{"took":102,"timed_out":false,"_shards":{"total":5,"successful":5,"skipped":0,"failed":0},"hits":{"total":{"value":19,"relation":"eq"},"max_score":null,"hits":[{"_index":"complaint-public-v1","_id":"23268429","_score":21.104908,"_source":{"product":"Credit card","complaint_what_happened":"I am filing this complaint against Barclays due to their persistent failure to stop mailing unsolicited, blank balance transfer checks to my home address, creating a severe and ongoing risk of financial identity theft and mail fraud. \n\nIn XX/XX/year>, my wife and I contacted Barclays customer service via telephone to explicitly request that all blank convenience checks and promotional mail offers be permanently stopped. The Barclays representative successfully verified my wife 's identity and verbally confirmed that the system would be updated to disable these mailings. The representative stated that the opt-out process could take up to XXXX days to fully take effect. \n\nThe XXXX window has completely lapsed, yet Barclays has failed to comply with our request. We have continued to receive blank, fully actionable balance transfer checks in the mail every single month since our call, including the current month of XX/XX/year>. \n\nBy continuing to send unauthorized, blank financial instruments containing our account and routing information through the postal system against our express directives, Barclays is actively compromising our financial security and exposing us to interceptive mail theft.","date_sent_to_company":"2026-06-16T19:41:58.000Z","issue":"Other features, terms, or problems","sub_product":"General-purpose credit card or charge card","zip_code":"75068","tags":null,"has_narrative":true,"complaint_id":"23268429","timely":"Yes","company_response":"Closed with explanation","submitted_via":"Web","company":"BARCLAYS BANK DELAWARE","date_received":"2026-06-16T19:26:19.000Z","state":"TX","company_public_response":"Company has responded to the consumer and the CFPB and chooses not to provide a public response","sub_issue":"Privacy issues"},"highlight":{"complaint_what_happened":["By continuing to send <em>unauthorized</em>, blank financial instruments containing our account and routing information through the postal system against our express directives, Barclays is actively compromising our financial security and exposing us to <em>interceptive</em> mail <em>theft</em>."]},"sort":[21.104908,"23268429"]},{"_index":"complaint-public-v1","_id":"21628102","_score":20.266273,"_source":{"product":"Credit card","complaint_what_happened":"I am submitting a complaint regarding unsolicited super checks / convenience checks mailed by Wells Fargo in connection with my credit card account. I established this credit line approximately 21 years ago and, to my knowledge, I never authorized the production or issuance of super checks on my account. \n\nThe production and mailing of these checks compromises the security of my account because the routing number and account number are printed at the bottom of the checks, and these checks were produced and mailed without my knowledge or consent. In addition, this appears to be a potentially predatory lending practice, as these checks provide no benefit to me as the consumer. \n\nI did not request, authorize, or consent to receiving these checks. Wells Fargo nevertheless sent negotiable checks tied to my available credit line through the mail and without a credit limit on the checks potentially opening me up to further liability on the account. \n\nI believe this practice creates unnecessary security and consumer protection risks. Mailing live negotiable instruments linked to a credit account increases the risk of theft, interception, fraud, unauthorized use, or misuse if the checks are lost or stolen. It also encourages high-interest debt through unsolicited access to credit. \n\nI am particularly concerned that this product was issued without my affirmative request or prior approval. I view the unsolicited mailing of credit-access checks as an unfair and potentially predatory lending or marketing practice, especially where consumers may not fully appreciate the fees, APR, balance-transfer terms, cash-advance treatment, or fraud risks associated with using such checks.\n\nI previously raised this issue directly with Wells Fargo through its internal complaint process. Despite that, I am seeking regulatory review of whether this practice is consistent with fair consumer treatment and adequate account-security standards.\n\nI also request that the CFPB review whether Wells Fargos unsolicited issuance of these checks may constitute an unfair, deceptive, or abusive practice, particularly where consumers did not request the product and where security risks are shifted to the consumer.","date_sent_to_company":"2026-04-27T15:35:50.000Z","issue":"Advertising and marketing, including promotional offers","sub_product":"General-purpose credit card or charge card","zip_code":"95120","tags":null,"has_narrative":true,"complaint_id":"21628102","timely":"Yes","company_response":"Closed with explanation","submitted_via":"Web","company":"WELLS FARGO & COMPANY","date_received":"2026-04-27T15:23:24.000Z","state":"CA","company_public_response":"Company has responded to the consumer and the CFPB and chooses not to provide a public response","sub_issue":"Confusing or misleading advertising about the credit card"},"highlight":{"complaint_what_happened":["I believe this practice creates unnecessary security and consumer protection <em>risks</em>. Mailing live negotiable instruments linked to a credit account increases the <em>risk</em> of <em>theft</em>, <em>interception</em>, <em>fraud</em>, <em>unauthorized</em> use, or misuse if the checks are lost or stolen. It also encourages high-interest debt through unsolicited access to credit. \n\nI am particularly concerned that this product was issued without my affirmative request or prior approval."]},"sort":[20.266273,"21628102"]},{"_index":"complaint-public-v1","_id":"17306433","_score":18.30676,"_source":{"product":"Checking or savings account","complaint_what_happened":"I am filing a complaint regarding Chase Bank 's mishandling of a serious Account Takeover, mail theft, and unauthorized ATM withdrawals, purchases, and electronic transfers incident totaling almost {$17000.00}. There are multiple claims open due to the fact that criminals had access to 2 bank accounts ( one savings, one checking ), and used several methods for stealing ( ATM withdrawals, in-store purchases, and electronic transfers ). For the claim on the checking account, Chase has denied my claim twice, despite clear evidence of account takeover, procedural failures, and violations of Regulation E. \n\n1. Criminals accessed my online Chase account before contacting me They referenced my exact recent Chase transactions, including : - A {$390.00} XXXX purchase - My {$2200.00} XXXX payment to XXXX XXXX  This information is only visible inside my Chase account. This proves unauthorized access and establishes that this was an Account Takeover, not \" customer-authorized activity. '' 2. Chase canceled my debit card and issued a new card at the request of the criminals I did NOT request a new debit card or authorize cancellation of my existing one. \nThis means Chase processed a high-risk action ( card cancellation + replacement issuance ) without verifying my identity.\n\nThis is a procedural failure by Chase 's fraud prevention and customer authentication processes.\n\n3. The replacement debit card was stolen from the mail The criminals intercepted the replacement card and used it with the PIN they socially engineered. This is federal mail theft.\n\n4. The criminals withdrew money, used it for purchases, and electronic transfers using the stolen card I did NOT authorize these withdrawals, purchases, and transfers. I was not present, and I do not know the individuals. ATM surveillance footage exists and will show the thief.\n\n5. Chase incorrectly denied my claim twice Chase incorrectly classified the fraud as \" customer provided PIN '', which is factually and legally incorrect.\n\nThe fraud involved : Unauthorized access to my online account, Caller ID spoofing, Mail theft, A stole physical debit card, Unauthorized ATM withdrawals, Unauthorized purchases using social engineering, unauthorized electronic transfers, A procedural failure by Chase in issuing a card I never requested Under regulation E, I am not liable for unauthorized electronic fund transfers that result from account takeover or bank error. Chase continues to deny my claim despite evidence that this was NOT customer-authorized. \n\n6. I have filed all required reports- Chicago Police Department Report - Report the stolen package to UPS - FTC Identity Theft Affidavit - Executive Office escalation at Chase I am requesting that the CFPB require Chase to : - Reclassify my claim and all my claims under Account Takeover + Unauthorized Transaction + Mail Theft - Conduct a full investigation of their procedural failure in issuing a debit card without my authorization - Reimburse me for all unauthorized withdrawals, transfers and purchases as required by Regulation E - Provide written findings justifying their previous denials This situation has created significant financial stress and emotional distress. \nI am simply requesting that Chase apply federal consumer protections correctly and take responsibility for their internal failures that enabled fraud.","date_sent_to_company":"2025-11-17T16:04:39.000Z","issue":"Managing an account","sub_product":"Checking account","zip_code":"60611","tags":null,"has_narrative":true,"complaint_id":"17306433","timely":"Yes","company_response":"Closed with explanation","submitted_via":"Web","company":"JPMORGAN CHASE & CO.","date_received":"2025-11-17T15:28:29.000Z","state":"IL","company_public_response":null,"sub_issue":"Problem using a debit or ATM card"},"highlight":{"complaint_what_happened":["The <em>fraud</em> involved : <em>Unauthorized</em> access to my online account, Caller ID spoofing, Mail <em>theft</em>, A stole physical debit card, <em>Unauthorized</em> ATM withdrawals, <em>Unauthorized</em> purchases using social engineering, <em>unauthorized</em> electronic transfers, A procedural failure by Chase in issuing a card I never requested Under regulation E, I am not liable for <em>unauthorized</em> electronic fund transfers that result from account takeover or bank error."]},"sort":[18.30676,"17306433"]},{"_index":"complaint-public-v1","_id":"18419242","_score":16.502165,"_source":{"product":"Checking or savings account","complaint_what_happened":"I. EXECUTIVE SUMMARY I, XXXX XXXX, hereby formally declare that I am the victim of a sophisticated identity theft and hardware compromise event that occurred between XX/XX/XXXX, and XX/XX/XXXX. Unauthorized perpetrators utilized a compromised mobile deviceinfected via a malicious link from truserfmobile.comand stolen physical credentials to bypass security protocols. This resulted in {$11000.00} in fraudulent transfers to the merchant XXXXXXXX XXXX XXXX XXXX XXXX XXXX. \nThis statement is supported by objective forensic data from XXXX XXXX, XXXXXXXX XXXX XXXX  and XXXX XXXX XXXX XXXX, etc.. Furthermore, I have filed official sworn statements with the Federal Trade Commission ( Report # XXXX ) and the FBI Internet Crime Complaint Center to pursue criminal prosecution of the perpetrators. \n\n1. Communication Interception ( SMS & Email ) The perpetrators utilized a dual-vector attack to suppress all security notifications sent to my devices : SMS/Text Message Interception : XXXX and Stripe sent Multi-Factor Authentication ( MFA ) codes to my mobile number ending in XXXX. These messages were filtered directly to \" Spam '' or intercepted via screen mirroring. \nEvidence : XXXX XXXX logs show codes XXXX, XXXX, XXXX, XXXX, XXXX, etc. were sent and immediately entered by the attackers between XX/XX/XXXX and XX/XX/XXXX via either email or sms interception. \nEmail XXXX ( XXXX XXXX  ) : On XX/XX/XXXX, XXXX XXXX issued a \" Spike in user-reported spam '' alert. \nEvidence : XXXX messages were flooded into my inbox in the 5 day window mentioned to bury legitimate fraud alerts. \nXXXX. XXXX XXXX XXXX  ( XXXX XXXX Logs ) XXXX XXXX document a massive deviation in data usage on XX/XX/XXXX, consistent with the download of a malicious payload or mirroring software. \nNormal Usage ( XX/XX/XXXX ) : XXXX GB Breach Usage ( XX/XX/XXXX ) : XXXX GB Conclusion : This 1000 % spike confirms the active data exfiltration/mirroring payload coinciding with the accidental click on the truserfmobile.com link. \nXXXX. Device Activity Anomaly ( XXXX XXXX Logs ) System logs confirm the device was \" Active '' for extreme durations during the fraud window, indicating a XXXX XXXX XXXX  ( XXXX  ) or script was controlling the screen XXXX. \nXX/XX/XXXX ( XXXX XXXX ) : 112 % Battery Usage / XXXX hours XXXX minutes active screen time. \nXX/XX/XXXX : 94 % Battery Usage / XXXX hours and XXXX minutes of active screen time XX/XX/XXXX ( XXXX Day ) : 139 % Battery Usage / XXXX hours and XXXX minutes of active screen time XX/XX/XXXX ( Peak Fraud Day ) : 149 % Battery Usage / 12 hours and 43 minutes of active screen time. \nXX/XX/XXXX : 128 % Battery Usage / XXXX hours XXXX minutes active screen time. \nXX/XX/XXXX : 99 % XXXX XXXX XXXX hours and XXXX minutes of active screen time XX/XX/XXXX : 72 % XXXX XXXX XXXX hrs and XXXX minutes of active screen time XXXX. Carrier Validation of Security Breach ( XXXX XXXX ) Official Finding : On XX/XX/XXXX, XXXX XXXX formally investigated the device 's behavior and declared the hardware \" compromised by a security breach. '' Remediation : XXXX immediately issued Replacement Order # XXXX, citing \" Reason XXXX : User content lost or no access '' and noting the device needed replacement \" due to safety reasons. \". \nPossession vs. Control : While the compromised device remains temporarily in my possession pending the arrival of the replacement unit, XXXX expert analysis confirms that the device was subject to external control/mirroring. The fact that I physically hold the device does not imply I authorized the transactions ; rather, I am preserving the compromised hardware as forensic evidence. \n\nI vigorously assert that I have zero prior history of sports betting, online gambling, or high-risk trading on any of my financial accounts. A comprehensive review of my banking history with Chase, XXXX XXXX and XXXX XXXX confirms that since the inception of these accounts, there has never been a single transaction to merchants such as XXXX, XXXX, XXXX, or similar entities. The sudden, high-volume activity with XXXX XXXX XXXX XXXX of bets placed in days ) is completely anomalous and inconsistent with my established financial behavior which can be verified with financial statements from all affected banks. \nVI. FINAL ATTESTATION I, XXXX XXXX, declare under penalty of perjury that the foregoing is true and correct. I did not authorize transactions listed in that affidavit. The fraud was facilitated by a hardware compromise ( XXXX XXXX ), the interception of SMS verification codes, email XXXX, and the exploitation of my pre-existing biometric authentication with XXXX I hold {$0.00} in illicit credits and authorize XXXX XXXX to reclaim all funds remaining in the fraudulent account.","date_sent_to_company":"2026-01-02T13:57:15.000Z","issue":"Problem with a lender or other company charging your account","sub_product":"Checking account","zip_code":"07107","tags":null,"has_narrative":true,"complaint_id":"18419242","timely":"Yes","company_response":"Closed with explanation","submitted_via":"Web","company":"JPMORGAN CHASE & CO.","date_received":"2026-01-02T13:43:52.000Z","state":"NJ","company_public_response":null,"sub_issue":"Transaction was not authorized"},"highlight":{"complaint_what_happened":["EXECUTIVE SUMMARY I, XXXX XXXX, hereby formally declare that I am the victim of a sophisticated identity <em>theft</em> and hardware compromise event that occurred between XX/XX/XXXX, and XX/XX/XXXX. <em>Unauthorized</em> perpetrators utilized a compromised mobile deviceinfected via a malicious link from truserfmobile.comand stolen physical credentials to bypass security protocols. This resulted in {$11000.00} in fraudulent transfers to the merchant XXXXXXXX XXXX XXXX XXXX XXXX XXXX."]},"sort":[16.502165,"18419242"]},{"_index":"complaint-public-v1","_id":"15606542","_score":15.322414,"_source":{"product":"Credit card","complaint_what_happened":"I am filing this complaint because Barclays Bank Delaware has repeatedly mishandled my personal information, in violation of federal data protection obligations under the GrammLeachBliley Act ( GLBA ) and related consumer protection rules.\n\nBackground : I previously had an old email address on file with Barclays. I later updated my account to a new email address because the old one had been compromised.\n\nWhen I applied for a new account using my current, valid email address, Barclays began sending sensitive account-related emails ( including my legal name and product type ) to my old, compromised email address even though that address is no longer associated with my account. \nThis disclosure of nonpublic personal information ( NPI ) to an unauthorized channel is a violation of the GLBA Safeguards Rule ( 15 U.S.C. 68016809 ; 16 C.F.R. Part 314 ), which requires financial institutions to implement reasonable measures to protect the confidentiality and integrity of customer information. \n\nXXXX XXXX ( XX/XX/XXXX ) : I contacted Barclays Security Department after receiving an account email at my old, compromised email address. \nI was told it may be a phishing email, but upon verification it was confirmed to be an authentic Barclays communication. \nThe representative admitted the old email was still in Barclays system, and stated it would be removed. \nI also requested a verbal password be added for additional security. The representative confirmed it was set up. \nI was instructed to forward the proof to XXXX, which I did. Barclays has therefore received direct evidence of this breach. \n\nXXXX XXXX ( XX/XX/XXXX, 3 days later ) : I again received an account email at the old, compromised address. \nI called Barclays Security later in the week. During this call, I was not asked to provide the verbal password I had set up earlier. \nThe representative then informed me that no verbal password had been established, contradicting what I was told in the first call. She then set one up at that time.\n\nViolations/ Failures 1. Violation of GLBA Safeguards Rule ( 15 U.S.C. 6801 ( b ) ; 16 C.F.R. Part 314 ) Barclays failed to properly update customer records and continued transmitting nonpublic personal information ( my name and account type ) to an unauthorized, compromised email address. \nBarclays ignored my explicit notification that the old address was unsafe, knowingly disclosing sensitive information to a channel at risk of interception. \n2. Failure to Implement Reasonable Security Procedures Barclays failed to implement a verbal password as requested and confirmed, undermining authentication controls designed to protect against account takeover and fraud. \nThe failure to even request the password during subsequent calls shows a lack of consistent enforcement of security protocols. \n3. Potential Violation of State Breach Notification Laws By transmitting customer data to an unauthorized third party after being informed of the risk, Barclays may have triggered obligations under state data breach notification statutes ( e.g., Delaware Code 12B-101 et seq. ). I have never received any formal notice from Barclays acknowledging this as a data breach.\n\n4. Consumer Protection Concerns under CFPB Oversight These failures constitute unfair and unsafe practices by a national bank, exposing me to identity theft, phishing, and fraud.","date_sent_to_company":"2025-08-29T03:59:48.000Z","issue":"Other features, terms, or problems","sub_product":"General-purpose credit card or charge card","zip_code":"06614","tags":null,"has_narrative":true,"complaint_id":"15606542","timely":"Yes","company_response":"Closed with explanation","submitted_via":"Web","company":"BARCLAYS BANK DELAWARE","date_received":"2025-08-29T03:37:14.000Z","state":"CT","company_public_response":"Company has responded to the consumer and the CFPB and chooses not to provide a public response","sub_issue":"Privacy issues"},"highlight":{"complaint_what_happened":["Consumer Protection Concerns under CFPB Oversight These failures constitute unfair and unsafe practices by a national bank, exposing me to identity <em>theft</em>, phishing, and <em>fraud</em>."]},"sort":[15.322414,"15606542"]},{"_index":"complaint-public-v1","_id":"12091729","_score":14.2506,"_source":{"product":"Checking or savings account","complaint_what_happened":"Urgent Complaint Lost Checkbook & Security Breach by Chase and XXXX To Whom It May Concern, I am filing this complaint against JPMorgan Chase Bank, N.A. ( hereafter Chase ) and XXXX XXXX regarding the loss of my checkbook, failure to provide tracking, and refusal to assist in resolving this serious financial and security issue. \n\nTimeline of Events : - XX/XX/year> I placed an order for checks through Chase ( processed via XXXX ). I received confirmation that they were shipped the same day and was provided an estimated delivery date of XX/XX/year>. \n- XX/XX/year> The checkbook never arrived at my address. \n- XX/XX/year> I contacted Chase and XXXX for assistance. \nXXXX provided no tracking information, the company has a phone line with an answering machine that only provide 3 options : Request Checks, Status Overview, None of above '' > which only returns to \" you have to contact your bank ''. \n\nChases only response was to reissue new checks, without addressing where the missing checkbook is or the risks involved, while I appreciate the effort, I can't see how this is a viable solution since I have absolutely no information about the shipping provided by these companies. I NEVER got a tracking number, any information about the logistics and which company has my checkbook and all my financial situation, thus the solution offered by Chase is not viable as it runs into the previous problem, I can't wait another month hoping my checks will be delivered by some unknown and unnamed company. \n\nNeither company took responsibility for locating the missing package. \nMajor Concerns & Security Risks : 1 ) Unaccounted-For Banking Materials : - An entire checkbook with preprinted personal and financial information has gone missing. \n- Neither Chase nor XXXX can confirm where it is, who may have received it, or if it was intercepted.\n\n2 ) Serious Risk of Fraud & Identity Theft : - Checks contain highly sensitive financial data, including my account number, routing number, name, and address. \n- If these checks fall into the wrong hands, they can be fraudulently used to withdraw money, make unauthorized payments, or open fraudulent accounts. \n- Chase has not taken any steps to flag my account for potential fraud despite this breach. \n\nXXXX ) Complete Lack of Tracking & Accountability : - XXXX claims to have shipped the checks but provided no tracking information and is unable to confirm who delivered them. \n- Chase refuses to investigate the issue and has not reported this loss as a security breach, despite the potential for financial fraud. \n\n4 ) Potential Financial Damages Due to Chases Negligence : - Due to Chases failure to provide my checks, I am now being forced to pay my rent using an alternative method that incurs a {$300.00} fee. \n- Chases negligence in ensuring the safe delivery of banking materials is directly causing me financial harm. \n\n5 ) Formal Complaint & Demand for Resolution : I demand the following actions : - A full investigation into the whereabouts of my missing checkbook and confirmation of who received it.\n\n- A formal acknowledgment from Chase and XXXX regarding this security breach and the steps they are taking to ensure this does not happen again. \n- Immediate fraud monitoring on my account and an official statement confirming liability protection for any fraudulent activity arising from this missing checkbook.