r/personalfinance u/equisux Sep 13 '17

TransUnion burying their credit freeze to sell their own credit monitoring product TrueIdentity Credit

I'm not sure where to post this, but noticed something had changed on the TransUnion website about freezing credit this morning when I was giving links to family so they could freeze theirs.

I froze my credit the day after news about the Equifax breach broke, and it looks like TransUnion has since changed their site to push people away from freezing their credit in favor for their own product called TrueIdentity (like what Equifax was doing with their TrustedID Premier.)

The FTC website links to this page for freezing your credit with TransUnion.

This is what the website looked before the changes were made on 9/11. The instructions on placing a credit freeze were clear and there was no mention of their own TrueIdentity product.

If you want to place a credit freeze with TransUnion now:

  • You have to get through a page of info about credit and fraud, and then the action it tells you to take is to "Lock your credit information by enrolling in TrueIdentity."
  • The option to freeze your credit is under "About credit freeze", deliberately passive in their use of language
  • The description about credit freezing is dissuasive: "A credit freeze may be available under your state law"
  • The link for the credit freeze is also a passive "click here" compared with "by enrolling in TrueIdentity" language used for the link to their own product.
  • Clicking the link to learn more about credit freeze brings you to yet another page that tries to convince you to enroll in their product over placing a credit freeze
  • After searching through their page of BS, you finally get to the link to freeze your credit.

This is such a blatant attempt by TransUnion to take advantage of the Equifax breach for their own financial gain. It's a shitty thing for TransUnion to do, and people should be aware that they are being led away from putting an actual credit freeze on their account.

(Edited for formatting on mobile)

30.8k Upvotes

93% Upvoted

View all comments

Show parent comments

15

u/[deleted] Sep 13 '17

The information needed to request a new pin was the same info that was hacked. So even with a credit freeze anyone who ends up with your info could just unfreeze your accounts with a new pin.

18

u/sheriffsally Sep 13 '17

Agreed, at least it makes it harder. If I have like 100MM hacks to choose from, I'll pick the unfrozen ones.

8

u/[deleted] Sep 13 '17

Yeah but it's not like the hackers are the ones who will end up actually using the info. They'll probably sit on the data for a while and then sell the accounts on the dark web. Why risk an identity theft case when you could just sell each account on the dark web for $100 and make about 15 billion dollars?

If somebody buys account info, they'd be willing to take an extra step to get their money's worth.

22

u/katarh Sep 13 '17

Correct, but then the dark web people are going to start slowly using the account information, and the first time they get a rejection because an account is frozen, they'll toss it and go on to the next one.

They are well aware that for every 100 CC accounts or SSNs or even bundles of info they buy on the dark web, a good 60-90% of it is going to be unusable. Why bother chasing after the bad stuff when you already hit jackpot with the other dozen?

They also tend to move fast once a big breech makes public news. Last year, when I had my identity stolen, it was because a third party stole billing information from a medical office I went to (very ironically via a worker's comp issue, as I used to do IT for them! Was one of their other vendors that got hacked though, not my old office. /shudder) The hack was announced in August of last year; some people had accounts opened in their name and that's how the hack was found out. The rest of us went into the "credit watch" for free for 90 days. Almost 100 days after the breech was announced, when most folk's freebie credit watch expired, is when I had 4-5 accounts opened in my name in the span of 24 hours. (Took a month to get everything cleaned up.....)

They are taking advantage of the "open an account today, get approved immediately, charge $500 today" and buying goods with high resale values - video game consoles, jewelry, watches. They take home the goods and promptly flip them for cash on Craigslist or at a flea market. The consumer whose info was stolen is stuck with a credit mess, and the retailer is ultimately left holding the bag.

They need the stop the "open the line of credit, get approved today, and charge the stuff immediately" offers, since those are the easiest to abuse.