , Raises Questionscybersecurity Experts Call , Systemic Improvementsdoug Olenick , Bill Demirkapi , Rochester Institute , Shared Assessments , Experian Hack Slamst Mobile Customers , South African Banking Risk Information Center , Experian Breach , South Africa Affects , புதியது யார்க் , ஒன்றுபட்டது மாநிலங்களில் , ரோசெஸ்டர் நிறுவனம் ஆஃப் தொழில்நுட்பம் , ட்விட்டர் , தகவல் பாதுகாப்பு மீடியா குழு , ஆய்வாளர் , விண்ணப்பம் பாதுகாப்பு , மோசடி மேலாண்மை , மோசடி ஆபத்து , ரோசெஸ்டர் நிறுவனம் , பகிரப்பட்டது மதிப்பீடுகள் , ஆய்வாளர் மீறல் ,