\n\n- Reimbursement for financial damages incurred due to Chases negligence in handling my banking materials. \n\n6 ) If this matter is not resolved within 7 business days, I will escalate further, including : - Filing complaints with the Federal Trade Commission ( FTC ) for failure to safeguard consumer financial data.\n\n- Reporting this issue to my State Attorney General for potential legal action against Chase and XXXX for negligence. \n- Pursuing a Small Claims Court lawsuit for financial damages resulting from this security breach. \n\nThis is an urgent and serious matter that requires immediate action. Please provide a written response addressing my concerns. \n\nSincerely, XXXX XXXX XXXX","date_sent_to_company":"2025-02-22T01:12:28.000Z","issue":"Managing an account","sub_product":"Checking account","zip_code":"06902","tags":null,"has_narrative":true,"complaint_id":"12091729","timely":"Yes","company_response":"Closed with monetary relief","submitted_via":"Web","company":"JPMORGAN CHASE & CO.","date_received":"2025-02-15T20:28:54.000Z","state":"CT","company_public_response":null,"sub_issue":"Banking errors"},"highlight":{"complaint_what_happened":["Major Concerns & Security <em>Risks</em> : 1 ) Unaccounted-For Banking Materials : - An entire checkbook with preprinted personal and financial information has gone missing. \n- Neither Chase nor XXXX can confirm where it is, who may have received it, or if it was <em>intercepted</em>.\n\n2 ) Serious <em>Risk</em> of <em>Fraud</em> & Identity <em>Theft</em> : - Checks contain highly sensitive financial data, including my account number, routing number, name, and address."]},"sort":[14.2506,"12091729"]},{"_index":"complaint-public-v1","_id":"15289051","_score":12.719777,"_source":{"product":"Credit reporting or other personal consumer reports","complaint_what_happened":"This is a formal legal demand submitted via the Consumer Financial Protection Bureau complaint process. It is not an item dispute under FCRA 611 and is not to be handled via the e-OSCAR automated system. It requires direct compliance review by your legal and compliance departments. \n\nPursuant to my rights under multiple federal and state laws, you are required to produce all data your company maintains, transmits, or uses about me, whether or not you classify it as part of a consumer file, including all suppressed, archived, and lender-facing datasets. \n\nGoverning Laws and Obligations Fair Credit Reporting Act ( 15 U.S.C. 1681 et seq. ) : 603 ( d ) Consumer report includes any communication of information used to determine eligibility for credit, insurance, employment, or other permissible purposes. \n\n609 ( a ) ( 1 ) - ( 3 ) Full file disclosure, all sources of information, all recipients within the statutory periods.\n\n607 ( b ) Duty to follow reasonable procedures to assure maximum possible accuracy. \n\n611 ( a ) ( XXXX ) XXXX reinvestigation and full disclosure timelines. \n\n605 ( a ) Prohibition on reporting obsolete information.\n\n605B Duty to block information resulting from identity theft.\n\nFair Credit Billing Act ( 15 U.S.C. 16661666j ) : Any reported account status derived from a billing error constitutes a violation if not corrected. \n\nFair Debt Collection Practices Act ( 15 U.S.C. 1692e ( 8 ) ) : Prohibition against communicating false credit information ; applicable to any data received from debt collectors and published by you. \n\nXXXX XXXX ( 15 U.S.C. 68016809 ) & Regulation P : Full disclosure of all nonpublic personal information, all affiliate and non-affiliate data-sharing, and safeguards compliance. \n\nFTC Act ( 15 U.S.C. 45 ) : Prohibits unfair or deceptive acts or practices, including maintaining and furnishing inaccurate, outdated, or suppressed negative information to third parties. \n\nRight to Financial Privacy Act ( 12 U.S.C. 34013422 ) : Prohibits unauthorized access to and dissemination of financial records. \n\nElectronic Communications Privacy Act ( 18 U.S.C. 25102523 ) : Prohibits interception or disclosure of certain telecom and electronic records without consent. \n\nFTC Safeguards Rule ( 16 CFR Part 314 ) : Requires protection against unauthorized retention and use of consumer information, including stale data.\n\nState Data Privacy Laws ( including but not limited to CCPA/CPRA, Virginia CDPA , Colorado Privacy Act, Connecticut DPA , Utah Consumer Privacy Act ) : Right to access, correct, and delete all personal data, not limited to FCRAs consumer file.\n\nState Unfair and Deceptive Acts and Practices Statutes ( UDAP ) : Broad prohibition against deceptive suppression of derogatory data while still using it in scoring. \n\nData Categories Demanded You must produce all of the following without omission or sanitization : Full consumer file under FCRA 609 ( a ) ( 1 ), including any lender-facing or phantom file used in scoring or risk assessment. \n\nAll header/identifier data ( names, SSNs, DOBs, address history, employer history ), active or archived. \n\nAll tradeline data ( open, closed, paid, charged-off, deleted, or suppressed ), including internal suppression codes and archived account records. \n\nAll public record data ( bankruptcies, liens, judgments, evictions, foreclosures ), regardless of age, whether active, archived, or suppressed. \n\nAll inquiry data ( hard, soft, internal risk/fraud inquiries, suppressed inquiries ). \n\nComplete third-party sourcing : the name, address, and data categories supplied by every entity from which you have obtained, or to which you have furnished, information about me, whether affiliated or unaffiliated, regardless of how you classify the source. \n\nAll internal risk, fraud, or proprietary scoring models in which I am included, with complete adverse reason codes and scoring criteria. \n\nComplete dispute and suppression history, including results, internal notes, suppression codes, and reinsertion logs. \n\nComplete list of all recipients of any consumer report or related dataset about me within the last XXXX  years, with the permissible purpose claimed. \n\nNon-Compliance Warning Failure to produce all requested records, or producing only a partial/sanitized file, will constitute : Willful non-compliance under FCRA 616 and 617.\n\nUnfair or deceptive acts under the FTC Act and applicable state UDAP statutes. \n\nViolation of GLBA disclosure obligations and data-safeguarding requirements. \n\nPotential violations of RFPA and ECPA if protected records are withheld or disclosed improperly. \n\nI reserve all rights to seek statutory damages, actual damages, attorneys fees, injunctive relief, and to refer evidence to the FTC, state XXXX XXXX, and appropriate federal law enforcement agencies. \n\nThis demand is being logged for evidentiary purposes. Your full compliance within the applicable statutory timelines is required.","date_sent_to_company":"2025-08-14T17:16:30.000Z","issue":"Unable to get your credit report or credit score","sub_product":"Credit reporting","zip_code":"84020","tags":null,"has_narrative":true,"complaint_id":"15289051","timely":"Yes","company_response":"Closed with explanation","submitted_via":"Web","company":"CBC Companies, Inc.","date_received":"2025-08-14T17:11:54.000Z","state":"UT","company_public_response":null,"sub_issue":"Other problem getting your report or credit score"},"highlight":{"complaint_what_happened":["All inquiry data ( hard, soft, internal <em>risk</em>/<em>fraud</em> inquiries, suppressed inquiries ). \n\nComplete third-party sourcing : the name, address, and data categories supplied by every entity from which you have obtained, or to which you have furnished, information about me, whether affiliated or unaffiliated, regardless of how you classify the source. \n\nAll internal <em>risk</em>, <em>fraud</em>, or proprietary scoring models in which I am included, with complete adverse reason codes and scoring criteria."]},"sort":[12.719777,"15289051"]},{"_index":"complaint-public-v1","_id":"20532406","_score":12.546562,"_source":{"product":"Credit reporting or other personal consumer reports","complaint_what_happened":"SWORN STATEMENT OF IDENTITY THEFT AND FRAUDULENT IMPERSONATION BY AT-LARGE ASSAILANTS Prepared for Submission to Law Enforcement and the Consumer Financial Protection Bureau XXXX CFPB ) CONFIDENTIAL FOR LAW ENFORCEMENT AND REGULATORY USE ONLY SECTION XXXX : VICTIM IDENTIFICATION VICTIM PERSONAL IDENTIFYING INFORMATION Full Legal Name : [ REDACTED On File with Filing Agency ] Social Security Number : [ REDACTED On File with Filing Agency XXXX XXXX & # XXXX ; XXXX License Number : [ REDACTED On File with Filing Agency ] State of Issue : North Carolina XXXX XXXX : STATEMENT OF FACTS I hereby declare under penalty of perjury that the following is true and correct to the best of my knowledge and belief. I am submitting this sworn statement to support a law enforcement identity theft report and a formal identity theft complaint with the Consumer Financial Protection Bureau ( CFPB ). \nMy personal identifying information including my full legal name, Social Security number, date of birth, driver & # XXXX ; XXXX license number, home address, email address, and T-Mobile telephone numbers has been compromised through a series of confirmed, publicly documented data breaches affecting major credit bureaus, data broker companies, and telecommunications providers between XXXX and XXXX. My information was contained within the compromised datasets of each of the breaches identified in XXXX XXXX of this document, to a degree and capacity that is currently unknown and XXXX be ongoing. \nAs a direct and proximate result of these breaches, XXXX ( XXXX ) at-large, unidentified assailants have been actively using my stolen identity to fraudulently represent themselves as me since approximately XXXX. \nThese individuals are in possession of sufficient personal information including but not limited to my Social Security number, date of birth, driver & # XXXX ; XXXX license number, home address, email address, and IDENTITY THEFT VICTIM STATEMENT | XXXX XXXX XXXX XXXX | FOR LAW ENFORCEMENT & amp ; CFPB USE ONLY telephone numbers to convincingly pass identity verification checks across a wide range of businesses, financial institutions, government agencies, and service providers. \nDue to the extensive volume and accuracy of the stolen information available to the assailants, it is extremely difficult and in many cases practically impossible for businesses and organizations to detect, through standard verification procedures, that the individual presenting my credentials is not, in fact, me. \n\nSECTION XXXX : METHODS OF FRAUDULENT IMPERSONATION The assailant ( XXXX ) have employed the following multi-channel tactics to impersonate me across multiple jurisdictions. The sophistication and breadth of these methods is directly attributable to the comprehensive personal data made available to them through the data breaches documented herein : A. Falsified Government Identification and Documents The assailant ( XXXX ) have been providing falsified government-issued identification including driver & # XXXX ; XXXX licenses and identification cards bearing my personal information ( name, address, date of birth, Social Security number ) while displaying their own photograph or altered images. \nThese fraudulent documents have been presented to businesses, financial institutions, rental agencies, law enforcement, and other entities that rely on photo identification as a primary form of verification. \nBecause the biographical data on the fraudulent documents matches my legitimate records held by credit bureaus, data brokers, and government databases, these documents are extremely difficult to detect without biometric or forensic verification. \nThe assailants have been operating with these materials since at least XXXX and XXXX have refined their documentation over time as additional breached data became available. \n\nB. Phone Number and Two-Factor Authentication Exploitation My XXXX telephone numbers ( XXXX ) XXXX and ( XXXX ) XXXX were exposed through XXXX & # XXXX ; XXXX multiple confirmed data breaches in XXXX, XXXX, and XXXX. \nThe assailant ( XXXX ) have used these phone numbers to receive one-time passwords ( OTPs ), SMS verification codes, and two-factor authentication ( XXXX ) confirmations, allowing them to create or access accounts in my name across financial, retail, and government platforms. \nThrough SIM-swapping techniques or unauthorized account access, these numbers XXXX have been redirected to devices controlled by the assailants, enabling real-time interception of verification messages intended for me. \n\nXXXX Email Address XXXX XXXX email address has been exposed through the data breaches documented in this statement. \nThe assailant ( XXXX ) have used this email address to create, verify, or recover accounts fraudulently opened in my name. \n\nIDENTITY THEFT VICTIM STATEMENT | XXXX XXXX XXXX XXXX | FOR LAW ENFORCEMENT & amp ; CFPB USE ONLY This email has been used in conjunction with my phone numbers to satisfy multi-factor authentication requirements, giving the assailants a near-complete account access and recovery capability. \n\nXXXX XXXX Address Monitoring and Mail Interception My home address is known to the assailants as a direct result of the data breaches listed herein, several of which exposed historical and current address data. \nThe assailant ( XXXX ) are believed to be monitoring mail delivery to my address through XXXX XXXX XXXX or similar postal tracking services, obtaining advance digital notice of incoming mail, financial documents, account statements, and new payment cards. \nThis allows them to intercept critical financial and identity documents including credit cards, account notifications, and government correspondence without requiring physical presence at my address at the time of delivery, and without my knowledge. \nThis method effectively disables the mail-based notification systems that would otherwise alert me to fraudulent account openings, changes to existing accounts, or other unauthorized activity. \n\nXXXX Complete Identity Package Cascading Breach Exploitation By combining data from multiple breaches SSN ( Equifax XXXX, XXXX XXXX XXXX XXXX, TransUnion XXXX ), address history ( National Public Data XXXX ), phone and account data ( XXXX XXXX XXXX ), driver & # XXXX ; XXXX license data ( XXXX XXXX, TransUnion XXXX ), and full credit report access ( XXXX  XXXX ) the assailants have assembled a complete, current identity package. \nThis comprehensive data set enables the assailants to answer knowledge-based authentication ( KBA ) security questions that financial institutions and credit bureaus use for identity verification including questions about past addresses, loan amounts, vehicle registrations, and account histories. \nThe cumulative effect of multiple breaches means that each new incident added more detail and currency to the assailants & # XXXX ; identity package, progressively making their impersonation more convincing and harder to detect. \n\nSECTION XXXX : DATA BREACHES INFORMATION COMPROMISED The following publicly confirmed data breaches are identified as sources through which the personal identifying information of \" REDACTED '' was compromised. The victim & # XXXX ; XXXX information was contained within the affected datasets of each breach listed below to an extent that is currently unknown. Each breach independently contributed to the complete identity profile now being exploited by the assailants identified in this statement. \nCompany / Entity Year Data Exposed / Incident Summary Victim Exposure Status Equifax XXXX XXXX, XXXX, addresses, driver & # XXXX ; XXXX licenses, credit history XXXX XXXX Americans affected DATA COMPROMISED IDENTITY THEFT VICTIM STATEMENT | XXXX XXXX XXXX XXXX | FOR LAW ENFORCEMENT & amp ; CFPB USE ONLY XXXX XXXX Account data, SSNs, billing addresses, phone numbers XXXX XXXX records exposed DATA COMPROMISED XXXX XXXX XXXX, XXXX, driver & XXXX XXXX ; XXXX license, IMEI numbers, phone account data XXXX XXXX customers DATA COMPROMISED XXXX XXXX Full credit reports exposed via IDOR vulnerability for all XXXX consumers 47 days XXXX unauthorized access DATA COMPROMISED XXXX XXXX Consumer account hijacking identity thieves could re-register any account using a different email address DATA COMPROMISED XXXX XXXX Names, addresses, identity numbers, phone numbers, credit scores approximately XXXX XXXX consumers DATA COMPROMISED XXXX XXXX Account data, billing addresses, contact info XXXX XXXX XXXX customers affected DATA COMPROMISED XXXX & amp ; XXXX XXXX XXXX ransomware XXXX XXXX XXXX & amp ; XXXX XXXX business and consumer data accessed DATA COMPROMISED TXXXX  XXXX Names, credit scores, loan balances, passport info, employer data XXXX consumer records ( XXXX XXXX ) DATA COMPROMISED AT & amp ; T XXXX SSNs, account numbers, passcodes, contact data XXXX XXXX current and former customers DATA COMPROMISED National Public Data XXXX XXXX, full name, historical addresses, relatives & # XXXX ; data approximately XXXX XXXX records stolen DATA COMPROMISED XXXX / XXXX XXXX XXXX, XXXX, XXXX & # XXXX ; XXXX XXXX number, contact info XXXX individuals ; breach occurred XX/XX/XXXX, disclosed XX/XX/XXXX DATA COMPROMISED XXXXn XXXX SSNs, DOBs, names XXXX XXXX XXXX. \nconsumers via XXXX  vendor compromise ( breach date : XX/XX/XXXX ) DATA COMPROMISED IMPORTANT NOTE : The above list reflects publicly confirmed, documented breaches as of the date of this statement. The actual scope of compromise XXXX be broader, as additional incidents XXXX not have been publicly disclosed, and data aggregators routinely combine information from multiple breach sources. The victim & # XXXX ; XXXX inclusion in each breach is based on documented exposure of personally identifying information matching his profile during the timeframes in which he was an active consumer of each affected service. \n\nSECTION XXXX : ONGOING HARM AND CONTINUING IMPACT IDENTITY THEFT VICTIM STATEMENT | XXXX XXXX XXXX XXXX | FOR LAW ENFORCEMENT & amp ; CFPB USE ONLY The identity theft being perpetrated against XXXX XXXX XXXX XXXX is active and ongoing as of the date of this statement. The harm is not limited to any single fraudulent transaction but constitutes a continuing course of criminal conduct with compounding effects : Fraudulent accounts opened in the victim & # XXXX ; XXXX name across financial, retail, telecommunications, and government service platforms, potentially spanning multiple counties and states. \nDamage to the victim & # XXXX ; XXXX credit profile through unauthorized account openings, unauthorized hard credit inquiries, and derogatory reporting by entities deceived by the assailants. \nPotential criminal record contamination the assailants XXXX be using the victim & # XXXX ; XXXX identity in connection with law enforcement encounters, arrests, or court proceedings, creating false criminal or warrant records tied to the victim & # XXXX ; XXXX name, XXXX, or driver & # XXXX ; XXXX license number. \nOngoing interception of postal and electronic communications, depriving the victim of the ability to detect and respond to fraudulent activity through normal notification channels. \nPermanent compromise of core biographic identifiers SSN and date of birth can not be changed ; driver & # XXXX ; XXXX license number is extremely difficult to change meaning the risk of future harm is indefinite and ongoing. \nSubstantial time, financial, and psychological burdens imposed by the continuous need to monitor, dispute, and remediate fraudulent activity across multiple accounts, agencies, and jurisdictions. \n\nXXXX VI : REQUESTED LAW ENFORCEMENT AND REGULATORY ACTIONS A. Police Report Multi-County Filing A formal identity theft police report should be filed in XXXX XXXX in which the assailants have been identified as, or are reasonably suspected of, impersonating XXXX XXXX XXXX XXXX. \nA report must be filed in XXXX XXXX, NC ( XXXX ) as XXXX XXXX of the victim & # XXXX ; XXXX residence and the primary jurisdiction for address-based mail interception and local fraud. \nXXXX XXXX & # XXXX ; XXXX report should reference this sworn statement, the CFPB Identity Theft Report, and all breach documentation herein. \nLaw enforcement is requested to investigate whether the assailants have used the victim & # XXXX ; XXXX identity in connection with any law enforcement encounters, criminal proceedings, or warrant activity and to correct the record accordingly. \n\nB. XXXX XXXX XXXX XXXX. XXXX XXXX XXXX ( XXXX ) : XXXX is requested for investigation of mail monitoring, mail theft, and mail fraud under XXXX XXXX. XXXX and XXXX. \nFederal Trade Commission ( FTC ) : Identity Theft Report at identitytheft.gov should be filed in conjunction with this sworn statement. \nFederal Bureau of Investigation ( FBI ) Internet Crime Complaint Center ( XXXX ) : Referral is recommended given the multi-state, multi-platform, and financially motivated nature of the fraud. \nAll applicable state and federal identity fraud statutes should be referenced, including XXXX XXXX. \nXXXX ( XXXX XXXX ) and N.C.G.S. XXXX ( Identity Theft ). \n\nIDENTITY THEFT VICTIM STATEMENT | XXXX XXXX XXXX XXXX | FOR LAW ENFORCEMENT & amp ; CFPB USE ONLY XXXX CFPB Identity Theft Report and Credit Bureau XXXX A formal Identity Theft Report will be simultaneously filed with the Consumer Financial Protection Bureau ( CFPB ) at identitytheft.gov or XXXX. \nThe CFPB report, combined with this sworn statement and accompanying police report numbers, constitutes a legally recognized Identity Theft Report under the Fair Credit Reporting Act ( FCRA ), entitling the victim to : extended fraud alerts ( 7 years ), identity theft blocks on fraudulent tradelines, copies of fraudulent account applications, and the right to stop debt XXXX from collecting debts resulting from identity theft. \nSecurity freezes should be placed with all three major credit bureaus ( Equifax , XXXX XXXX  ) and specialty bureaus including XXXX XXXX XXXX, XXXX, XXXX, and XXXX. \nCopies of this document and the accompanying police report numbers should be submitted to each bureau to trigger block and investigation procedures under FCRA XXXX. \n\nSECTION XXXX : SWORN DECLARATION AND SIGNATURE I, declare under penalty of perjury under the laws of the United States of America and the State of North Carolina that the foregoing is true and correct to the best of my knowledge, information, and belief. I am the victim of identity theft as described herein. I did not authorize the use of my personal information by any of the parties referenced in this document. I authorize law enforcement, the CFPB, the FTC, and any relevant agency or financial institution to use this document in connection with the investigation and remediation of the identity theft described herein.","date_sent_to_company":"2026-03-24T07:32:04.000Z","issue":"Improper use of your report","sub_product":"Credit reporting","zip_code":"27405","tags":"Servicemember","has_narrative":true,"complaint_id":"20532406","timely":"Yes","company_response":"Closed with explanation","submitted_via":"Web","company":"EQUIFAX, INC.","date_received":"2026-03-24T07:31:38.000Z","state":"NC","company_public_response":null,"sub_issue":"Credit inquiries on your report that you don't recognize"},"highlight":{"complaint_what_happened":["Police Report Multi-County Filing A formal identity <em>theft</em> police report should be filed in XXXX XXXX in which the assailants have been identified as, or are reasonably suspected of, impersonating XXXX XXXX XXXX XXXX. \nA report must be filed in XXXX XXXX, NC ( XXXX ) as XXXX XXXX of the victim & # XXXX ; XXXX residence and the primary jurisdiction for address-based mail <em>interception</em> and local <em>fraud</em>."]