I don't think you quite understand, Tiddlywinks. Put yourself above the stupid error on my file. Look down on the state of the whole database.

Do you really think this thread will be left for all to trawl and stumble upon via Google without being resolved?

And BTW, do stop making yourself look silly with your evergreen eternally daffodilic use of English.

For patanne

Eh, yes I do.

Why? Because you are not as important in the grand scheme of things as you think you are.... I refer again to this.

Just use the processes available - fill in the form indicated by the company rep and then go to the ICO if unresolved.

I mentioned the fantastic quality of a large chunk of 60s and 70s state schooling earlier.

I blame the schooling that beset the 80s and 90s. That was where it became the norm that to be a "swot" was to be hounded and ridiculed for being different, and an ability to blend in with the lowest common denominator and to follow the lead of celebs, monied sorts and wannabes was key to survival.

Such a shame that made its inevitable way into the thinking of a whole generation.

Loadsamoney!!

What are you on....about?

Well glad that I haven't wound you up too far then, goonarmy!

You sound a practical sort of bloke. I am too.

Do you think it is right that someone can guess you are good for a new credit card account from where you live, dip your postbox for a partial name and an address, go online to one of the banks which by chance has done business with you for years, enter a completely fictitious application apart from the partial name and address, and then the bank checks it or registers that data including the wrong date of birth with a CRA and issues a new card. The CRA has loads of data on you already and does not query the wrong date of birth but just adds the new account to the list of all your credit accounts and just marks down your credit score a fraction because you just opened a new account. Then the fraudster intercepts the card and PIN, ges online again and registers for online banking with a completely different email address and mobile phone to the ones you have registered with the bank, and still no-one notices anything wrong until the card is maxed out? Then what? The bank adds a £12 over credit limit charge and sends you a letter to tell you just that. You have never been overlimit in your life. But they send out that letter and just relax. Nothing else.

Meantime the CRAs now have two months records on the account, they can see now it is overlimit, but both entries show green and ok.


As a practical bloke, do you think that it is likely that I am the only one affected by such an experience?

And as a practical bloke, do you not think there must be a horrendous failure in the system for it to happen? Or are you a diagnostics machine every time sort who just whacks in a replacement unit for what the machine tells you and drives away again without a bother about why?

You havent wound me up in the slightest, but i got bored reading your third sentance. Your typings worse than mine and I dont even try! Anyway, no ones looking on the net to sort your problems.

And some advice: dont assume the sex of posters on a forum.

Oh - limited attention span?I think you mean my sentence was too long and your patience was by then thin. OK, if you aren't interested you can take a horse to water, but not make it drink and all that!Oh dear back to put-downs again ... sigh

Oh well, bloke, bloke-ette - Sorr-eee! I must admit I don't know many women who use WTF. Can't say I didn't try to adjust my style a bit though, to see if you might engage.


So, as I was saying, I don't think the 80s and 90s were a good period for developing the kind of enquiring minds that question bad practice - they are more likely to turn on or question anyone amongst them who is a bit different and dares to draw attention to himself above the parapet and try to knock their block off.

However, some of us baby boomers do question bad practice, sometimes with terrier-like tenacity, especially those of us who didn't use our great state educations just to get filthy rich and pull up the drawbridges behind us.

So here I am today, and tomorrow and the day after tomorrow, until the CRAs get it fixed.

I suggest you contact the company, give them full details and ask them to resolve the matter. If they fail to do so make a complaint to the ICO.

ICO will humm and ahhh for a few months, do !!!!!! all, and life continues.



As a side note, life was a hell of a lot easier when computers consisted of nice large mainframes and you required a degree in mathematics to programme them.

The proliferation of data gathering by governments and organisations just for the sake of it is a worrying trend.

