Skip to main content

Credit Karma glitch exposed users to other people’s accounts

Several users of credit monitoring site Credit Karmas have complained that they were served other people’s account information when they logged in. Many took to a Reddit thread and complained on Twitter about the apparent security lapse. “First time logging in it gave me my information, but as soon as I refreshed the screen, it […]

Several users of credit monitoring site Credit Karmas have complained that they were served other people’s account information when they logged in.

Many took to a Reddit thread and complained on Twitter about the apparent security lapse.

“First time logging in it gave me my information, but as soon as I refreshed the screen, it gave me someone else’s info,” said one Reddit user. “Refreshed again and bam! someone else’s info — it’s like roulette.” Another user said they logged in and out several times and each time they had “full access to a different random person’s credit file,” they said.

One user told TechCrunch that after they were served another person’s profile, they messaged the user on LinkedIn “to let him know his data was compromised.”

Several screenshots we’ve seen show other people’s accounts, including details about their credit card accounts and their current balance.

At the time of writing, another user told TechCrunch that the login pages were down. “We’ll be right back,” the website read.

Credit Karma spokesperson Emily Donohue denied there was a data breach, but when asked would not say how many customers were affected.

“What our members experienced this morning was a technical malfunction that has now been fixed. There is no evidence of a data breach,” the statement said.

The company didn’t say for how long customers were experiencing issues.

Credit Karma offers customers free credit score monitoring and reports. The company allows users to check their scores against several major credit agencies, including Equifax, which last month was fined at least $575 million for a 2017 data breach.

FTC slaps Equifax with a fine of up to $700M for 2017 data breach

Data & News supplied by www.cloudquote.io
Stock quotes supplied by Barchart
Quotes delayed at least 20 minutes.
By accessing this page, you agree to the following
Privacy Policy and Terms and Conditions.