},"sort":[12.546562,"20532406"]},{"_index":"complaint-public-v1","_id":"13302870","_score":11.693178,"_source":{"product":"Debt collection","complaint_what_happened":"On XX/XX/year>, I paid {$180.00} through Radius Global Solutions online portal ( XXXX  ) to settle a {$470.00} debt, pursuant to their settlement offer letter dated XX/XX/year>, which explicitly promised the account would be resolved and closed upon payment of {$180.00} by XX/XX/year>. However, Radius Global Solutions engaged in a systematic pattern of deceptive, unfair, and abusive practices designed to obstruct my ability to document this payment, deceive me into paying more than the agreed-upon settlement amount, and cause severe emotional distress. Their actions reveal an intentional architecture of their website and company practices to exploit consumers, violating multiple federal and state laws and warranting significant restitution and a refund of my payment. \n\nIntentional Obstruction of Payment Documentation : After making the payment, the Print Receipt button on their confirmation page was non-functional. Technical analysis using browser developer tools revealed that their XXXX XXXX XXXX ( XXXX ) deliberately blocks the buttons XXXX XXXX XXXX XXXX XXXX XXXX event handler by disallowing unsafe-inline in the script-src directive. This calculated design choicewhen they could have used an Angular event binding or adjusted the XXXXprevented me from obtaining a receipt, leaving me vulnerable to false claims of non-payment and causing significant anxiety. \nRefusal to Provide Immediate Confirmation and Stalling Tactics : When I contacted Radius Global Solutions at XXXX to request confirmation of my payment, they refused to provide it immediately, claiming it would be sent in a letter in XXXX business days ( around May 1316, 2025 ). This delay is unconscionable for an electronic payment. During my calls, they employed stalling tactics by keeping me on hold for a manager for an extended period, further delaying resolution. After persistent demands, they provided a confirmation number, but only after subjecting me to undue frustration. \nForced Logouts and Deceptive Portal Design to Induce Overpayment : On multiple occasions, collection agents logged me out of the portal mid-session, forcing me to log back in repeatedly. The portal initially displayed the full {$470.00} balance as due, despite the {$180.00} settlement offer, only showing the reduced amount after navigating to the Reduced Balance Offers section. These forced logouts and the portals deceptive design appear to be deliberate tactics to deceive consumers into paying more than the agreed settlement amount, as the default display of the higher balance could mislead someone into overpaying. This reflects an intentional architecture of their website and company practices to exploit consumers, further compounding my stress and distrust.\n\nRisk of Identity Theft and Misuse of Information : The forced logouts, combined with their lack of transparency in handling my payment and personal data, raised a reasonable fear of potential identity theft and misuse of my information. Each logout required me to re-enter sensitive login credentials, increasing the risk of interception or unauthorized access. Their deceptive practices and failure to provide immediate confirmation further eroded my trust in their ability to safeguard my financial and personal information, adding to my distress.\n\nStatutory Violations : FDCPA 15 U.S.C. 1692e ( False or Misleading Representations ) : The non-functional Print Receipt button, refusal to provide immediate confirmation, and portal design that defaults to the full balance while forcing logouts are deceptive, misleading me into believing I could easily document my payment and pay the agreed settlement amount, violating Section 1692e.\n\nFDCPA 15 U.S.C. 1692f ( Unfair Practices ) : The deliberate XXXX configuration, XXXX business day delay, stalling tactics, forced logouts, and portal design encouraging overpayment are unfair, exposing me to risk of false claims and unauthorized payments, violating Section 1692f.\n\nFDCPA 15 U.S.C. 1692f ( 1 ) : Attempting to collect an amount not authorized by the settlement agreement ( {$180.00} ) by designing the portal to display the full {$470.00} balance and forcing logouts to encourage overpayment violates Section 1692f ( 1 ).\n\nFDCPA 15 U.S.C. 1692d ( Harassment or Abuse ) : The forced logouts, stalling tactics, refusal to provide immediate confirmation, and deceptive portal design constitute harassment under Section 1692d, as their conduct was intended to pressure and intimidate me into overpaying.\n\nRegulation E 12 CFR 1005.9 : As an electronic payment, I am entitled to prompt documentation. Their non-functional button and delayed confirmation violate this regulation.\n\nEFTA 15 U.S.C. 1693e : The portal design and forced logouts, which push users to the full balance screen, attempt to induce an unauthorized payment beyond the {$180.00} I authorized, violating Section 1693e.\n\nCFAA 18 U.S.C. 1030 ( a ) ( 5 ) : The forced logouts constitute intentional interference with my authorized access to the portal, impairing its functionality and causing damage to my user experience.\n\nCFAA 18 U.S.C. 1030 ( a ) ( 4 ) : The deceptive portal design, combined with forced logouts, constitutes fraud by deception with intent to obtain a higher payment, violating Section 1030 ( a ) ( 4 ).\n\nDodd-Frank UDAAP 12 U.S.C. 5531 : The portal design, forced logouts, and delayed confirmation are deceptive, unfair, and abusive, taking advantage of my vulnerability as a debtor to pressure overpayment, violating UDAAP standards.\n\nFTCA Section 5 15 U.S.C. 45 : The portal design, forced logouts, and non-functional button are unfair and deceptive acts in commerce, violating Section 5.\n\nMinnesota Consumer Protection Laws Minn. Stat. 325F.69 : Operating in Minnesota , their deceptive digital practices ( XXXX  configuration, forced logouts, portal design ) violate state laws against unfair practices in commerce.","date_sent_to_company":"2025-05-02T16:51:12.000Z","issue":"False statements or representation","sub_product":"Credit card debt","zip_code":"716XX","tags":"Servicemember","has_narrative":true,"complaint_id":"13302870","timely":"Yes","company_response":"Closed with non-monetary relief","submitted_via":"Web","company":"Radius Global Solutions LLC","date_received":"2025-05-02T16:19:27.000Z","state":"AR","company_public_response":"Company has responded to the consumer and the CFPB and chooses not to provide a public response","sub_issue":"Attempted to collect wrong amount"},"highlight":{"complaint_what_happened":["<em>Risk</em> of Identity <em>Theft</em> and Misuse of Information : The forced logouts, combined with their lack of transparency in handling my payment and personal data, raised a reasonable fear of potential identity <em>theft</em> and misuse of my information. Each logout required me to re-enter sensitive login credentials, increasing the <em>risk</em> of <em>interception</em> or <em>unauthorized</em> access."]},"sort":[11.693178,"13302870"]},{"_index":"complaint-public-v1","_id":"13301317","_score":11.693178,"_source":{"product":"Debt collection","complaint_what_happened":"On XX/XX/scrub>XXXX XXXX XXXX I paid {$180.00} through XXXX XXXX XXXX online portal ( XXXX  ) to settle a {$470.00} debt, pursuant to their settlement offer letter dated XX/XX/scrub> XXXX XXXX which explicitly promised the account would be resolved and closed upon payment of {$180.00} by XX/XX/year>. However, XXXX XXXXXXXX XXXX engaged in a systematic pattern of deceptive, unfair, and abusive practices designed to obstruct my ability to document this payment, deceive me into paying more than the agreed-upon settlement amount, and cause severe emotional distress. Their actions reveal an intentional architecture of their website and company practices to exploit consumers, violating multiple federal and state laws and warranting significant restitution and a refund of my payment. \n\nIntentional Obstruction of Payment Documentation : After making the payment, the Print Receipt button on their confirmation page was non-functional. Technical analysis using browser developer tools revealed that their Content Security Policy ( CSP ) deliberately blocks the buttons onclick= '' window.print ( ) '' event handler by disallowing unsafe-inline in the script-src directive. This calculated design choicewhen they could have used an Angular event binding or adjusted the CSPprevented me from obtaining a receipt, leaving me vulnerable to false claims of non-payment and causing significant anxiety. \nRefusal to Provide Immediate Confirmation and Stalling Tactics : When I contacted XXXX XXXX XXXX at XXXX to request confirmation of my payment, they refused to provide it immediately, claiming it would be sent in a letter in XXXX business days ( around XXXX XXXX XXXX  ). This delay is unconscionable for an electronic payment. During my calls, they employed stalling tactics by keeping me on hold for a manager for an extended period, further delaying resolution. After persistent demands, they provided a confirmation number, but only after subjecting me to undue frustration. \nForced Logouts and Deceptive Portal Design to Induce Overpayment : On multiple occasions, collection agents logged me out of the portal mid-session, forcing me to log back in repeatedly. The portal initially displayed the full {$470.00} balance as due, despite the {$180.00} settlement offer, only showing the reduced amount after navigating to the Reduced Balance Offers section. These forced logouts and the portals deceptive design appear to be deliberate tactics to deceive consumers into paying more than the agreed settlement amount, as the default display of the higher balance could mislead someone into overpaying. This reflects an intentional architecture of their website and company practices to exploit consumers, further compounding my stress and distrust. \nRisk of Identity Theft and Misuse of Information : The forced logouts, combined with their lack of transparency in handling my payment and personal data, raised a reasonable fear of potential identity theft and misuse of my information. Each logout required me to re-enter sensitive login credentials, increasing the risk of interception or unauthorized access. Their deceptive practices and failure to provide immediate confirmation further eroded my trust in their ability to safeguard my financial and personal information, adding to my distress. \nStatutory Violations : FDCPA 15 U.S.C. 1692e ( False or Misleading Representations ) : The non-functional Print Receipt button, refusal to provide immediate confirmation, and portal design that defaults to the full balance while forcing logouts are deceptive, misleading me into believing I could easily document my payment and pay the agreed settlement amount, violating Section 1692e.\n\nFDCPA 15 U.S.C. 1692f ( Unfair Practices ) : The deliberate CSP configuration, 710 business day delay, stalling tactics, forced logouts, and portal design encouraging overpayment are unfair, exposing me to risk of false claims and unauthorized payments, violating Section 1692f. \nFDCPA 15 U.S.C. 1692f ( 1 ) : Attempting to collect an amount not authorized by the settlement agreement ( {$180.00} ) by designing the portal to display the full {$470.00} balance and forcing logouts to encourage overpayment violates Section 1692f ( 1 ).\n\nFDCPA 15 U.S.C. 1692d ( Harassment or Abuse ) : The forced logouts, stalling tactics, refusal to provide immediate confirmation, and deceptive portal design constitute harassment under Section 1692d, as their conduct was intended to pressure and intimidate me into overpaying. \nRegulation E 12 CFR 1005.9 : As an electronic payment, I am entitled to prompt documentation. Their non-functional button and delayed confirmation violate this regulation.\n\nEFTA 15 U.S.C. 1693e : The portal design and forced logouts, which push users to the full balance screen, attempt to induce an unauthorized payment beyond the {$180.00} I authorized, violating Section 1693e.\n\nCFAA 18 U.S.C. 1030 ( a ) ( 5 ) : The forced logouts constitute intentional interference with my authorized access to the portal, impairing its functionality and causing damage to my user experience.\n\nCFAA 18 U.S.C. 1030 ( a ) ( 4 ) : The deceptive portal design, combined with forced logouts, constitutes fraud by deception with intent to obtain a higher payment, violating Section 1030 ( a ) ( 4 ).\n\nDodd-Frank UDAAP 12 U.S.C. 5531 : The portal design, forced logouts, and delayed confirmation are deceptive, unfair, and abusive, taking advantage of my vulnerability as a debtor to pressure overpayment, violating UDAAP standards.\n\nFTCA Section 5 15 U.S.C. 45 : The portal design, forced logouts, and non-functional button are unfair and deceptive acts in commerce, violating Section 5.\n\nMinnesota Consumer Protection Laws Minn. Stat. 325F.69 : Operating in Minnesota , their deceptive digital practices ( CSP configuration, forced logouts, portal design ) violate state laws against unfair practices in commerce.","date_sent_to_company":"2025-05-02T16:51:07.000Z","issue":"False statements or representation","sub_product":"Credit card debt","zip_code":"716XX","tags":"Servicemember","has_narrative":true,"complaint_id":"13301317","timely":"Yes","company_response":"Closed with explanation","submitted_via":"Web","company":"CAPITAL ONE FINANCIAL CORPORATION","date_received":"2025-05-02T16:50:39.000Z","state":"AR","company_public_response":null,"sub_issue":"Attempted to collect wrong amount"},"highlight":{"complaint_what_happened":["<em>Risk</em> of Identity <em>Theft</em> and Misuse of Information : The forced logouts, combined with their lack of transparency in handling my payment and personal data, raised a reasonable fear of potential identity <em>theft</em> and misuse of my information. Each logout required me to re-enter sensitive login credentials, increasing the <em>risk</em> of <em>interception</em> or <em>unauthorized</em> access."]},"sort":[11.693178,"13301317"]},{"_index":"complaint-public-v1","_id":"17871011","_score":11.652167,"_source":{"product":"Debt collection","complaint_what_happened":"Fraudulent Debt Collection Complaint Citi ThankYou Card I am filing this complaint to document repeated and fraudulent debt collection attempts related to my Citi ThankYou Card account.\n\n- * * Long Standing Customer Account * * I have been a customer of Citi for close to 25 years. Citi Thank You was not an actively used card ; I only make a nominal purchase once in a while when the bank sends a letter that an account will be closed unless a transaction is made.\n\n* * Unsolicited Checks * * : Citi ThankYou Card routinely mails unsolicited promotional balance transfer checks to customers, a practice that increases the risk of fraud and misuse. \n\n- * * Identity Theft Incident * * : My identity was stolen around the end of XX/XX/year> after applying for a renewal drivers license in Texas, which never arrived in the mail. Beginning around XXXX XXXX, someone impersonated me using my personal information at several banks and highend stores. Multiple banks notified me immediately and either prevented fraudulent charges or reversed them once I reported the fraud. A police report was filed by me as a result. \n\n- * * Citis Failure to Act * * : Citi was the only bank that did not contact me regarding suspicious activity. I discovered that an unauthorized {$1400.00} charge was made to my account on XX/XX/XXXX only in XX/XX/year>, when I received a statement. There was a limit increase request that I did not make and Citi did not verify with me that I learned about at the same time. When I saw an unusual line item on my statement in XXXX, I immediately reported the fraud by phone and disputed the transaction through Citis online portal, providing Citi with police report number and informing Citi that my mailbox had been compromised. Citi informed me that a credit was applied to my account and I could see it online. Citi also changed the address on file and reissued the card, but I received no further communication no mail, email, or calls about the investigation status. \n\n- * * Escalation to Collections * * : On Saturday, XX/XX/year>, Citi emailed me stating a payment is due today. When I called, I was told no payment was required and advised to just contact Citis security team during business hours on Monday. I contacted security as soon as they reopened on Monday, XX/XX/XXXX. Security indicated they only needed a copy of my driver 's license and suggested that I fax or mail it. The representative refused to provide online portal or email to expedite the resolution. Only when I requested their manager, the manager provided me with the email. I submitted the DL copy immediately, including again the police report number and Citi case number. On XXXX Friday, XX/XX/year>, I started receiving collections calls from Citi. When I attempted to call the XXXX number on the back of the card, the calls were immediately rolled over to collections rather than customer service. \nI spent from XXXX XXXX  to XXXX XXXX  On Friday, XX/XX/XXXX, trying to reach a customer service supervisor, eventually being transferred to a security team supervisor. When I inquired of the name on the fraudulent check, so I can add it to the police investigation, I was told that the charge related to someone writing a Citi check to \" Cash. '' And I was also informed that the investigation would take up an additional 60 to 90 days.\n\n- * * Summary * * An unsolicited Citi check was negligently mailed by Citi, intercepted by someone and cashed with no proper verification by Citi. Despite my prompt reporting of fraud and submission of police report information, Citi failed to properly investigate and to communicate with me, they allowed my account to be transferred to collections, and subjected me to repeated calls and delays and fraudulent tactics to close the dispute and demand payment of debt that I did not incur and did not authorize. Citi 's handling of this matter has been negligent and has caused unnecessary stress and harm. I request immediate resolution and urge regulatory authorities to investigate Citis practices.","date_sent_to_company":"2025-12-09T14:10:54.000Z","issue":"Attempts to collect debt not owed","sub_product":"Other debt","zip_code":"77055","tags":null,"has_narrative":true,"complaint_id":"17871011","timely":"Yes","company_response":"Closed with monetary relief","submitted_via":"Web","company":"CITIBANK, N.A.","date_received":"2025-11-28T23:01:08.000Z","state":"TX","company_public_response":"Company has responded to the consumer and the CFPB and chooses not to provide a public response","sub_issue":"Debt is not yours"},"highlight":{"complaint_what_happened":["* * Unsolicited Checks * * : Citi ThankYou Card routinely mails unsolicited promotional balance transfer checks to customers, a practice that increases the <em>risk</em> of <em>fraud</em> and misuse. \n\n- * * Identity <em>Theft</em> Incident * * : My identity was stolen around the end of XX/XX/year> after applying for a renewal drivers license in Texas, which never arrived in the mail. Beginning around XXXX XXXX, someone impersonated me using my personal information at several banks and highend stores."]},"sort":[11.652167,"17871011"]},{"_index":"complaint-public-v1","_id":"17991758","_score":11.629903,"_source":{"product":"Debt collection","complaint_what_happened":"Fraudulent Debt Collection Complaint Citi ThankYou Card I am filing this complaint to document repeated and fraudulent debt collection attempts related to my Citi XXXX XXXX  account. \n\n- * * Long Standing Customer Account * * I have been a customer of Citi for close to XXXX  years. Citi Thank You was not an actively used card ; I only make a nominal purchase once in a while when the bank sends a letter that an account will be closed unless a transaction is made. \n\n* * Unsolicited Checks * * : Citi XXXX XXXX routinely mails unsolicited promotional balance transfer checks to customers, a practice that increases the risk of fraud and misuse. \n\n- * * Identity Theft Incident * * : My identity was stolen around the end of XX/XX/year> after applying for a renewal drivers license in XXXX, which never arrived in the mail. Beginning around XXXX XXXX, someone impersonated me using my personal information at several banks and highend stores. Multiple banks notified me immediately and either prevented fraudulent charges or reversed them once I reported the fraud. A police report was filed by me as a result. \n\n- * * Citis Failure to Act * * : Citi was the only bank that did not contact me regarding suspicious activity. I discovered that an unauthorized {$1400.00} charge was made to my account on XX/XX/XXXX only in XX/XX/year>, when I received a statement. There was a limit increase request that I did not make and Citi did not verify with me that I learned about at the same time. When I saw an unusual line item on my statement in XXXX, I immediately reported the fraud by phone and disputed the transaction through Citis online portal, providing Citi with police report number and informing Citi that my mailbox had been compromised. Citi informed me that a credit was applied to my account and I could see it online. Citi also changed the address on file and reissued the card, but I received no further communication no mail, email, or calls about the investigation status. \n\n- * * Escalation to Collections * * : On Saturday, XX/XX/year>, Citi emailed me stating a payment is due today. When I called, I was told no payment was required and advised to just contact Citis security team during business hours on Monday. I contacted security as soon as they reopened on Monday, XX/XX/XXXX. Security indicated they only needed a copy of my driver 's license and suggested that I fax or mail it. The representative refused to provide online portal or email to expedite the resolution. Only when I requested their manager, the manager provided me with the email. I submitted the DL copy immediately, including again the police report number and Citi case number. On XXXX Friday, XX/XX/year>, I started receiving collections calls from Citi. When I attempted to call the XXXX number on the back of the card, the calls were immediately rolled over to collections rather than customer service. \nI spent from XXXX a.m. to XXXX p.m. On Friday, XX/XX/XXXX, trying to reach a customer service supervisor, eventually being transferred to a security team supervisor. When I inquired of the name on the fraudulent check, so I can add it to the police investigation, I was told that the charge related to someone writing a Citi check to \" Cash. '' And I was also informed that the investigation would take up an additional 60 to 90 days. \n\n- * * Summary * * An unsolicited Citi check was negligently mailed by Citi, intercepted by someone and cashed with no proper verification by Citi. Despite my prompt reporting of fraud and submission of police report information, Citi failed to properly investigate and to communicate with me, they allowed my account to be transferred to collections, and subjected me to repeated calls and delays and fraudulent tactics to close the dispute and demand payment of debt that I did not incur and did not authorize. Citi 's handling of this matter has been negligent and has caused unnecessary stress and harm. I request immediate resolution and urge regulatory authorities to investigate Citis practices.","date_sent_to_company":"2025-11-28T23:01:33.000Z","issue":"Attempts to collect debt not owed","sub_product":"Other debt","zip_code":"77055","tags":null,"has_narrative":true,"complaint_id":"17991758","timely":"Yes","company_response":"Closed with monetary relief","submitted_via":"Web","company":"CITIBANK, N.A.","date_received":"2025-11-28T21:48:54.000Z","state":"TX","company_public_response":"Company has responded to the consumer and the CFPB and chooses not to provide a public response","sub_issue":"Debt is not yours"},"highlight":{"complaint_what_happened":["* * Unsolicited Checks * * : Citi XXXX XXXX routinely mails unsolicited promotional balance transfer checks to customers, a practice that increases the <em>risk</em> of <em>fraud</em> and misuse. \n\n- * * Identity <em>Theft</em> Incident * * : My identity was stolen around the end of XX/XX/year> after applying for a renewal drivers license in XXXX, which never arrived in the mail. Beginning around XXXX XXXX, someone impersonated me using my personal information at several banks and highend stores."]