In one recent development ovivo mobile now require an actual copy of one of the following

• Deed Poll
• Marriage Certificate
• Civil Partnership Registration Document
• Statutory Declaration
• Divorce Papers
• Dissolved Civil Partnership Papers
• Copy of Entry in Register of Corrections (Scotland only)
• Amended Birth or Adoption Certificate

if you want to change your name on your account. Theres absolutely no need for it.

Indeed. Even the mighty HMRC were happy with a short letter when I changed my name.

I thought I already did?

Full details are as follows:

Experian recklessly accepts incorrect new date of birth data from bank partners on to customer CRA records, doesn't query it, and thus far hasn't cleaned up its database which I am quite logically imagining is full of such instances.

Consequently it means their entire database is open to attacks by serious organised crime. I will tell you how:

The fraudsters successfully open a new credit card account online in anyone's name at that person's known vulnerable address (there are millions of vulnerable postboxes in blocks of flats particularly) but using any old date of birth they fancy. That's the first vulnerability because the bank misses the error and the CRA does not alert the bank of the error either.

The card arrives and they intercept it because the named person is not expecting a new card or PIN.

The fraudsters then go online again and visit a CRA site to obtain an account verifying the first line of security using the card. That is the second vulnerability and we all know it is the third that gets you!

Then if they have sufficient other data e.g. other intercepted post like a mortgage statement and bank statement they may be able to answer maybe 3 out of 4 further security questions correctly and get access to a full credit report in your name. That is a just a question of brute force attack armed with personal data from several sources (as long as 5 years ago bank workers were routinely warned that they might be accosted on their way home or in the pub by criminals willing to offer £1,000 each for limited bits of customer stationery or passwords / dob / mothers maiden name etc.). A proportion of brute force attacks to CRA websites will therefore succeed. Armed with a full CRA report, crimianls are laughing. They can then do enormous damage in a short space of time (thousands of pounds in the space of a week is not uncommon for each mark).

This is why I have raised other issues besides the date of birth fiasco. How is it that Experian demanded documentary evidence of ID on a previous registration attempt but after a given period on the strength of an out of the blue phone call (I can't seem to open an account online - it said to call you) were willing to wipe the previous incomplete registration (where no documentary evidence was ever provided)? How then was I permitted to register again afresh with no documentary evidence ? I think Experian were using data that I had previously input in a failed attempt to register in order to identify me this time for certain. They asked me the memorable word I had input last time. Then they deleted all record of previous attempts and invited me to try again. I did so, and this time I registered with no additional documentary evidence. That is worrying and I have a feeling it may because there was a CIFAS marker last time I tried, but it has dropped off, but I am guessing.

For serious organised crime, it is just a numbers game. Don't imagine the crime bosses delete their failed attempts from their own databases. They retain the personal data they are able to secure on their targets. They may give up on one tact, but then re-use the data for another type of attack a month later or even many months later.

No-one seems to want to be aware of this. It is perhaps too much scare-mongering for the public's appetite.

I am aware of it because it has happened to me and happened to others who live near me.

My full credit report was obtained online by criminals through CallCredit. There was an immediate large scale attack when they obtained it but I managed to closedown the thing sufficiently that they quickly lost interest (for a period). The criminals obtained many thousands of pounds inside a week of getting my credit report then gave up trying for more for a bit.

A month later they used my address for two account takeovers, maybe more. At least I found two credit card statements before the fraudsters intercepted them and I reported them. That was the first that those other victims knew that their accounts had been taken over and by my quick action in contacting their banks their ID was "shored up" as Experian Company Representative likes to put it.

My name and address were then on CIFAS for a year and that probably diverted fraudsters attention to easier pickings for a time, but they didn't forget.

The time came for them to try again. The CIFAS marker had dropped off, certain banks clearly don't check dates of birth or bank account details submitted on credit card apps, and CRAs don't question the inconsistent garbage before they add it to the file.


Can you not see that all this, coupled with general knowledge hereabouts that ID fraud became so rife that IDTheft insurance came and went as its own separate scandal, is a clear pointer that Experian's offer to treat my dob mismatch in splendid isolation is a sick joke?