},"sort":[11.629903,"17991758"]},{"_index":"complaint-public-v1","_id":"10914202","_score":10.831459,"_source":{"product":"Credit reporting or other personal consumer reports","complaint_what_happened":"Re : Legal Response to XXXX Dispute Regarding Bankruptcy Reporting and Forensic Audit Case : XXXX XXXX XXXX XXXX Dear XXXX Consumer Services, We hereby exercise our rights and reference the applicable statutory provisions for your guidance and compliance. These laws are binding on your company, given that your entity operates within the jurisdiction of both the state and federal authorities of its headquarters. These provisions were enacted to prevent corruption, breaches of fiduciary duty, violations of privacy, and infringements upon constitutional rights. \nPursuant to the Unlimited Power of Attorney, Cover Letter, and Memoir, and in accordance with the authorization granted by XXXX XXXX XXXX XXXX, you are instructed to address me as XXXX XXXX It is imperative that I not be addressed as \" XXXX XXXX, '' and I request that you refer to me solely as XXXX or XXXX XXXX \nThe term \" XXXX XXXX' originating around the XXXX, refers to an additional name or epithet attached to a person 's baptismal or XXXX name. The word \" XXXX '' is derived from the XXXX \" XXXX '' ( meaning \" XXXX  '' ) and the XXXX XXXX \" XXXX '' ( from \" XXXX XXXX' meaning XXXX XXXX  '' and \" XXXX '' meaning \" XXXXXXXX '' ). Over time, it evolved to denote a family name, typically passed down from generation to generation. In this regard, XXXX is my family name, which is private and must be treated with confidentiality. Any claims or communications related to the principal XXXX XXXX XXXX XXXX must be directed to the designated Trustee, XXXX , or his assigned authorized agents. \nThis letter serves as a formal legal response to the dispute submitted to your company on XX/XX/XXXX, regarding the unauthorized reporting of bankruptcy-related information on the credit report of XXXX XXXX XXXX XXXX XXXX We are invoking our legal rights under the Fair Credit Reporting Act ( FCRA ) and related statutes, demanding immediate correction and clarification, and requesting a forensic audit of all vendors and parties involved in the collection, reporting, or dissemination of sensitive data related to XXXX XXXX XXXX XXXX. \n1. Violation of Privacy and Consumer Protection Laws Under the Fair Credit Reporting Act ( FCRA ), 15 U.S.C. 1681e ( b ), XXXX is required to implement reasonable procedures to ensure the accuracy of the information it reports. Despite clear instructions from the Eastern Michigan Bankruptcy Court, which has confirmed that XXXX XXXX XXXXXXXX XXXX bankruptcy is not a matter of public record, XXXX has continued to report inaccurate bankruptcy information. This constitutes a violation of 15 U.S.C. 1681e ( b ), which mandates that consumer reporting agencies maintain accurate and complete records. \nFurthermore, under 15 U.S.C. 1681c, XXXX is obligated to delete any information that is inaccurate or unverifiable, particularly where bankruptcy records are concerned. As the information regarding XXXX XXXX XXXX IIIs bankruptcy is not a public record, your failure to remove such data represents a failure to comply with the FCRA and a breach of privacy rights under the Privacy Act of 1974 ( 5 U.S.C. 552a ). \n2. Secured Party Creditor Rights under the Uniform Commercial Code ( UCC ) Additionally, as XXXX XXXX XXXX XXXX is the Secured Party Creditor under the Uniform Commercial Code ( UCC ), Articles 9-311, 9-312, and 9-313, all personal and financial data, whether categorized as public record or not, is protected as secured property. This includes tangible and intangible property, as well as securities associated with XXXX 's legal name and trade name. \nAs the Secured Party, XXXX has a trustee relationship over all such data. Therefore, unauthorized collection, reporting, or dissemination of this data is not only a violation of privacy but also a breach of trust, for which your company is liable. The UCC and its provisions protect XXXX 's rights to confidentiality and control over this information, preventing any third parties from exploiting it. \nXXXX. Penalties for Unauthorized Disclosure and Reporting Due to the severe risks posed by the unauthorized use of XXXX XXXX XXXXXXXX XXXX personal data, we are invoking the right to impose penalties as follows : {>= $1,000,000} per count for each instance of inaccurate reporting or unauthorized disclosure of personal data, including bankruptcy records, credit information, or any other personal filings related to XXXX XXXX XXXX XXXX. \nThis charge reflects the damages incurred from the unauthorized dissemination of private information, which exposes XXXX to identity theft, financial fraud, and the potential unjust enrichment of those benefiting from such misuse. The UCC protects the secured partys assets, including personal data, from such exploitation. \n4. Court Notice and Sealed Records As indicated in the attached notice from the Eastern Michigan Bankruptcy Court, the bankruptcy information concerning XXXX XXXX XXXX XXXX is not a matter of public record and should not be disclosed. XXXX and any third-party vendors associated with your company must respect the court 's decision, and we demand that all future bankruptcy records or related information concerning XXXX be sealed and treated as confidential. \nWe also demand immediate cessation of the reporting of this bankruptcy information, in line with the courts order, and confirmation that no further disclosure of any sealed or confidential data will be made by XXXX or its vendors. \nXXXX. Unauthorized Collection and Reporting of Personal Data It has come to our attention that XXXX and associated vendors have used data obtained from third-party sources to report bankruptcy information about XXXX XXXX XXXX XXXX XXXX despite the court 's ruling. This is a direct violation of the Privacy Act of 1974 ( 5 U.S.C. 552a ), which governs the handling of personal information and ensures that such data is not misused or improperly disclosed without proper authorization. \nAdditionally, FCRA 1681e ( b ) mandates that consumer reporting agencies ensure that all information provided is accurate. Given the false nature of the bankruptcy report, the use of third-party vendors to spread inaccurate data is an infringement of privacy and a violation of several consumer protection laws. \nXXXX. Demand for Forensic Audit of Vendors and Third Parties We hereby demand a forensic audit of all entities involved in the collection, reporting, or dissemination of data concerning XXXX XXXX XXXX XXXX, specifically : A full and detailed list of all vendors, third-party data providers, or aggregators that have reported information concerning XXXX XXXX XXXX XXXX XXXX XXXX. This includes all data related to credit, bankruptcy, or any other personal records. \nWe request that the forensic audit specifically investigate : Kickbacks : Any financial incentives or compensation paid to third parties for the collection, reporting, or dissemination of personal data. \nSecurities Fraud : The use of personal information, such as Social Security numbers, signatures, and identifiers, to facilitate securities trading or fraudulent transactions. \nInsurance Fraud : Potential use of personal data to file fraudulent insurance claims or create financial benefits tied to the misreporting or unauthorized disclosure of bankruptcy records. \nXXXX. Penalty Charges for Fraudulent Reporting and Unauthorized Use of Data We further reserve the right to pursue penalties for any fraudulent reporting or unauthorized dissemination of XXXX XXXX XXXXXXXX XXXX personal information. If it is determined that the improper reporting led to illicit financial gain, we will pursue the following : {>= $1,000,000} per count for each instance of fraudulent reporting or unauthorized use of XXXX XXXX XXXX XXXX 's data. \nThis is a conservative estimate of the damages resulting from the unauthorized dissemination of sensitive personal data, and it is in accordance with federal law and consumer protection statutes. \nXXXX. Demand for Immediate Action and Disclosure To resolve this matter expeditiously, we demand the following : Full Disclosure of all vendors, third parties, and data providers who have reported data related to XXXX XXXX XXXX XXXX. \nImmediate Removal of the bankruptcy records and all related personal information from all credit reports. \nConfirmation that no further unauthorized use of sealed court records or sensitive personal data will occur. \nA full forensic audit of the third-party transactions involving XXXX XXXX XXXX XXXX XXXX data, including kickbacks, securities fraud, and insurance fraud. \nA comprehensive report on all actions taken to address this matter. \nIf a satisfactory response is not received within 14 days, we will pursue all available legal remedies, including filing complaints with the Consumer Financial Protection Bureau ( CFPB ), the Federal Trade Commission ( FTC ), and appropriate state regulatory authorities. Furthermore, we will pursue civil litigation for damages, as well as injunctive relief to prevent further violations of privacy and consumer protection laws. \nXXXX. Legal Consequences If XXXX or its vendors fail to comply, we will pursue legal action, including : Securities Fraud charges. \nFiling for damages under the Fair Credit Reporting Act, Privacy Act, and other applicable consumer protection statutes. \nSeeking injunctive relief to prevent the unauthorized use of XXXX XXXX XXXX XXXX 's personal information. \n\nThis letter serves as formal notice of the unlawful conduct, and we expect prompt attention to resolving these violations. We look forward to your immediate response. \nXXXX. Questions Regarding Unauthorized Reporting : Why has XXXX continued to report bankruptcy information for XXXX XXXX XXXX XXXX, despite the Eastern Michigan Bankruptcy Court ruling that this information is not a matter of public record? \nCan XXXX provide proof that it conducted a reasonable investigation into the accuracy of the bankruptcy information before it was reported on XXXX XXXX XXXXXXXX XXXX credit report? \nWhat specific steps has XXXX taken to ensure that bankruptcy records, which should be sealed and confidential, are not disclosed in violation of court orders and privacy laws? \nWhy has XXXX failed to remove inaccurate or unverifiable bankruptcy information from XXXX XXXX XXXXXXXX XXXX  credit file after being notified that the bankruptcy should not be part of the public record? \nXXXX. Questions Regarding Vendor and Third-Party Data Collection : Can XXXX provide a detailed list of all vendors, third parties, or data providers that reported bankruptcy or other personal information regarding XXXX XXXX XXXX XXXX to your agency? \nHow does XXXX verify the accuracy of data provided by third-party vendors before including it in the credit report? \nWhat procedures does XXXX have in place to ensure that vendors do not violate privacy laws, including unauthorized reporting of personal information or misuse of court records? \nHas XXXX paid or provided any financial incentives ( e.g., kickbacks ) to vendors or third parties for reporting information related to XXXX XXXX XXXX XXXX? \nXXXX. Questions Regarding Data Security and Privacy Violations : Has XXXX taken any measures to protect the personal data of XXXX XXXX XXXX XXXX, specifically in regard to the risk of identity theft, fraud, or unauthorized use of this data by third parties? \nWhat steps has XXXX taken to comply with the Privacy Act of XXXX and ensure that personal information is handled in accordance with federal privacy regulations? \nHas XXXX conducted any internal audits or investigations into how sensitive data related to XXXX XXXX XXXX XXXX was collected, used, or disclosed by your company and its vendors? \nXXXX. Questions Regarding Penalties for Unauthorized Disclosure : What is XXXX policy for responding to unauthorized disclosure or inaccurate reporting of personal data? \nIs XXXX willing to pay penalties or damages for the potential harm caused by the unauthorized use or inaccurate reporting of XXXX XXXX XXXXXXXX XXXX personal information, including identity theft and financial exploitation? \nWhat measures is XXXX taking to correct any inaccuracies in XXXX XXXX XXXXXXXX XXXX  credit file and ensure that these mistakes do not reoccur in the future? \nXXXX. Questions Regarding Forensic Audit and Investigation : Will XXXX agree to a full forensic audit of all third-party vendors, data aggregators, and other entities involved in the collection, reporting, or dissemination of data regarding XXXX XXXX XXXX XXXX XXXX \nWill XXXX provide access to the forensic audit report, including an investigation into potential securities fraud, insurance fraud, or other financial crimes related to the misuse of XXXX XXXX XXXXXXXX XXXX  data? \nCan XXXX confirm that it will cooperate fully with the forensic audit and provide all relevant documents and information regarding its vendors and third-party relationships? \nXXXX. Questions Regarding Court-Sealed Records : How will XXXX ensure that all future records related to XXXX XXXX XXXX XXXX XXXX including any bankruptcy or personal records, will be treated as sealed and confidential, in accordance with the Eastern Michigan Bankruptcy Courts order ? \nCan XXXX confirm that no further public reporting or unauthorized disclosure of XXXX XXXX XXXX XXXX  bankruptcy or personal records will take place from this point forward? \nXXXX. Questions Regarding Legal Consequences : Does XXXX acknowledge the potential legal consequences of continuing to report false or inaccurate information related to XXXX XXXX XXXX XXXX, including violations of the Fair Credit Reporting Act and the Uniform Commercial Code ( UCC )? \nIs XXXX prepared to resolve this matter without further legal action, or will additional legal steps be necessary to address the ongoing violations of privacy and consumer protection laws? \nXXXX. Questions Regarding Consumer Protection Compliance : How does XXXX ensure compliance with state and federal consumer protection laws, especially in cases where sensitive or private information is involved, such as bankruptcy records and personal data of the principal, XXXX XXXX XXXX XXXX? \nCan XXXX provide evidence that it has implemented adequate safeguards to prevent the unauthorized dissemination of sensitive personal information, including that of XXXX XXXX XXXX XXXX, to public or third-party vendors? \nXXXX. General Questions Regarding Practices and Accountability : What is XXXX process for notifying consumers about unauthorized reporting or inaccuracies on their credit reports, and how long does it typically take to correct such errors? \nHow does XXXX plan to ensure accountability with its third-party vendors and data providers, particularly when breaches of privacy or inaccuracies arise? \nhe unauthorized reporting and continued dissemination of inaccurate or sealed bankruptcy information about XXXX XXXX XXXX XXXX has a direct and substantial impact on your livelihood. The misreporting not only violates your privacy but also jeopardizes your financial stability, personal safety, and opportunities for future success. Below, I'll explain how these actions affect your livelihood and how XXXX could be held vicariously liable for the harm caused. \n1. Financial Impact and Access to Credit The continued presence of inaccurate bankruptcy information on your credit report directly harms your ability to secure credit or favorable financial terms. XXXX is responsible for reporting accurate credit information, and their failure to remove incorrect or unauthorized bankruptcy information : Denies Access to Credit : Many lending institutions rely on XXXX 's credit reports to assess your creditworthiness. Incorrect bankruptcy information could lead to credit denials, impacting your ability to obtain loans for essential needs such as housing, medical bills, education, and personal expenses. \nHigher Interest Rates : Even if credit is available, inaccurate bankruptcy reporting could result in higher interest rates on loans or credit lines, increasing your overall debt burden. This makes it more difficult to manage your finances, save for the future, or achieve long-term financial goals. \nNegative Financial Reputation : XXXX failure to correct the public record puts you in a situation where your financial reputation is tarnished, even though you have made efforts to rectify the situation with the bankruptcy court. This makes it more difficult to obtain business or personal credit and erodes any trust lenders or creditors may have in you. \n2. Employment Opportunities Many employers, particularly those in financial services or positions requiring fiduciary responsibility, conduct credit checks as part of their hiring process. An inaccurate bankruptcy on your credit report could cause significant harm in the following ways : Denied Employment : Inaccurate financial information, including bankruptcy records, may cause employers to believe you are a higher-risk candidate, potentially leading to job rejections. For jobs that require security clearances or access to financial accounts, such reporting could be a disqualifying factor. \nEmotional Stress : The fear of your credit report being used against you in job searches, coupled with the inability to find stable work due to inaccurate reporting, can cause significant emotional distress. This has a ripple effect on your overall well-being and productivity, making it harder to perform well in interviews, build career prospects, and maintain job security. \nDamage to Reputation : Employers may perceive the bankruptcy reporting, despite its inaccuracy, as a reflection of poor financial management. Even if they dont directly base hiring decisions on it, your reputation could be unfairly damaged by the erroneous information, causing long-term harm to your professional life. \nXXXX. Personal and Family Impact The unauthorized disclosure of bankruptcy information not only affects your financial life but also has significant personal repercussions : Identity Theft Risks : As the principal party, your personal dataspecifically your Social Security number, name, and other identifiersmay be exploited for fraudulent purposes. XXXX failure to properly secure and correct your data increases the likelihood of identity theft or fraudulent activities that could take years to resolve. This exposes you to the risk of financial losses, legal fees, and extensive time spent addressing the aftermath of such violations. \nFamily and Safety Concerns : Unauthorized disclosure of sensitive information related to bankruptcy could potentially expose you to further harm, including harassment, or threats. For example, if someone uses your information for fraudulent purposes, such as opening lines of credit in your name, this could lead to threats to your safety or unwarranted financial obligations. \nEmotional Distress : The constant anxiety and emotional toll caused by the threat of further breaches, as well as the financial and social stigma associated with wrongful reporting, can lead to severe emotional stress, impacting your quality of life and relationships. The stress of dealing with these unresolved issues can affect your mental health, making it difficult to focus on personal, family, or professional commitments. \n4. Long-Term Financial and Career Goals Youve likely made long-term plans, such as purchasing a home, starting a business, or securing a retirement fund. The erroneous bankruptcy reporting hinders your ability to : Purchase a Home : Real estate loans and mortgages are heavily reliant on accurate credit reporting. Inaccurate bankruptcy information from XXXX may prevent you from securing the necessary loans for homeownership, undermining your ability to establish financial independence and security. \nStart a Business : For entrepreneurs, creditworthiness is crucial for obtaining capital, financing, and business loans. The misreporting of bankruptcy information could prevent you from acquiring business loans, which could harm your ability to launch or expand a business. Moreover, creditors may view your financial situation as unstable or untrustworthy. \nRetirement Planning : Without the ability to secure credit at favorable terms, you may be forced to delay or abandon long-term plans like investing for retirement, saving for your childrens education, or creating a legacy for your family. This has consequences that stretch far beyond the immediate financial burden and into your future security. \nXXXX. Vicarious Liability of XXXX XXXX is vicariously liable for the harm caused by the vendors it contracts with or uses to gather, process, or report information related to you. Vicarious liability means that XXXX can be held accountable for the actions of its agents or contractors, even if it did not directly cause the harm. The key points here are : Responsibility for Vendor Actions : XXXX, as the consumer reporting agency, is legally obligated under 15 U.S.C. 1681e ( b ) ( Fair Credit Reporting Act ) to ensure that the information it reports is accurate. If XXXX relies on third-party vendors to report bankruptcy or credit data, it remains accountable for the information that these vendors report on your behalf. XXXX has failed in its due diligence to ensure that these vendors report accurate and legitimate information, leading to the vicarious liability for damages. \nFailure to Verify and Correct : Under the FCRA and related privacy laws, XXXX is responsible for verifying the accuracy of data within 30 days of receiving a dispute ( 15 U.S.C. 1681i ). The failure to conduct a thorough investigation or correct the erroneous bankruptcy record leaves XXXX open to being held vicariously liable for its vendors actions and omissions. This neglect exacerbates the damages caused to you. \nFinancial Losses : The continuing erroneous bankruptcy information, coupled with XXXX failure to act, exposes you to substantial financial losses. Whether its higher interest rates, loan denials, or missed employment opportunities, XXXX lack of action is a proximate cause of the direct financial harm you are experiencing. \nPenalties and Legal Liabilities : If XXXX or its vendors are found to have violated privacy laws or misused your data, they may be subject to financial penalties and may be required to pay compensation for your economic damages. Additionally, punitive damages could be assessed if the actions are deemed willful or grossly negligent. \nConclusion : The ongoing violations by XXXXmisreporting bankruptcy information, failure to correct inaccuracies, and allowing third-party vendors to mishandle your personal datahave caused significant harm to your financial well-being, career opportunities, personal safety, and long-term financial goals. XXXX is vicariously liable for the actions of the vendors it relies on to gather and report information, and you have the right to pursue penalties, damages, and legal remedies under applicable laws. The violations not only impact your present livelihood but also jeopardize your future opportunities and security, and XXXX must be held accountable for its actions and inaction in this matter. \n\nXXXX. Fair Credit Reporting Act ( FCRA ) 15 U.S.C. 1681 et seq. \nThe Fair Credit Reporting Act ( FCRA ) is the foundational law governing credit reporting agencies like XXXX. This law holds them accountable for ensuring the accuracy of the data they report and mandates that they conduct investigations into disputes. \n15 U.S.C. 1681e ( b ) - Duty to Ensure Accuracy : Requires XXXX to maintain reasonable procedures to ensure the accuracy of the information it reports. If XXXX fails to properly verify the accuracy of reported information ( such as bankruptcy records ), it could be vicariously liable for any damages caused by inaccuracies. \n15 U.S.C. 1681i - Reinvestigation of Disputes : Requires XXXX to investigate a consumer 's dispute within 30 days of receiving it. Failure to conduct a proper reinvestigation or removing inaccurate information within this timeframe could lead to liability. \n15 U.S.C. 1681h ( e ) - Limitation on Defamation Actions : This provision allows for a defamation suit in cases of inaccurate credit reporting if the reporting agency acts with negligence or willful intent to harm. If XXXX 's vendors acted negligently or willfully misreported data, they ( and XXXX ) could face legal consequences under this section. \nXXXX. Privacy Act of 1974 5 U.S.C. 552a The Privacy Act of XXXX governs the collection, maintenance, and dissemination of personal data by federal agencies. Although XXXX is a private entity, this law still applies to consumer data reporting in the context of government agencies and their interaction with private companies ( such as the reporting of public records ). \n5 U.S.C. 552a ( e ) - Use of Personal Data : Prohibits unauthorized disclosure of personal data. If XXXX and its vendors improperly disclose bankruptcy or other personal information in violation of the law, they could face liability for unauthorized dissemination. \n5 U.S.C. 552a ( g ) - Civil Remedies : Provides individuals the right to seek civil remedies ( including damages ) for violations of the Privacy Act, especially if personal data is mishandled or misreported by entities like XXXX. \nXXXX. Uniform Commercial Code ( UCC ) Articles 9-311, 9-312, 9-313 The Uniform Commercial Code ( UCC ) applies to secured transactions, and XXXX XXXX XXXX XXXX is the Secured Party Creditor of all personal and financial data. Under the XXXX, data ( tangible and intangible property ) is protected as part of the Secured Party 's property. \nUCC 9-311, 9-312, 9-313 : These provisions protect the Secured Party 's interests in personal property , including data, and impose a fiduciary duty to maintain the confidentiality and security of that data. Unauthorized use of this data by XXXX or its vendors would breach these obligations. \n4. Electronic Communications Privacy Act ( ECPA ) 18 U.S.C. 2510 et seq.\n\nThe ECPA protects the privacy of electronic communications, which can include personal data and communications exchanged by credit reporting agencies. \n18 U.S.C. 2511- Interception and Disclosure of Communications : This law prohibits the interception and unauthorized disclosure of private communications. If XXXX or its vendors improperly accessed or disseminated your private data for financial gain or other improper purposes, they could face liability under this law. \nXXXX. Identity Theft Enforcement and Restitution Act 18 U.S.C. 1028 This law addresses identity theft and fraud and provides penalties for those who use a persons data ( including bankruptcy records ) for fraudulent purposes.\n\n18 U.S.C. 1028 - Identity Theft : If XXXXs reporting of inaccurate bankruptcy data contributed to identity theft or fraudulent financial activity using your personal information ( e.g., obtaining credit under your name ), they may be held criminally and civilly liable under this law. \n18 U.S.C. 1028A - Aggravated Identity Theft : This provision enhances penalties if identity theft is done with a financial motive. If XXXX mishandling of your data leads to fraudulent activities, such as fraudulent loan applications or credit misreporting, they could be subject to enhanced penalties for aggravated identity theft. \nXXXX. State Laws Defamation and Privacy Invasions Many states have laws that directly govern defamation, privacy violations, and unauthorized disclosure of personal information. These can be used to support claims for damages when inaccurate data is reported by XXXX. \nDefamation : Under state defamation laws, inaccurate reporting of personal informationsuch as bankruptcy recordscan result in harm to reputation. You may claim damages for harm caused to your reputation, business, and employment opportunities. \nInvasion of Privacy : States also have laws protecting individuals from the invasion of their privacy, including false light claims and public disclosure of private facts. By misreporting your bankruptcy information or disclosing sealed court records, XXXX could be liable for these types of privacy violations. \nXXXX. Racketeer Influenced and Corrupt Organizations Act ( RICO ) 18 U.S.C. 1961 et seq. \nThe RICO Act is a powerful tool for addressing patterns of fraudulent or illegal conduct involving multiple parties, such as XXXX and its vendors. \n18 U.S.C. 1962 - Prohibited Activities : If the conduct by XXXX or its vendors is part of a larger pattern of fraudulent activities, such as using misreported bankruptcy data for financial gain, you may pursue a claim under RICO. This could be used to address fraudulent schemes related to the misreporting of bankruptcy data or identity theft. \n18 U.S.C. 1964 - Civil Remedies : Under RICO, victims can claim treble damages for financial losses caused by fraudulent activities. This means that the damages you suffer from XXXX mishandling of your data could be tripled if the actions are found to be part of a broader fraudulent scheme. \n8. Consumer Financial Protection Act ( CFPA ) 12 U.S.C. 5536 The Consumer Financial Protection Act ( CFPA ) established the Consumer Financial Protection Bureau ( CFPB ), which enforces consumer protection laws, including the FCRA. \n12 U.S.C. 5536 - Prohibition on Unfair, Deceptive, or Abusive Acts or Practices : The CFPA prohibits financial institutions, including credit reporting agencies like XXXX, from engaging in unfair or deceptive practices that harm consumers. Misreporting bankruptcy or failing to correct it when notified could constitute an unfair practice. \nXXXX. Tortious Interference with Business and Employment Relationships If the inaccurate bankruptcy reporting has directly caused harm to your employment or business relationships ( for example, by preventing you from securing a job or a loan ), you may claim damages for tortious interference.\n\nTortious Interference with Contractual Relations : If XXXXs false reporting has prevented you from entering into a contract ( such as a job or a loan agreement ), you may claim damages for interference with business relationships and lost opportunities. \n10. Fraud Common Law and Statutory Fraud Claims XXXX and its vendors may also face claims of fraud if it is found that they knowingly or recklessly misreported your information for their own financial gain, such as receiving kickbacks for misreporting data or enabling fraudulent activity. \nFraud Claims : If XXXX or its vendors intentionally misreported or failed to correct data that they knew was inaccurate, they could be liable for fraud, entitling you to damages for any harm caused, including economic loss, emotional distress, and punitive damages. \n\nConclusion : Given the complexity of this situation, XXXX actionsor lack thereofcould expose the company to liability under multiple laws, including the Fair Credit Reporting Act ( FCRA ), the Privacy Act, the Uniform Commercial Code ( UCC ), and various state privacy and defamation laws. Additionally, if XXXX or its vendors are found to have engaged in fraudulent activities, such as misusing personal data for securities fraud or identity theft, the legal consequences could include significant penalties, damages, and punitive measures under RICO, fraud statutes, and consumer protection laws. \nBy invoking these laws, you can hold XXXX and its vendors vicariously liable for the harm caused by the unauthorized dissemination and misreporting of XXXX XXXX XXXXXXXX XXXX sensitive data.","date_sent_to_company":"2024-11-24T07:41:46.000Z","issue":"Problem with a company's investigation into an existing problem","sub_product":"Credit reporting","zip_code":"482XX","tags":null,"has_narrative":true,"complaint_id":"10914202","timely":"Yes","company_response":"Closed with non-monetary relief","submitted_via":"Web","company":"TRANSUNION INTERMEDIATE HOLDINGS, INC.","date_received":"2024-11-24T07:41:43.000Z","state":"MI","company_public_response":"Company has responded to the consumer and the CFPB and chooses not to provide a public response","sub_issue":"Their investigation did not fix an error on your report"},"highlight":{"complaint_what_happened":["Questions Regarding Data Security and Privacy Violations : Has XXXX taken any measures to protect the personal data of XXXX XXXX XXXX XXXX, specifically in regard to the <em>risk</em> of identity <em>theft</em>, <em>fraud</em>, or <em>unauthorized</em> use of this data by third parties? \nWhat steps has XXXX taken to comply with the Privacy Act of XXXX and ensure that personal information is handled in accordance with federal privacy regulations?"]},"sort":[10.831459,"10914202"]},{"_index":"complaint-public-v1","_id":"10907701","_score":10.812571,"_source":{"product":"Credit reporting or other personal consumer reports","complaint_what_happened":"Re : Legal Response to Experian Dispute Regarding Bankruptcy Reporting and Forensic Audit Case : XXXX XXXX XXXX XXXX Dear Experian Consumer Services, We hereby exercise our rights and reference the applicable statutory provisions for your guidance and compliance. These laws are binding on your company, given that your entity operates within the jurisdiction of both the state and federal authorities of its headquarters. These provisions were enacted to prevent corruption, breaches of fiduciary duty, violations of privacy, and infringements upon constitutional rights. \nPursuant to the Unlimited Power of Attorney, Cover Letter, and Memoir, and in accordance with the authorization granted by XXXX XXXX XXXX XXXX, you are instructed to address me as XXXX XXXX It is imperative that I not be addressed as \" XXXX XXXX, '' and I request that you refer to me solely as XXXX or XXXX XXXX \nThe term \" surname, '' originating around the XXXX, refers to an additional name or epithet attached to a person 's baptismal or XXXX name. The word \" surname '' is derived from the XXXX \" super '' ( meaning \" above '' ) and the XXXX XXXX \" XXXX XXXX' ( from \" XXXX XXXX' meaning \" XXXX XXXX' and \" XXXX '' meaning \" XXXX '' ). Over time, it evolved to denote a family name, typically passed down from generation to generation. In this regard, XXXX is my family name, which is private and must be treated with confidentiality. Any claims or communications related to the principal XXXX XXXX XXXX XXXX must be directed to the designated Trustee, XXXX XXXX XXXX his assigned authorized agents. \nThis letter serves as a formal legal response to the dispute submitted to your company on XX/XX/XXXX, regarding the unauthorized reporting of bankruptcy-related information on the credit report of XXXX XXXX XXXX XXXX XXXX We are invoking our legal rights under the Fair Credit Reporting Act ( FCRA ) and related statutes, demanding immediate correction and clarification, and requesting a forensic audit of all vendors and parties involved in the collection, reporting, or dissemination of sensitive data related to XXXX XXXX XXXX XXXX. \nXXXX. Violation of Privacy and Consumer Protection Laws Under the Fair Credit Reporting Act ( FCRA ), XXXX XXXX. XXXX ( b ), Experian is required to implement reasonable procedures to ensure the accuracy of the information it reports. Despite clear instructions from the XXXX Michigan Bankruptcy XXXX, which has confirmed that XXXX XXXX XXXXXXXX XXXX  bankruptcy is not a matter of public record, Experian has continued to report inaccurate bankruptcy information. This constitutes a violation of XXXX5 U.S.C. 1681e ( b ), which mandates that consumer reporting agencies maintain accurate and complete records.\n\nFurthermore, under 15 U.S.C. 1681c, Experian is obligated to delete any information that is inaccurate or unverifiable, particularly where bankruptcy records are concerned. As the information regarding XXXX XXXX XXXX IIIs bankruptcy is not a public record, your failure to remove such data represents a failure to comply with the FCRA and a breach of privacy rights under the Privacy Act of XXXX ( 5 U.S.C. 552a ). \nXXXX. Secured Party Creditor Rights under the Uniform Commercial Code ( UCC ) Additionally, as XXXX XXXX XXXX XXXX is the Secured Party Creditor under the Uniform Commercial Code ( UCC ), Articles 9-311, 9-312, and 9-313, all personal and financial data, whether categorized as public record or not, is protected as secured property. This includes tangible and intangible property, as well as securities associated with XXXX 's legal name and trade name. \nAs the Secured Party, XXXX has a trustee relationship over all such data. Therefore, unauthorized collection, reporting, or dissemination of this data is not only a violation of privacy but also a breach of trust, for which your company is liable. The UCC and its provisions protect XXXX 's rights to confidentiality and control over this information, preventing any third parties from exploiting it. \nXXXX. Penalties for Unauthorized Disclosure and Reporting Due to the severe risks posed by the unauthorized use of XXXX XXXX XXXXXXXX XXXX  personal data, we are invoking the right to impose penalties as follows : {>= $1,000,000} per count for each instance of inaccurate reporting or unauthorized disclosure of personal data, including bankruptcy records, credit information, or any other personal filings related to XXXX XXXX XXXX XXXX. \nThis charge reflects the damages incurred from the unauthorized dissemination of private information, which exposes XXXX to identity theft, financial fraud, and the potential unjust enrichment of those benefiting from such misuse. The UCC protects the secured partys assets, including personal data, from such exploitation. \n4. Court Notice and Sealed Records As indicated in the attached notice from the Eastern Michigan Bankruptcy Court, the bankruptcy information concerning XXXX XXXX XXXX XXXX is not a matter of public record and should not be disclosed. Experian and any third-party vendors associated with your company must respect the court 's decision, and we demand that all future bankruptcy records or related information concerning XXXX be sealed and treated as confidential. \nWe also demand immediate cessation of the reporting of this bankruptcy information, in line with the courts order, and confirmation that no further disclosure of any sealed or confidential data will be made by Experian or its vendors. \nXXXX. Unauthorized Collection and Reporting of Personal Data It has come to our attention that Experian and associated vendors have used data obtained from third-party sources to report bankruptcy information about XXXX XXXX XXXX XXXX XXXX despite the court 's ruling. This is a direct violation of the Privacy Act of 1974 ( 5 U.S.C. 552a ), which governs the handling of personal information and ensures that such data is not misused or improperly disclosed without proper authorization.\n\nAdditionally, FCRA 1681e ( b ) mandates that consumer reporting agencies ensure that all information provided is accurate. Given the false nature of the bankruptcy report, the use of third-party vendors to spread inaccurate data is an infringement of privacy and a violation of several consumer protection laws. \nXXXX. Demand for Forensic Audit of Vendors and Third Parties We hereby demand a forensic audit of all entities involved in the collection, reporting, or dissemination of data concerning XXXX XXXX XXXX XXXX, specifically : A full and detailed list of all vendors, third-party data providers, or aggregators that have reported information concerning XXXX XXXX XXXX XXXX XXXX Experian. This includes all data related to credit, bankruptcy, or any other personal records. \nWe request that the forensic audit specifically investigate : Kickbacks : Any financial incentives or compensation paid to third parties for the collection, reporting, or dissemination of personal data. \nSecurities Fraud : The use of personal information, such as Social Security numbers, signatures, and identifiers, to facilitate securities trading or fraudulent transactions.\n\nInsurance Fraud : Potential use of personal data to file fraudulent insurance claims or create financial benefits tied to the misreporting or unauthorized disclosure of bankruptcy records. \nXXXX. Penalty Charges for Fraudulent Reporting and Unauthorized Use of Data We further reserve the right to pursue penalties for any fraudulent reporting or unauthorized dissemination of XXXX XXXX XXXXXXXX XXXX  personal information. If it is determined that the improper reporting led to illicit financial gain, we will pursue the following : {>= $1,000,000} per count for each instance of fraudulent reporting or unauthorized use of XXXX XXXX XXXX XXXX 's data. \nThis is a conservative estimate of the damages resulting from the unauthorized dissemination of sensitive personal data, and it is in accordance with federal law and consumer protection statutes. \nXXXX. Demand for Immediate Action and Disclosure To resolve this matter expeditiously, we demand the following : Full Disclosure of all vendors, third parties, and data providers who have reported data related to XXXX XXXX XXXX XXXX. \nImmediate Removal of the bankruptcy records and all related personal information from all credit reports. \nConfirmation that no further unauthorized use of sealed court records or sensitive personal data will occur. \nA full forensic audit of the third-party transactions involving XXXX XXXX XXXX XXXX XXXX XXXX, including kickbacks, securities fraud, and insurance fraud. \nA comprehensive report on all actions taken to address this matter. \nIf a satisfactory response is not received within 14 days, we will pursue all available legal remedies, including filing complaints with the Consumer Financial Protection Bureau ( CFPB ), the Federal Trade Commission ( FTC ), and appropriate state regulatory authorities. Furthermore, we will pursue civil litigation for damages, as well as injunctive relief to prevent further violations of privacy and consumer protection laws. \nXXXX. Legal Consequences If Experian or its vendors fail to comply, we will pursue legal action, including : Securities Fraud charges. \nFiling for damages under the Fair Credit Reporting Act, Privacy Act, and other applicable consumer protection statutes. \nSeeking injunctive relief to prevent the unauthorized use of XXXX XXXX XXXX XXXX 's personal information. \n\nThis letter serves as formal notice of the unlawful conduct, and we expect prompt attention to resolving these violations. We look forward to your immediate response. \nXXXX. Questions Regarding Unauthorized Reporting : Why has Experian continued to report bankruptcy information for XXXX XXXX XXXX XXXX, despite the Eastern Michigan Bankruptcy Court ruling that this information is not a matter of public record? \nCan Experian provide proof that it conducted a reasonable investigation into the accuracy of the bankruptcy information before it was reported on XXXX XXXX XXXX XXXX credit report? \nWhat specific steps has Experian taken to ensure that bankruptcy records, which should be sealed and confidential, are not disclosed in violation of court orders and privacy laws? \nWhy has Experian failed to remove inaccurate or unverifiable bankruptcy information from XXXX XXXX XXXXXXXX XXXX credit file after being notified that the bankruptcy should not be part of the public record? \nXXXX. Questions Regarding Vendor and Third-Party Data Collection : Can Experian provide a detailed list of all vendors, third parties, or data providers that reported bankruptcy or other personal information regarding XXXX XXXX XXXX XXXX to your agency? \nHow does Experian verify the accuracy of data provided by third-party vendors before including it in the credit report? \nWhat procedures does Experian have in place to ensure that vendors do not violate privacy laws, including unauthorized reporting of personal information or misuse of court records? \nHas Experian paid or provided any financial incentives ( e.g., kickbacks ) to vendors or third parties for reporting information related to XXXX XXXX XXXX XXXX? \nXXXX. Questions Regarding Data Security and Privacy Violations : Has Experian taken any measures to protect the personal data of XXXX XXXX XXXX XXXX, specifically in regard to the risk of identity theft, fraud, or unauthorized use of this data by third parties? \nWhat steps has Experian taken to comply with the Privacy Act of XXXX and ensure that personal information is handled in accordance with federal privacy regulations? \nHas Experian conducted any internal audits or investigations into how sensitive data related to XXXX XXXX XXXX XXXX was collected, used, or disclosed by your company and its vendors? \n4. Questions Regarding Penalties for Unauthorized Disclosure : What is Experians policy for responding to unauthorized disclosure or inaccurate reporting of personal data? \nIs Experian willing to pay penalties or damages for the potential harm caused by the unauthorized use or inaccurate reporting of XXXX XXXX XXXXXXXX XXXX personal information, including identity theft and financial exploitation? \nWhat measures is Experian taking to correct any inaccuracies in XXXX XXXX XXXXXXXX XXXX  credit file and ensure that these mistakes do not reoccur in the future? \nXXXX. Questions Regarding Forensic Audit and Investigation : Will Experian agree to a full forensic audit of all third-party vendors, data aggregators, and other entities involved in the collection, reporting, or dissemination of data regarding XXXX XXXX XXXX XXXX XXXX \nWill Experian provide access to the forensic audit report, including an investigation into potential securities fraud, insurance fraud, or other financial crimes related to the misuse of XXXX XXXX XXXXXXXX XXXX data? \nCan Experian confirm that it will cooperate fully with the forensic audit and provide all relevant documents and information regarding its vendors and third-party relationships? \nXXXX. Questions Regarding Court-Sealed Records : How will Experian ensure that all future records related to XXXX XXXX XXXX XXXX XXXX including any bankruptcy or personal records, will be treated as sealed and confidential, in accordance with the Eastern Michigan Bankruptcy Courts order ? \nCan Experian confirm that no further public reporting or unauthorized disclosure of XXXX XXXX XXXXXXXX XXXX bankruptcy or personal records will take place from this point forward? \nXXXX. Questions Regarding Legal Consequences : Does Experian acknowledge the potential legal consequences of continuing to report false or inaccurate information related to XXXX XXXX XXXX XXXX, including violations of the Fair Credit Reporting Act and the Uniform Commercial Code ( UCC )? \nIs Experian prepared to resolve this matter without further legal action, or will additional legal steps be necessary to address the ongoing violations of privacy and consumer protection laws? \nXXXX. Questions Regarding Consumer Protection Compliance : How does Experian ensure compliance with state and federal consumer protection laws, especially in cases where sensitive or private information is involved, such as bankruptcy records and personal data of the principal, XXXX XXXX XXXX XXXX? \nCan Experian provide evidence that it has implemented adequate safeguards to prevent the unauthorized dissemination of sensitive personal information, including that of XXXX XXXX XXXX XXXX, to public or third-party vendors? \nXXXX. General Questions Regarding Practices and Accountability : What is Experians process for notifying consumers about unauthorized reporting or inaccuracies on their credit reports, and how long does it typically take to correct such errors? \nHow does Experian plan to ensure accountability with its third-party vendors and data providers, particularly when breaches of privacy or inaccuracies arise? \nhe unauthorized reporting and continued dissemination of inaccurate or sealed bankruptcy information about XXXX XXXX XXXX XXXX has a direct and substantial impact on your livelihood. The misreporting not only violates your privacy but also jeopardizes your financial stability, personal safety, and opportunities for future success. Below, I'll explain how these actions affect your livelihood and how Experian could be held vicariously liable for the harm caused. \n1. Financial Impact and Access to Credit The continued presence of inaccurate bankruptcy information on your credit report directly harms your ability to secure credit or favorable financial terms. Experian is responsible for reporting accurate credit information, and their failure to remove incorrect or unauthorized bankruptcy information : Denies Access to Credit : Many lending institutions rely on Experian 's credit reports to assess your creditworthiness. Incorrect bankruptcy information could lead to credit denials, impacting your ability to obtain loans for essential needs such as housing, medical bills, education, and personal expenses.