If Experian do fail to cause my file to be fixed without further prompting by me, I shall certainly make it known to ICO what I think and to FCA too.

Meantime, as I said, we are testing them here, and if when I check the database later on it isn't fixed I shall again say so here.

There is absolutely no reason why an incorrect date of birth should be accepted into their main database whether comedians like Buzby give banks the wrong dob or not. For dob not to be used as a "hard identifier" is to make the whole database unreliable.

The jury is out on whether CRAs are the right people to investigate corrupt data presented to them rather than simply to reject it back to the source, but I say NO they clearly are not the right people as we can see they haven't even the gumption to clean their own data retrospectively. There seems to be no commercial gain for them to do so.

Perhaps we should show them there will be a bigger commercial loss if they do not.

Actually it is not in their financial interests to get this information right. If they could be depended on to get it right then who would pay them to get a credit report? Far fewer people than do currently I'm sure.

Answers in red, again your reply to Danny that rambles on along far too long might not get the responses you hope for. Try to be more concise and maybe listen to advice given, this forum has some thats quite good, on occasion.

I am not sure I started the thread to get advice, but I seem to be getting some anyway.

I think patanne has got the swing of it, and so might a good number of the almost exactly 95% of viewers of this thread who haven't felt the need to add more in a post yet


I mean look at the situation for goodness sakes dear people - a CRA that allows obviously false entries to stand on your records and allows whoever caused them to be put on file to use them again to try to access details of ALL your credit agreements (and by the law of numbers, they will succeed if not on yours, then maybe on mine or the next victims' ...)

How sweet - you think those 95% of readers (strange that you felt compelled to work the figures out and then quote them here) that haven't posted actually agree with you? More likely that they can't be bothered to wade through the rantings.

The CRAs report the information provided by the financial institutions... they purely report, they are not decision makers.

It is the financial institution that facilitates the crime by providing access to your accounts.

You cannot simply match and then amend a data set of personal data the way you would suggest... there are many occasions where someone of the same name, will live at the same address and have a slightly different DOB. In some cultures, the order of the names will be switched depending on circumstances. Cousins born within weeks or months of each other may share the same name.

In order to consider whether a file contains incorrect data, it is quite reasonable to expect that the individual reports this to the CRA as soon as it comes to his attention. The CRA can then review its records accordingly.

Why is that so difficult for you to understand?

Glad to see you engaged and started thinking about it, Tiddlewinks.

Anyway, the debate is running over on another thread under the Compare The Market security discussion at the moment as I think James perhaps didn't want it on the Credit File Forum with Experian in the heading.

1 Negative factors

• You have recently opened 1 or more new credit accounts.

» See more

0 changes since last report

So you started the thread for attention? The attention your getting probbably isnt the attention you require, the advice given, wanted or otherwise, tells you how to achieve this.

Don't be so patronising... you don't know me or what I do as a day job... I don't need you to start me thinking about these issues.

My actual thoughts about your input are probably best left unsaid.

Suffice to say I feel it is you that shows a distinct lack of coherent thought in this matter.

1 Negative factors

• You have recently opened 1 or more new credit accounts. No I didn't. A fraudster did. With an incorrect date of birth. My bank of umpteen years and umpteen products issued it and told my CRA of umpteen years that I am 8½ years younger than they thought I was. They swallowed it and for good measure gave me this negative factor for recently opening a new credit agreement.

0 changes since last report (despite issuing the clean-up invitation to Experian). We live in hope.

» See more ? Tomorrow then.

Why not? Its worked really well so far.

Lord, I suspect the OP is retired with a long and empty road ahead of him. If not, maybe he'll go back to work soon and give his rantings a rest.

You got that right. The OP is a man on a mission, there is little point in trying to engage with him. He will patronise and ignore good advice till the sky turns green. Makes for amusing reading though.