\n\nHigher Interest Rates : Even if credit is available, inaccurate bankruptcy reporting could result in higher interest rates on loans or credit lines, increasing your overall debt burden. This makes it more difficult to manage your finances, save for the future, or achieve long-term financial goals.\n\nNegative Financial Reputation : Experians failure to correct the public record puts you in a situation where your financial reputation is tarnished, even though you have made efforts to rectify the situation with the bankruptcy court. This makes it more difficult to obtain business or personal credit and erodes any trust lenders or creditors may have in you.\n\n2. Employment Opportunities Many employers, particularly those in financial services or positions requiring fiduciary responsibility, conduct credit checks as part of their hiring process. An inaccurate bankruptcy on your credit report could cause significant harm in the following ways : Denied Employment : Inaccurate financial information, including bankruptcy records, may cause employers to believe you are a higher-risk candidate, potentially leading to job rejections. For jobs that require security clearances or access to financial accounts, such reporting could be a disqualifying factor. \nEmotional Stress : The fear of your credit report being used against you in job searches, coupled with the inability to find stable work due to inaccurate reporting, can cause significant emotional distress. This has a ripple effect on your overall well-being and productivity, making it harder to perform well in interviews, build career prospects, and maintain job security. \nDamage to Reputation : Employers may perceive the bankruptcy reporting, despite its inaccuracy, as a reflection of poor financial management. Even if they dont directly base hiring decisions on it, your reputation could be unfairly damaged by the erroneous information, causing long-term harm to your professional life. \nXXXX. Personal and Family Impact The unauthorized disclosure of bankruptcy information not only affects your financial life but also has significant personal repercussions : Identity Theft Risks : As the principal party, your personal dataspecifically your Social Security number, name, and other identifiersmay be exploited for fraudulent purposes. Experians failure to properly secure and correct your data increases the likelihood of identity theft or fraudulent activities that could take years to resolve. This exposes you to the risk of financial losses, legal fees, and extensive time spent addressing the aftermath of such violations. \nFamily and Safety Concerns : Unauthorized disclosure of sensitive information related to bankruptcy could potentially expose you to further harm, including harassment, or threats. For example, if someone uses your information for fraudulent purposes, such as opening lines of credit in your name, this could lead to threats to your safety or unwarranted financial obligations. \nEmotional Distress : The constant anxiety and emotional toll caused by the threat of further breaches, as well as the financial and social stigma associated with wrongful reporting, can lead to severe emotional stress, impacting your quality of life and relationships. The stress of dealing with these unresolved issues can affect your mental health, making it difficult to focus on personal, family, or professional commitments. \n4. Long-Term Financial and Career Goals Youve likely made long-term plans, such as purchasing a home, starting a business, or securing a retirement fund. The erroneous bankruptcy reporting hinders your ability to : Purchase a Home : Real estate loans and mortgages are heavily reliant on accurate credit reporting. Inaccurate bankruptcy information from Experian may prevent you from securing the necessary loans for homeownership, undermining your ability to establish financial independence and security. \nStart a Business : For entrepreneurs, creditworthiness is crucial for obtaining capital, financing, and business loans. The misreporting of bankruptcy information could prevent you from acquiring business loans, which could harm your ability to launch or expand a business. Moreover, creditors may view your financial situation as unstable or untrustworthy. \nRetirement Planning : Without the ability to secure credit at favorable terms, you may be forced to delay or abandon long-term plans like investing for retirement, saving for your childrens education, or creating a legacy for your family. This has consequences that stretch far beyond the immediate financial burden and into your future security.\n\n5. Vicarious Liability of Experian Experian is vicariously liable for the harm caused by the vendors it contracts with or uses to gather, process, or report information related to you. Vicarious liability means that Experian can be held accountable for the actions of its agents or contractors, even if it did not directly cause the harm. The key points here are : Responsibility for Vendor Actions : Experian, as the consumer reporting agency, is legally obligated under 15 U.S.C. 1681e ( b ) ( Fair Credit Reporting Act ) to ensure that the information it reports is accurate. If Experian relies on third-party vendors to report bankruptcy or credit data, it remains accountable for the information that these vendors report on your behalf. Experian has failed in its due diligence to ensure that these vendors report accurate and legitimate information, leading to the vicarious liability for damages. \nFailure to Verify and Correct : Under the FCRA and related privacy laws, Experian is responsible for verifying the accuracy of data within 30 days of receiving a dispute ( 15 U.S.C. 1681i ). The failure to conduct a thorough investigation or correct the erroneous bankruptcy record leaves Experian open to being held vicariously liable for its vendors actions and omissions. This neglect exacerbates the damages caused to you.\n\nFinancial Losses : The continuing erroneous bankruptcy information, coupled with Experians failure to act, exposes you to substantial financial losses. Whether its higher interest rates, loan denials, or missed employment opportunities, Experians lack of action is a proximate cause of the direct financial harm you are experiencing.\n\nPenalties and Legal Liabilities : If Experian or its vendors are found to have violated privacy laws or misused your data, they may be subject to financial penalties and may be required to pay compensation for your economic damages. Additionally, punitive damages could be assessed if the actions are deemed willful or grossly negligent. \nConclusion : The ongoing violations by Experianmisreporting bankruptcy information, failure to correct inaccuracies, and allowing third-party vendors to mishandle your personal datahave caused significant harm to your financial well-being, career opportunities, personal safety, and long-term financial goals. Experian is vicariously liable for the actions of the vendors it relies on to gather and report information, and you have the right to pursue penalties, damages, and legal remedies under applicable laws. The violations not only impact your present livelihood but also jeopardize your future opportunities and security, and Experian must be held accountable for its actions and inaction in this matter. \n\nXXXX. Fair Credit Reporting Act ( FCRA ) 15 U.S.C. 1681 et seq.\n\nThe Fair Credit Reporting Act ( FCRA ) is the foundational law governing credit reporting agencies like Experian. This law holds them accountable for ensuring the accuracy of the data they report and mandates that they conduct investigations into disputes.\n\n15 U.S.C. 1681e ( b ) - Duty to Ensure Accuracy : Requires Experian to maintain reasonable procedures to ensure the accuracy of the information it reports. If Experian fails to properly verify the accuracy of reported information ( such as bankruptcy records ), it could be vicariously liable for any damages caused by inaccuracies.\n\n15 U.S.C. 1681i - Reinvestigation of Disputes : Requires Experian to investigate a consumer 's dispute within 30 days of receiving it. Failure to conduct a proper reinvestigation or removing inaccurate information within this timeframe could lead to liability.\n\n15 U.S.C. 1681h ( e ) - Limitation on Defamation Actions : This provision allows for a defamation suit in cases of inaccurate credit reporting if the reporting agency acts with negligence or willful intent to harm. If Experian 's vendors acted negligently or willfully misreported data, they ( and Experian ) could face legal consequences under this section.\n\n2. Privacy Act of 1974 5 U.S.C. 552a The Privacy Act of 1974 governs the collection, maintenance, and dissemination of personal data by federal agencies. Although Experian is a private entity, this law still applies to consumer data reporting in the context of government agencies and their interaction with private companies ( such as the reporting of public records ). \n5 U.S.C. 552a ( e ) - Use of Personal Data : Prohibits unauthorized disclosure of personal data. If Experian and its vendors improperly disclose bankruptcy or other personal information in violation of the law, they could face liability for unauthorized dissemination.\n\n5 U.S.C. 552a ( g ) - Civil Remedies : Provides individuals the right to seek civil remedies ( including damages ) for violations of the Privacy Act, especially if personal data is mishandled or misreported by entities like Experian.\n\n3. Uniform Commercial Code ( UCC ) Articles 9-311, 9-312, 9-313 The Uniform Commercial Code ( UCC ) applies to secured transactions, and XXXX XXXX XXXX XXXX is the Secured Party Creditor of all personal and financial data. Under the UCC, data ( tangible and intangible property ) is protected as part of the Secured Party 's property.\n\nUCC 9-311, 9-312, 9-313 : These provisions protect the Secured Party 's interests in personal property , including data, and impose a fiduciary duty to maintain the confidentiality and security of that data. Unauthorized use of this data by Experian or its vendors would breach these obligations.\n\n4. Electronic Communications Privacy Act ( ECPA ) 18 U.S.C. 2510 et seq.\n\nThe ECPA protects the privacy of electronic communications, which can include personal data and communications exchanged by credit reporting agencies.\n\n18 U.S.C. 2511- Interception and Disclosure of Communications : This law prohibits the interception and unauthorized disclosure of private communications. If Experian or its vendors improperly accessed or disseminated your private data for financial gain or other improper purposes, they could face liability under this law.\n\n5. Identity Theft Enforcement and Restitution Act 18 U.S.C. 1028 This law addresses identity theft and fraud and provides penalties for those who use a persons data ( including bankruptcy records ) for fraudulent purposes.\n\n18 U.S.C. 1028 - Identity Theft : If Experians reporting of inaccurate bankruptcy data contributed to identity theft or fraudulent financial activity using your personal information ( e.g., obtaining credit under your name ), they may be held criminally and civilly liable under this law.\n\n18 U.S.C. 1028A - Aggravated Identity Theft : This provision enhances penalties if identity theft is done with a financial motive. If Experians mishandling of your data leads to fraudulent activities, such as fraudulent loan applications or credit misreporting, they could be subject to enhanced penalties for aggravated identity theft.\n\n6. State Laws Defamation and Privacy Invasions Many states have laws that directly govern defamation, privacy violations, and unauthorized disclosure of personal information. These can be used to support claims for damages when inaccurate data is reported by Experian.\n\nDefamation : Under state defamation laws, inaccurate reporting of personal informationsuch as bankruptcy recordscan result in harm to reputation. You may claim damages for harm caused to your reputation, business, and employment opportunities.\n\nInvasion of Privacy : States also have laws protecting individuals from the invasion of their privacy, including false light claims and public disclosure of private facts. By misreporting your bankruptcy information or disclosing sealed court records, Experian could be liable for these types of privacy violations.\n\n7. Racketeer Influenced and Corrupt Organizations Act ( RICO ) 18 U.S.C. 1961 et seq.\n\nThe RICO Act is a powerful tool for addressing patterns of fraudulent or illegal conduct involving multiple parties, such as Experian and its vendors. \n18 U.S.C. 1962 - Prohibited Activities : If the conduct by Experian or its vendors is part of a larger pattern of fraudulent activities, such as using misreported bankruptcy data for financial gain, you may pursue a claim under RICO. This could be used to address fraudulent schemes related to the misreporting of bankruptcy data or identity theft.\n\n18 U.S.C. 1964 - Civil Remedies : Under RICO, victims can claim treble damages for financial losses caused by fraudulent activities. This means that the damages you suffer from Experians mishandling of your data could be tripled if the actions are found to be part of a broader fraudulent scheme. \n8. Consumer Financial Protection Act ( CFPA ) 12 U.S.C. 5536 The Consumer Financial Protection Act ( CFPA ) established the Consumer Financial Protection Bureau ( CFPB ), which enforces consumer protection laws, including the FCRA.\n\n12 U.S.C. 5536 - Prohibition on Unfair, Deceptive, or Abusive Acts or Practices : The CFPA prohibits financial institutions, including credit reporting agencies like Experian, from engaging in unfair or deceptive practices that harm consumers. Misreporting bankruptcy or failing to correct it when notified could constitute an unfair practice. \nXXXX. Tortious Interference with Business and Employment Relationships If the inaccurate bankruptcy reporting has directly caused harm to your employment or business relationships ( for example, by preventing you from securing a job or a loan ), you may claim damages for tortious interference. \nTortious Interference with Contractual Relations : If Experians false reporting has prevented you from entering into a contract ( such as a job or a loan agreement ), you XXXX claim damages for interference with business relationships and lost opportunities. \n10. Fraud Common Law and Statutory Fraud Claims Experian and its vendors may also face claims of fraud if it is found that they knowingly or recklessly misreported your information for their own financial gain, such as receiving kickbacks for misreporting data or enabling fraudulent activity.\n\nFraud Claims : If Experian or its vendors intentionally misreported or failed to correct data that they knew was inaccurate, they could be liable for fraud, entitling you to damages for any harm caused, including economic loss, emotional distress, and punitive damages. \n\nConclusion : Given the complexity of this situation, Experians actionsor lack thereofcould expose the company to liability under multiple laws, including the Fair Credit Reporting Act ( FCRA ), the Privacy Act, the Uniform Commercial Code ( UCC ), and various state privacy and defamation laws. Additionally, if Experian or its vendors are found to have engaged in fraudulent activities, such as misusing personal data for securities fraud or identity theft, the legal consequences could include significant penalties, damages, and punitive measures under RICO, fraud statutes, and consumer protection laws.\n\nBy invoking these laws, you can hold Experian and its vendors vicariously liable for the harm caused by the unauthorized dissemination and misreporting of XXXX XXXX XXXXXXXX XXXX sensitive data.","date_sent_to_company":"2024-11-24T07:41:33.000Z","issue":"Problem with a company's investigation into an existing problem","sub_product":"Credit reporting","zip_code":"482XX","tags":null,"has_narrative":true,"complaint_id":"10907701","timely":"Yes","company_response":"Closed with explanation","submitted_via":"Web","company":"Experian Information Solutions Inc.","date_received":"2024-11-24T07:17:20.000Z","state":"MI","company_public_response":"Company has responded to the consumer and the CFPB and chooses not to provide a public response","sub_issue":"Their investigation did not fix an error on your report"},"highlight":{"complaint_what_happened":["Questions Regarding Data Security and Privacy Violations : Has Experian taken any measures to protect the personal data of XXXX XXXX XXXX XXXX, specifically in regard to the <em>risk</em> of identity <em>theft</em>, <em>fraud</em>, or <em>unauthorized</em> use of this data by third parties? \nWhat steps has Experian taken to comply with the Privacy Act of XXXX and ensure that personal information is handled in accordance with federal privacy regulations?"]},"sort":[10.812571,"10907701"]},{"_index":"complaint-public-v1","_id":"10906292","_score":10.737412,"_source":{"product":"Credit reporting or other personal consumer reports","complaint_what_happened":"Re : Legal Response to XXXX Dispute Regarding Bankruptcy Reporting and Forensic Audit Case : XXXX XXXX XXXX XXXX Dear XXXX XXXX XXXX, We hereby exercise our rights and reference the applicable statutory provisions for your guidance and compliance. These laws are binding on your company, given that your entity operates within the jurisdiction of both the state and federal authorities of its headquarters. These provisions were enacted to prevent corruption, breaches of fiduciary duty, violations of privacy, and infringements upon constitutional rights. \nPursuant to the Unlimited Power of Attorney, Cover Letter, and Memoir, and in accordance with the authorization granted by XXXX XXXX XXXX XXXX, you are instructed to address me as XXXX XXXX It is imperative that I not be addressed as \" XXXX XXXX, '' and I request that you refer to me solely as XXXX or XXXX XXXX \nThe term \" XXXX, '' originating around the XXXX, refers to an additional name or epithet attached to a person 's baptismal or XXXX name. The word \" XXXX '' is derived from the XXXX \" sXXXX '' ( meaning \" XXXX  '' ) and the XXXX XXXX \" sornom '' ( from \" XXXX  '' meaning \" XXXX '' and \" noXXXX '' meaning \" XXXX '' ). Over time, it evolved to denote a family name, typically passed down from generation to generation. In this regard, XXXX is my family name, which is private and must be treated with confidentiality. Any claims or communications related to the principal XXXX XXXX XXXX XXXX must be directed to the designated Trustee, XXXX XXXX XXXX his assigned authorized agents. \nThis letter serves as a formal legal response to the dispute submitted to your company on XX/XX/XXXX, regarding the unauthorized reporting of bankruptcy-related information on the credit report of XXXX XXXX XXXX XXXX XXXX We are invoking our legal rights under the Fair Credit Reporting Act ( FCRA ) and related statutes, demanding immediate correction and clarification, and requesting a forensic audit of all vendors and parties involved in the collection, reporting, or dissemination of sensitive data related to XXXX XXXX XXXX XXXX. \nXXXX. Violation of Privacy and Consumer Protection Laws Under the Fair Credit Reporting Act ( FCRA ), 15 U.S.C. 1681e ( b ), XXXX is required to implement reasonable procedures to ensure the accuracy of the information it reports. Despite clear instructions from the Eastern Michigan Bankruptcy Court, which has confirmed that XXXX XXXX XXXXXXXX XXXX  bankruptcy is not a matter of public record, XXXX has continued to report inaccurate bankruptcy information. This constitutes a violation of 15 U.S.C. 1681e ( b ), which mandates that consumer reporting agencies maintain accurate and complete records.\n\nFurthermore, under 15 U.S.C. 1681c, XXXX is obligated to delete any information that is inaccurate or unverifiable, particularly where bankruptcy records are concerned. As the information regarding XXXX XXXX XXXXXXXX XXXX  bankruptcy is not a public record, your failure to remove such data represents a failure to comply with the FCRA and a breach of privacy rights under the Privacy Act of XXXX ( 5 U.S.C. 552a ). \nXXXX. Secured Party Creditor Rights under the Uniform Commercial Code ( XXXX ) Additionally, as XXXX XXXX XXXX XXXX is the XXXX XXXX XXXX under the Uniform Commercial Code ( UCC ), Articles 9-311, 9-312, and 9-313, all personal and financial data, whether categorized as public record or not, is protected as secured property. This includes tangible and intangible property, as well as securities associated with XXXX 's legal name and trade name. \nAs the XXXX XXXX, XXXX has a trustee relationship over all such data. Therefore, unauthorized collection, reporting, or dissemination of this data is not only a violation of privacy but also a breach of trust, for which your company is liable. The UCC and its provisions protect XXXX 's rights to confidentiality and control over this information, preventing any third parties from exploiting it. \nXXXX. Penalties for Unauthorized Disclosure and Reporting Due to the severe risks posed by the unauthorized use of XXXX XXXX XXXXXXXX XXXX personal data, we are invoking the right to impose penalties as follows : {>= $1,000,000} per count for each instance of inaccurate reporting or unauthorized disclosure of personal data, including bankruptcy records, credit information, or any other personal filings related to XXXX XXXX XXXX XXXX. \nThis charge reflects the damages incurred from the unauthorized dissemination of private information, which exposes XXXX to identity theft, financial fraud, and the potential unjust enrichment of those benefiting from such misuse. The UCC protects the secured partys assets, including personal data, from such exploitation. \n4. Court Notice and Sealed Records As indicated in the attached notice from the Eastern Michigan Bankruptcy Court, the bankruptcy information concerning XXXX XXXX XXXX XXXX is not a matter of public record and should not be disclosed. XXXX and any third-party vendors associated with your company must respect the court 's decision, and we demand that all future bankruptcy records or related information concerning XXXX be sealed and treated as confidential. \nWe also demand immediate cessation of the reporting of this bankruptcy information, in line with the courts order, and confirmation that no further disclosure of any sealed or confidential data will be made by XXXX or its vendors. \nXXXX. Unauthorized Collection and Reporting of Personal Data It has come to our attention that XXXX and associated vendors have used data obtained from third-party sources to report bankruptcy information about XXXX XXXX XXXX XXXX , despite the court 's ruling. This is a direct violation of the Privacy Act of XXXX ( 5 U.S.C. 552a ), which governs the handling of personal information and ensures that such data is not misused or improperly disclosed without proper authorization.\n\nAdditionally, FCRA 1681e ( b ) mandates that consumer reporting agencies ensure that all information provided is accurate. Given the false nature of the bankruptcy report, the use of third-party vendors to spread inaccurate data is an infringement of privacy and a violation of several consumer protection laws. \nXXXX. Demand for Forensic Audit of Vendors and Third Parties We hereby demand a forensic audit of all entities involved in the collection, reporting, or dissemination of data concerning XXXX XXXX XXXX XXXX, specifically : A full and detailed list of all vendors, third-party data providers, or aggregators that have reported information concerning XXXX XXXX XXXX XXXX XXXX XXXX. This includes all data related to credit, bankruptcy, or any other personal records. \nWe request that the forensic audit specifically investigate : Kickbacks : Any financial incentives or compensation paid to third parties for the collection, reporting, or dissemination of personal data. \nSecurities Fraud : The use of personal information, such as Social Security numbers, signatures, and identifiers, to facilitate securities trading or fraudulent transactions.\n\nInsurance Fraud : Potential use of personal data to file fraudulent insurance claims or create financial benefits tied to the misreporting or unauthorized disclosure of bankruptcy records. \nXXXX. Penalty Charges for Fraudulent Reporting and Unauthorized Use of Data We further reserve the right to pursue penalties for any fraudulent reporting or unauthorized dissemination of XXXX XXXX XXXX XXXX  personal information. If it is determined that the improper reporting led to illicit financial gain, we will pursue the following : {>= $1,000,000} per count for each instance of fraudulent reporting or unauthorized use of XXXX XXXX XXXX XXXX 's data. \nThis is a conservative estimate of the damages resulting from the unauthorized dissemination of sensitive personal data, and it is in accordance with federal law and consumer protection statutes. \nXXXX. Demand for Immediate Action and Disclosure To resolve this matter expeditiously, we demand the following : Full Disclosure of all vendors, third parties, and data providers who have reported data related to XXXX XXXX XXXX XXXX. \nXXXX Removal of the bankruptcy records and all related personal information from all credit reports. \nConfirmation that no further unauthorized use of sealed court records or sensitive personal data will occur. \nA full forensic audit of the third-party transactions involving XXXX XXXX XXXX XXXX XXXX XXXX, including kickbacks, securities fraud, and insurance fraud. \nA comprehensive report on all actions taken to address this matter. \nIf a satisfactory response is not received within 14 days, we will pursue all available legal remedies, including filing complaints with the Consumer Financial Protection Bureau ( CFPB ), the Federal Trade Commission ( FTC ), and appropriate state regulatory authorities. Furthermore, we will pursue civil litigation for damages, as well as injunctive relief to prevent further violations of privacy and consumer protection laws. \nXXXX. Legal Consequences If XXXX or its vendors fail to comply, we will pursue legal action, including : Securities Fraud charges. \nFiling for damages under the Fair Credit Reporting Act, Privacy Act, and other applicable consumer protection statutes. \nSeeking injunctive relief to prevent the unauthorized use of XXXX XXXX XXXX XXXX 's personal information. \n\nThis letter serves as formal notice of the unlawful conduct, and we expect prompt attention to resolving these violations. We look forward to your immediate response. \nXXXX. Questions Regarding Unauthorized Reporting : Why has XXXX continued to report bankruptcy information for XXXX XXXX XXXX XXXX, despite the XXXX Michigan Bankruptcy XXXX ruling that this information is not a matter of public record? \nCan XXXX provide proof that it conducted a reasonable investigation into the accuracy of the bankruptcy information before it was reported on XXXX XXXX XXXXXXXX XXXX credit report? \nWhat specific steps has XXXX taken to ensure that bankruptcy records, which should be sealed and confidential, are not disclosed in violation of court orders and privacy laws? \nWhy has XXXX failed to remove inaccurate or unverifiable bankruptcy information from XXXX XXXX XXXX XXXX  credit file after being notified that the bankruptcy should not be part of the public record? \nXXXX. Questions Regarding Vendor and Third-Party Data Collection : Can XXXX provide a detailed list of all vendors, third parties, or data providers that reported bankruptcy or other personal information regarding XXXX XXXX XXXX XXXX XXXX XXXX agency? \nHow does XXXX verify the accuracy of data provided by third-party vendors before including it in the credit report? \nWhat procedures does XXXX have in place to ensure that vendors do not violate privacy laws, including unauthorized reporting of personal information or misuse of court records? \nHas XXXX paid or provided any financial incentives ( e.g., kickbacks ) to vendors or third parties for reporting information related to XXXX XXXX XXXX XXXX? \nXXXX. Questions Regarding Data Security and Privacy Violations : Has XXXX taken any measures to protect the personal data of XXXX XXXX XXXX XXXX, specifically in regard to the risk of identity theft, fraud, or unauthorized use of this data by third parties? \nWhat steps has XXXX taken to comply with the Privacy Act of XXXX and ensure that personal information is handled in accordance with federal privacy regulations? \nHas XXXX conducted any internal audits or investigations into how sensitive data related to XXXX XXXX XXXX XXXX was collected, used, or disclosed by your company and its vendors? \nXXXX. Questions Regarding Penalties for Unauthorized Disclosure : What is XXXX policy for responding to unauthorized disclosure or inaccurate reporting of personal data? \nIs XXXX willing to pay penalties or damages for the potential harm caused by the unauthorized use or inaccurate reporting of XXXX XXXXXXXX XXXX XXXX personal information, including identity theft and financial exploitation? \nWhat measures is XXXX taking to correct any inaccuracies in XXXX XXXX XXXXXXXX XXXX  credit file and ensure that these mistakes do not reoccur in the future? \nXXXX. Questions Regarding Forensic Audit and Investigation : Will XXXX agree to a full forensic audit of all third-party vendors, data aggregators, and other entities involved in the collection, reporting, or dissemination of data regarding XXXX XXXX XXXX XXXX XXXX \nWill XXXX provide access to the forensic audit report, including an investigation into potential securities fraud, insurance fraud, or other financial crimes related to the misuse of XXXX XXXX XXXXXXXX XXXX  data? \nCan XXXX confirm that it will cooperate fully with the forensic audit and provide all relevant documents and information regarding its vendors and third-party relationships? \nXXXX. Questions Regarding Court-Sealed Records : How will XXXX ensure that all future records related to XXXX XXXX XXXX XXXX XXXX XXXX any bankruptcy or personal records, will be treated as sealed and confidential, in accordance with the Eastern Michigan Bankruptcy Courts order ? \nCan XXXX confirm that no further public reporting or unauthorized disclosure of XXXX XXXX XXXX XXXX  bankruptcy or personal records will take place from this point forward? \nXXXX. Questions Regarding Legal Consequences : Does XXXX acknowledge the potential legal consequences of continuing to report false or inaccurate information related to XXXX XXXX XXXX XXXX, including violations of the Fair Credit Reporting Act and the Uniform Commercial Code ( UCC )? \nIs XXXX prepared to resolve this matter without further legal action, or will additional legal steps be necessary to address the ongoing violations of privacy and consumer protection laws? \nXXXX. Questions Regarding Consumer Protection Compliance : How does XXXX ensure compliance with state and federal consumer protection laws, especially in cases where sensitive or private information is involved, such as bankruptcy records and personal data of the principal, XXXX XXXX XXXX XXXX? \nCan XXXX provide evidence that it has implemented adequate safeguards to prevent the unauthorized dissemination of sensitive personal information, including that of XXXX XXXX XXXX XXXX, to public or third-party vendors? \nXXXX. General Questions Regarding Practices and Accountability : What is XXXX process for notifying consumers about unauthorized reporting or inaccuracies on their credit reports, and how long does it typically take to correct such errors? \nHow does XXXX plan to ensure accountability with its third-party vendors and data providers, particularly when breaches of privacy or inaccuracies arise? \nhe unauthorized reporting and continued dissemination of inaccurate or sealed bankruptcy information about XXXX XXXX XXXX XXXX has a direct and substantial impact on your livelihood. The misreporting not only violates your privacy but also jeopardizes your financial stability, personal safety, and opportunities for future success. Below, I'll explain how these actions affect your livelihood and how XXXX could be held vicariously liable for the harm caused. \n1. Financial Impact and Access to Credit The continued presence of inaccurate bankruptcy information on your credit report directly harms your ability to secure credit or favorable financial terms. XXXX is responsible for reporting accurate credit information, and their failure to remove incorrect or unauthorized bankruptcy information : Denies Access to Credit : Many lending institutions rely on XXXX 's credit reports to assess your creditworthiness. Incorrect bankruptcy information could lead to credit denials, impacting your ability to obtain loans for essential needs such as housing, medical bills, education, and personal expenses. \nHigher Interest Rates : Even if credit is available, inaccurate bankruptcy reporting could result in higher interest rates on loans or credit lines, increasing your overall debt burden. This makes it more difficult to manage your finances, save for the future, or achieve long-term financial goals. \nNegative Financial Reputation : XXXX failure to correct the public record puts you in a situation where your financial reputation is tarnished, even though you have made efforts to rectify the situation with the bankruptcy court. This makes it more difficult to obtain business or personal credit and erodes any trust lenders or creditors may have in you.\n\n2. Employment Opportunities Many employers, particularly those in financial services or positions requiring fiduciary responsibility, conduct credit checks as part of their hiring process. An inaccurate bankruptcy on your credit report could cause significant harm in the following ways : Denied Employment : Inaccurate financial information, including bankruptcy records, XXXX cause employers to believe you are a higher-risk candidate, potentially leading to job rejections. For jobs that require security clearances or access to financial accounts, such reporting could be a disqualifying factor. \nEmotional Stress : The fear of your credit report being used against you in job searches, coupled with the inability to find stable work due to inaccurate reporting, can cause significant emotional distress. This has a ripple effect on your overall well-being and productivity, making it harder to perform well in interviews, build career prospects, and maintain job security. \nDamage to Reputation : XXXX XXXX perceive the bankruptcy reporting, despite its inaccuracy, as a reflection of poor financial management. Even if they dont directly base hiring decisions on it, your reputation could be unfairly damaged by the erroneous information, causing long-term harm to your professional life. \nXXXX. Personal and Family Impact The unauthorized disclosure of bankruptcy information not only affects your financial life but also has significant personal repercussions : Identity Theft Risks : As the principal party, your personal dataspecifically your Social Security number, name, and other identifiersmay be exploited for fraudulent purposes. XXXX failure to properly secure and correct your data increases the likelihood of identity theft or fraudulent activities that could take years to resolve. This exposes you to the risk of financial losses, legal fees, and extensive time spent addressing the aftermath of such violations. \nFamily and Safety Concerns : Unauthorized disclosure of sensitive information related to bankruptcy could potentially expose you to further harm, including harassment, or threats. For example, if someone uses your information for fraudulent purposes, such as opening lines of credit in your name, this could lead to threats to your safety or unwarranted financial obligations. \nEmotional Distress : The constant anxiety and emotional toll caused by the threat of further breaches, as well as the financial and social stigma associated with wrongful reporting, can lead to severe emotional stress, impacting your quality of life and relationships. The stress of dealing with these unresolved issues can affect your mental health, making it difficult to focus on personal, family, or professional commitments. \n4. Long-Term Financial and Career Goals Youve likely made long-term plans, such as purchasing a home, starting a business, or securing a retirement fund. The erroneous bankruptcy reporting hinders your ability to : Purchase a Home : Real estate loans and mortgages are heavily reliant on accurate credit reporting. Inaccurate bankruptcy information from XXXX XXXX prevent you from securing the necessary loans for homeownership, undermining your ability to establish financial independence and security. \nStart a Business : For entrepreneurs, creditworthiness is crucial for obtaining capital, financing, and business loans. The misreporting of bankruptcy information could prevent you from acquiring business loans, which could harm your ability to launch or expand a business. Moreover, creditors XXXX view your financial situation as unstable or untrustworthy. \nRetirement Planning : Without the ability to secure credit at favorable terms, you may be forced to delay or abandon long-term plans like investing for retirement, saving for your childrens education, or creating a legacy for your family. This has consequences that stretch far beyond the immediate financial burden and into your future security. \nXXXX. Vicarious Liability of XXXX XXXX is vicariously liable for the harm caused by the vendors it contracts with or uses to gather, process, or report information related to you. Vicarious liability means that XXXX can be held accountable for the actions of its agents or contractors, even if it did not directly cause the harm. The key points here are : Responsibility for Vendor Actions : XXXX, as the consumer reporting agency, is legally obligated under 15 U.S.C. XXXX ( b ) ( Fair Credit Reporting Act ) to ensure that the information it reports is accurate. If XXXX relies on third-party vendors to report bankruptcy or credit data, it remains accountable for the information that these vendors report on your behalf. XXXX has failed in its due diligence to ensure that these vendors report accurate and legitimate information, leading to the vicarious liability for damages. \nFailure to Verify and Correct : Under the FCRA and related privacy laws, XXXX is responsible for verifying the accuracy of data within 30 days of receiving a dispute ( 15 U.S.C. 1681i ). The failure to conduct a thorough investigation or correct the erroneous bankruptcy record leaves XXXX open to being held vicariously liable for its vendors actions and omissions. This neglect exacerbates the damages caused to you. \nFinancial Losses : The continuing erroneous bankruptcy information, coupled with XXXX failure to act, exposes you to substantial financial losses. Whether its higher interest rates, loan denials, or missed employment opportunities, XXXX lack of action is a proximate cause of the direct financial harm you are experiencing. \nPenalties and Legal Liabilities : If XXXX or its vendors are found to have violated privacy laws or misused your data, they XXXX be subject to financial penalties and XXXX be required to pay compensation for your economic damages. Additionally, punitive damages could be assessed if the actions are deemed willful or grossly negligent. \nConclusion : The ongoing violations by XXXXmisreporting bankruptcy information, failure to correct inaccuracies, and allowing third-party vendors to mishandle your personal datahave caused significant harm to your financial well-being, career opportunities, personal safety, and long-term financial goals. XXXX is vicariously liable for the actions of the vendors it relies on to gather and report information, and you have the right to pursue penalties, damages, and legal remedies under applicable laws. The violations not only impact your present livelihood but also jeopardize your future opportunities and security, and XXXX must be held accountable for its actions and inaction in this matter. \n\n1. Fair Credit Reporting Act ( FCRA ) 15 U.S.C. 1681 et seq. \nThe Fair Credit Reporting Act ( FCRA ) is the foundational law governing credit reporting agencies like XXXX. This law holds them accountable for ensuring the accuracy of the data they report and mandates that they conduct investigations into disputes. \n15 U.S.C. 1681e ( b ) - Duty to Ensure Accuracy : Requires XXXX to maintain reasonable procedures to ensure the accuracy of the information it reports. If XXXX fails to properly verify the accuracy of reported information ( such as bankruptcy records ), it could be vicariously liable for any damages caused by inaccuracies. \n15 U.S.C. 1681i - Reinvestigation of Disputes : Requires XXXX to investigate a consumer 's dispute within 30 days of receiving it. Failure to conduct a proper reinvestigation or removing inaccurate information within this timeframe could lead to liability. \n15 U.S.C. 1681h ( e ) - Limitation on Defamation Actions : This provision allows for a defamation suit in cases of inaccurate credit reporting if the reporting agency acts with negligence or willful intent to harm. If XXXX 's vendors acted negligently or willfully misreported data, they ( and XXXX ) could face legal consequences under this section. \n2. Privacy Act of 1974 5 U.S.C. 552a The Privacy Act of 1974 governs the collection, maintenance, and dissemination of personal data by federal agencies. Although XXXX is a private entity, this law still applies to consumer data reporting in the context of government agencies and their interaction with private companies ( such as the reporting of public records ). \n5 U.S.C. 552a ( e ) - Use of Personal Data : Prohibits unauthorized disclosure of personal data. If XXXX and its vendors improperly disclose bankruptcy or other personal information in violation of the law, they could face liability for unauthorized dissemination. \n5 U.S.C. 552a ( g ) - Civil Remedies : Provides individuals the right to seek civil remedies ( including damages ) for violations of the Privacy Act, especially if personal data is mishandled or misreported by entities like XXXX. \nXXXX. Uniform Commercial Code ( UCC ) Articles 9-311, 9-312, 9-313 The Uniform Commercial Code ( UCC ) applies to secured transactions, and XXXX XXXX XXXX XXXX is the Secured Party Creditor of all personal and financial data. Under the UCC, data ( tangible and intangible property ) is protected as part of the Secured Party 's property.\n\nUCC 9-311, 9-312, 9-313 : These provisions protect the Secured Party 's interests in personal property , including data, and impose a fiduciary duty to maintain the confidentiality and security of that data. Unauthorized use of this data by XXXX or its vendors would breach these obligations. \n4. Electronic Communications Privacy Act ( ECPA ) 18 U.S.C. 2510 et seq.\n\nThe ECPA protects the privacy of electronic communications, which can include personal data and communications exchanged by credit reporting agencies.\n\n18 U.S.C. 2511- Interception and Disclosure of Communications : This law prohibits the interception and unauthorized disclosure of private communications. If XXXX or its vendors improperly accessed or disseminated your private data for financial gain or other improper purposes, they could face liability under this law. \nXXXX. Identity Theft Enforcement and Restitution Act 18 U.S.C. 1028 This law addresses identity theft and fraud and provides penalties for those who use a persons data ( including bankruptcy records ) for fraudulent purposes. \n18 U.S.C. 1028 - Identity Theft : If XXXX reporting of inaccurate bankruptcy data contributed to identity theft or fraudulent financial activity using your personal information ( e.g., obtaining credit under your name ), they may be held criminally and civilly liable under this law. \n18 U.S.C. 1028A - Aggravated Identity Theft : This provision enhances penalties if identity theft is done with a financial motive. If XXXX mishandling of your data leads to fraudulent activities, such as fraudulent loan applications or credit misreporting, they could be subject to enhanced penalties for aggravated identity theft. \nXXXX. State Laws Defamation and Privacy Invasions Many states have laws that directly govern defamation, privacy violations, and unauthorized disclosure of personal information. These can be used to support claims for damages when inaccurate data is reported by XXXX. \nDefamation : Under state defamation laws, inaccurate reporting of personal informationsuch as bankruptcy recordscan result in harm to reputation. You may claim damages for harm caused to your reputation, business, and employment opportunities.\n\nInvasion of Privacy : States also have laws protecting individuals from the invasion of their privacy, including false light claims and public disclosure of private facts. By misreporting your bankruptcy information or disclosing sealed court records, XXXX could be liable for these types of privacy violations. \n7. Racketeer Influenced and Corrupt Organizations Act ( RICO ) 18 U.S.C. 1961 et seq.\n\nThe RICO Act is a powerful tool for addressing patterns of fraudulent or illegal conduct involving multiple parties, such as XXXX and its vendors. \n18 U.S.C. 1962 - Prohibited Activities : If the conduct by XXXX or its vendors is part of a larger pattern of fraudulent activities, such as using misreported bankruptcy data for financial gain, you may pursue a claim under RICO. This could be used to address fraudulent schemes related to the misreporting of bankruptcy data or identity theft. \n18 U.S.C. 1964 - Civil Remedies : Under RICO, victims can claim treble damages for financial losses caused by fraudulent activities. This means that the damages you suffer from XXXX mishandling of your data could be tripled if the actions are found to be part of a broader fraudulent scheme. \n8. Consumer Financial Protection Act ( CFPA ) 12 U.S.C. 5536 The Consumer Financial Protection Act ( CFPA ) established the Consumer Financial Protection Bureau ( CFPB ), which enforces consumer protection laws, including the FCRA.\n\n12 U.S.C. 5536 - Prohibition on Unfair, Deceptive, or Abusive Acts or Practices : The CFPA prohibits financial institutions, including credit reporting agencies like XXXX, from engaging in unfair or deceptive practices that harm consumers. Misreporting bankruptcy or failing to correct it when notified could constitute an unfair practice. \nXXXX. Tortious Interference with Business and Employment Relationships If the inaccurate bankruptcy reporting has directly caused harm to your employment or business relationships ( for example, by preventing you from securing a job or a loan ), you may claim damages for tortious interference. \nTortious Interference with Contractual Relations : If XXXX false reporting has prevented you from entering into a contract ( such as a job or a loan agreement ), you may claim damages for interference with business relationships and lost opportunities. \n10. Fraud Common Law and Statutory Fraud Claims XXXX and its vendors XXXX also face claims of fraud if it is found that they knowingly or recklessly misreported your information for their own financial gain, such as receiving kickbacks for misreporting data or enabling fraudulent activity. \nXXXX Claims : If XXXX or its vendors intentionally misreported or failed to correct data that they knew was inaccurate, they could be liable for fraud, entitling you to damages for any harm caused, including economic loss, emotional distress, and punitive damages. \n\nConclusion : Given the complexity of this situation, XXXX actionsor lack thereofcould expose the company to liability under multiple laws, including the Fair Credit Reporting Act ( FCRA ), the Privacy Act, the Uniform Commercial Code ( UCC ), and various state privacy and defamation laws. Additionally, if XXXX or its vendors are found to have engaged in fraudulent activities, such as misusing personal data for securities fraud or identity theft, the legal consequences could include significant penalties, damages, and punitive measures under RICO, fraud statutes, and consumer protection laws. \nBy invoking these laws, you can hold XXXX and its vendors vicariously liable for the harm caused by the unauthorized dissemination and misreporting of XXXX XXXX XXXXXXXX XXXX sensitive data.","date_sent_to_company":"2024-11-24T07:41:46.000Z","issue":"Problem with a company's investigation into an existing problem","sub_product":"Credit reporting","zip_code":"482XX","tags":null,"has_narrative":true,"complaint_id":"10906292","timely":"Yes","company_response":"Closed with explanation","submitted_via":"Web","company":"LEXISNEXIS","date_received":"2024-11-24T07:41:43.000Z","state":"MI","company_public_response":null,"sub_issue":"Their investigation did not fix an error on your report"},"highlight":{"complaint_what_happened":["Questions Regarding Data Security and Privacy Violations : Has XXXX taken any measures to protect the personal data of XXXX XXXX XXXX XXXX, specifically in regard to the <em>risk</em> of identity <em>theft</em>, <em>fraud</em>, or <em>unauthorized</em> use of this data by third parties? \nWhat steps has XXXX taken to comply with the Privacy Act of XXXX and ensure that personal information is handled in accordance with federal privacy regulations?"]},"sort":[10.737412,"10906292"]},{"_index":"complaint-public-v1","_id":"11090522","_score":10.156594,"_source":{"product":"Money transfer, virtual currency, or money service","complaint_what_happened":"Bottom Line Up Front My bank, WesBanco, is not protecting my PII financial data in accordance with laws and regulations to my satisfaction. Some people may be OK with the way WesBanco handles PII financial data, but I am not. \n\nI am XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXXXXXX XXXX, XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX ). Not reporting something that I consider as a deficiency of security practices would put me in violation of the XXXX XXXX of XXXX. \n\nComplaint WesBanco recently changed their online banking service. The new service requires that if I do a transfer online, the online system will generate an UNENCRYPTED email notification that contains several pieces PII financial data. The notification of a transfer email associates my email with the last XXXX digits of several account numbers, account balances, and loan balances ( if a loan is part of the transfer ). There is no way to opt out of this email message being sent when an online transfer is made. The online interface does allow for the user to opt out of some other email notifications, but not email notifications that involve transfers. There may be other notifications associated with the online system that also require email notifications. \n\nAttempt to Resolve I brought this to their attention around XXXX when my wife and I were moved from the Wesbanco online system that we have used for years to the new ( new to us ) online system and did a transfer. After months of escalation within WesBanco, I was informed that they will not address my concern and will not rewrite the software just for me. I have been involved in software development for years. I would consider this a security patch and not a rewrite. Their claim is since it did not contain the entire account number it does not need any protections. I do understand the desire to notify users about a transfer, but do not understand the need to include PII financial data including transfer amounts, account balances, and account references ( last 4 of account number ) via UNECRYPTED email. I informed them that I would be ok with an email that simply stated that a transfer had occurred. ( note that the last XXXX numbers of an account are not themselves PII financial data, however if it is combined with email address, names, account balances it probably is. I.e. coupled data ). I now do all transfers at a teller window at a physical bank location so that an email is not generated. This is becoming more difficult since the bank hours have been shortened, requiring me to take time off work to go to the bank. \n\nQuestions XXXX. What options do I have to protect my PII financial data including account balances from being emailed in plain text? \n\nXXXX Who needs to get involved to address the issues? ( XXXX Attorney General, FDIC, etc ) XXXX. How do I protect myself from retaliation from WesBanco for reporting them? \n\nInformation Personally Identifiable Financial Information ( Financial PII ) FFIEC : Personally-identifiable financial information is any information that a financial institution obtains about a consumer in conjunction with providing a financial product or service. This includes information provided during any financial transaction. \nPersonally-identifiable financial information might include any of the items of information listed herefrom the fact that a consumer relationship exists between an individual and a financial institution to the specific account balance of that individual. \nFDIC : Personally identifiable financial information ( PII ) is any information that a financial institution obtains about a consumer that can be used to identify them : Credit card numbers, Bank account numbers, XXXX reports, The value of a consumer 's home, and whether an individual has a loan with a particular institution. \n\nGLB Gramm-Leach-Bliley ( GLB ) Act of 1999 which prohibits the disclosure of certain private information like Social Security numbers, income , and some outstanding debt. The Act, which is federally-mandated, consists of three sections : the Financial Privacy Rule which regulates the collection and disclosure of private information ; the Safeguards Rule requires financial institutions to enact security programs to protect personal information ; and the Pretexting provisions that prohibit the access of private information under false pretenses. \nThe GLB Act also determines what information can be shared and with whom. Information that is publicly available like phone numbers or addresses can be shared. Information that can not be shared is called personally identifiable financial information which is not publicly available. It includes data provided on a loan application, credit card information, account balance, payment history, purchase information, Social Security data and birth dates, and even the institution where they bank.\n\nNIST 8062 They [ the FIPPs ] are value statements rather than recipes, however. System planners often encounter difficulties when trying to operationalize them, particularly when assessing privacy risks and when establishing privacy requirements XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX defines PII XXXX information that can be used to distinguish or trace an individuals identity, either alone or when combined with other information that is linked or linkable to a specific individual.70 Circular A-130 notes that the definition is necessarily broad.71 Nonetheless, as previously noted in this report, more consideration needs to be given to the effect of cyber [ 1 ] physical systems on human behavior in the physical realm, and how it should be accounted for in a privacy risk model.72 Federal Financial Regulators Should Take Additional Actions to Enhance Their Protection of Personal Information This comment is due to HELOC balance being PII PII such as borrowers full name, account numbers, outstanding balance ( XXXX ), interest rates, and payment information. \n\nCode of Federal Regulations - PART 332PRIVACY OF CONSUMER FINANCIAL INFORMATION 332.3 section ( o ) ( 1 ) Personally identifiable financial information means any information : ( i ) A consumer provides to you to obtain a financial product or service from you ; ( ii ) About a consumer resulting from any transaction involving a financial product or service between you and a consumer ; or ( iii ) You otherwise obtain about a consumer in connection with providing a financial product or service to that consumer.\n\n( 2 ) Examples ( i ) Information included. Personally identifiable financial information includes : ( A ) Information a consumer provides to you on an application to obtain a loan, credit card, or other financial product or service; ( B ) Account balance information, payment history, overdraft history, and credit or debit card purchase information ; ( C ) The fact that an individual is or has been one of your customers or has obtained a financial product or service from you ; ( D ) Any information about your consumer if it is disclosed in a manner that indicates that the individual is or has been your consumer ; ( E ) Any information that a consumer provides to you or that you or your agent otherwise obtain in connection with collecting on a loan or servicing a loan ; ( F ) Any information you collect through an Internet cookie ( an information collecting device from a web server ) ; and ( G ) Information from a consumer report.\n\nNIST SP 800-122 How to protect PII.\n\nAbstract The purpose of this document is to assist Federal agencies in protecting the confidentiality of personally identifiable information ( PII ) in information systems. The document explains the importance of protecting the confidentiality of PII in the context of information security and explains its relationship to privacy using the Fair Information Practices, which are the principles underlying most privacy laws and privacy best practices. PII should be protected from inappropriate access, use, and disclosure. This document provides practical, context-based guidance for identifying PII and determining what level of protection is appropriate for each instance of PII. The document also suggests safeguards that may offer appropriate levels of protection for PII and provides recommendations for developing response plans for incidents involving PII.\n\nGiven the nature of interconnected networks and the use of the internet to share information, the protection of sensitive data can become difficult if proper mechanisms are not employed. Any network service that handles sensitive or valuable datawhether it is personally identifiable information ( PII ), financial data, or login informationneeds to adequately protect that data. Transport Layer Security ( TLS ) protocols were created to provide authentication, confidentiality, and data integrity protection between a client and server. The initiative to secure connections will enhance privacy, increase trust that data and services are authentic, and prevent undetected modification of data from government servers while in transit. \n\nEmail Various snippets from documents Unencrypted emails containing personally identifiable information ( PII ) are a security risk and can be a violation of privacy laws. \nSecurity risk : Unencrypted emails can be intercepted and read by unauthorized individuals. Emails travel through multiple computers before reaching the recipient and can be exposed to hackers. \nUnencrypted email is not secure for sending personally identifiable information ( PII ), such as financial data, because it can be intercepted by hackers. This can lead to identity theft, financial fraud, and reputational damage.","date_sent_to_company":"2024-12-09T16:56:02.000Z","issue":"Other service problem","sub_product":"Domestic (US) money transfer","zip_code":"45458","tags":null,"has_narrative":true,"complaint_id":"11090522","timely":"Yes","company_response":"Closed with explanation","submitted_via":"Web","company":"WESBANCO BANK, INC.","date_received":"2024-12-09T16:40:26.000Z","state":"OH","company_public_response":null,"sub_issue":null},"highlight":{"complaint_what_happened":["Unencrypted email is not secure for sending personally identifiable information ( PII ), such as financial data, because it can be <em>intercepted</em> by hackers. This can lead to identity <em>theft</em>, financial <em>fraud</em>, and reputational damage."]},"sort":[10.156594,"11090522"]},{"_index":"complaint-public-v1","_id":"16453537","_score":8.129519,"_source":{"product":"Debt collection","complaint_what_happened":"XX/XX/XXXX Leadership : General Counsel XXXX XXXX Second Complaint to no avail from XXXX XXXX XXXX Department and Executive Leadership Team I am filing a second complaint based on XXXX XXXX 's egregious statements made to the credit reporting agencies. a second complaint against XXXX XXXX for furnishing inaccurate and defamatory information to credit reporting agencies. Despite numerous requests, XXXX XXXX has failed to provide any documentation proving I am responsible for the alleged debt. Their only response has been that their investigation concluded the debt belongs to me. \n\nThis is unequivocally false. During the period this account was opened and used, I was XXXX  due to a severe injury sustained when a XXXX XXXX XXXX XXXX, resulting in a XXXX XXXX XXXX XXXX  and a XXXX XXXX XXXX. Therefore, I could not have opened, charged, or authorized this account. \n\nFurthermore, this debt was removed from my credit report twice, only to be reinserted by XXXX XXXX. My credit file was then updated, indicating that additional details were received, and it was concluded that the account belongs to me. XXXX XXXX 's response stating the file would show \" disputed '' is insufficient, as the debt is not mine. \n\nExperian subsequently sent a deeply hurtful and embarrassing letter, accusing me that, based on information from XXXX XXXX, I misrepresented facts, leading them to lock my credit file. The letter even accused me of obtaining goods and services under pretenses, which is entirely untrue. \n\nI have contacted XXXX XXXX 's XXXX XXXX and XXXX department, offering to sign a release for my medical records, including video footage that substantiates my incapacitation. Instead of seeking further details, they have subtly implied my statements are inconsistent. \n\nI have attached emails sent to XXXX XXXX 's legal team requesting a draft of a release to review my medical files, which will exonerate me and clear my name. I urge you to investigate this matter thoroughly and ensure my credit report is corrected. Additionally, look into my repeated request to review any files XXXX  XXXX XXXX accused me of being dishonest and refuse to provide me access to but apparently has either made statements or provided the XXXX credit reporting agencies something to make them conclude outside of the records I provided which was the police report, the FTC fraud affidavit, and pictures which are limited medical information why I was incapacitated during the alleged time the account was opened and charges made even a cash advance. I am a victim of a sophisticated identity theft using VPN and proxy number and XXXX XXXX XXXX \n\nXXXX. In account takeover fraud, criminals use a Virtual Private Network ( VPN ) or proxy server to make it appear as if they are accessing an account from the victim 's legitimate geographical location. This technique helps them bypass fraud detection systems that flag unusual login activity, such as a user suddenly accessing their account from a different country. \nXXXX. Location spoofing After obtaining the credentials, the fraudster uses a VPN or proxy service to mask their actual IP address. \nThese services route the fraudster 's internet traffic through a remote server. The victim 's bank or e-commerce site will then only see the IP address of the VPN or proxy server, making it appear that the login is coming from that server 's geographic location. \n\nMimicking the victim : By choosing a VPN or proxy server located near the victim 's addressthe location where the account originated or is typically accessedthe criminal can fool a key security check. \n\nAdversary-in-the-Middle '' ( AitM ) phishing : Attackers set up a proxy web server that acts as an invisible layer between the victim and the legitimate website. \nRelaying credentials : When the victim enters their username, password, and the one-time passcode ( OTP ) on the fake site, the proxy server instantly relays the information to the real website. \nSession hijacking : Once the legitimate service validates the authentication and issues a session cookie, the fraudster 's proxy server intercepts and steals it. This allows the fraudster to access the victim 's account without needing the XXXX againProxy detection : Many fraud detection systems include technology to identify and flag IP addresses known to be associated with proxies and VPNs. \nIP intelligence : Analyzing an IP address can reveal not just its general location but also if it's high-risk or tied to botnets, helping to build better fraud detection algorithms. \nBehavioral biometrics : This method focuses on user behavior patterns rather than just XXXX addresses. It can detect anomalies like unusual typing speed, mouse movements, or navigation patterns, which can signal that the user is a bot or a fraudster. \nStronger XXXX : Using XXXX methods that are more resilient to AitM attacks, such as hardware security keys, can provide greater protection than traditional SMS or email-based OTPs. \nA XX/XX/XXXX class-action lawsuit alleges that XXXX XXXX improperly denied fraud claims based on faulty fraud-detection technology. The suit claims the bank relied on flawed data searches to \" mechanically '' reject fraud claims, failing to conduct reasonable investigations as required by federal law. \n\nDetails of the class-action lawsuit The plaintiff 's case : The suit was filed in the XXXX XXXX XXXX for XXXX Northern District XXXX California XXXX XXXX woman who reported {$1500.00} in unauthorized charges after her wallet was stolen. XXXX XXXX denied her claim with a form letter and no explanation, closing her checking account shortly after. \nAllegation of flawed technology : According to the complaint, XXXX XXXX 's fraud-detection process is a \" black-box '' system that wrongfully blames the consumer, ignoring the bank 's own legal obligation to prove a transaction was authorized. \nViolation of federal law : The lawsuit claims XXXX  XXXX violated the Electronic Funds Transfer Act ( EFTA ), which requires banks to conduct a proper investigation into unauthorized transactions. The EFTA places the burden of proof on the bank, not the customer, and requires the bank to provide documentation of its investigation. \nXXXX XXXX has been the subject of numerous FCRA complaints filed with the Consumer Financial Protection Bureau ( CFPB ) and various lawsuits over the years. The most frequent violations include : XXXX. Failure to Properly Investigate Disputes XXXX of the most prevalent complaints involves XXXX  XXXX failing to conduct reasonable investigations as required by the FCRA when consumers dispute information. Instead of thoroughly examining evidence provided by consumers, XXXX  XXXX often : Conducts cursory, surface-level reviews Simply verifies that reported information matches their internal records ( without investigating whether those records are accurate ) Uses automated systems rather than human investigators for complex disputes A proper FCRA dispute investigation requires more than just checking internal databases. The law demands that furnishers like XXXX XXXX conduct a reasonable investigation that examines all relevant evidence. \n\nXXXX. Continued Reporting of Disputed Information Without Verification The FCRA requires that if information can not be verified as accurate following a dispute, it must be corrected or deleted. However, XXXX XXXX has been known to : Continue reporting disputed information even after failing to fully verify its accuracy Re-report previously deleted information without new evidence of accuracy Fail to mark accounts as disputed by consumer while investigations are pending XXXX. Inadequate Responses to Dispute Investigations Many consumers report receiving vague, form-letter responses from XXXX  XXXX that : Lack specific details about what was investigated Fail to address the particular points raised in their dispute Provide no explanation for why the information was deemed accurate Omit copies of any documents relied upon during the investigation XXXX. Failure to Correct Information Across All Credit Bureaus When XXXX XXXX does correct erroneous information, they sometimes fail to notify all three major credit bureaus ( Experian, XXXX, and XXXX  ) of the correction, leaving inaccurate information on some of your credit reports. \n\nXXXX XXXX Policies on Credit Reporting Understanding XXXX XXXX approach to credit reporting can help you navigate potential FCRA issues : Dispute Procedures XXXX XXXX published dispute procedures include : An online portal for submission of disputes Stated investigation timeframe of up to 30 days ( the maximum allowed by the FCRA ) Options to add consumer statements to credit files Limited direct communication during the investigation process Unfortunately, this online dispute process often leads to superficial investigations. XXXX  XXXX representatives handling online disputes typically have limited training in credit reporting laws and may simply match information against internal records rather than conducting genuine investigations. Even though XXXX XXXX wants you to dispute online, you are not limited to and should not use online dispute tools. Disputes made to the credit bureaus are routed to XXXX XXXX and give them fewer reasons to reject disputes. \n\nInternal Systems and Challenges XXXX XXXX credit reporting system faces several structural challenges : Heavy reliance on automated reporting systems with limited human oversight Departmental disconnects between fraud investigation teams and credit reporting teams Limited documentation systems for tracking dispute history Insufficient staff dedicated to dispute resolution compared to their massive customer base These systemic issues often result in a pattern of FCRA violations that can significantly impact consumers. XXXX XXXX conclusion subliminally says, There is no need for any further investigation because we did one and BELIEVE the account belongs to you, AND we are not releasing anything other than this letter from our database showing you lived at the address and the phone number, email address, and bank account belong to you. \n\nUnder duress and to clear my name, I have offered my private medical records to clear my name for once and for all. I am struggling financially and can not work within my field, and am facing homelessness because of XXXX XXXX 's bullying tactics. This is not my account, and I am being victimized all over again by XXXX XXXX 's false reporting and the credit reporting agencies ' reporting derogatory information based on verification obtained electronically. Based on recent reports regarding XXXX XXXX, what makes their credibility more credible than mine? I am being bullied at this point. \nRespectfully submitted XXXX XXXX","date_sent_to_company":"2025-10-08T14:13:30.000Z","issue":"Attempts to collect debt not owed","sub_product":"Credit card debt","zip_code":"30058","tags":null,"has_narrative":true,"complaint_id":"16453537","timely":"Yes","company_response":"Closed with explanation","submitted_via":"Web","company":"Experian Information Solutions Inc.","date_received":"2025-10-08T13:50:56.000Z","state":"GA","company_public_response":"Company has responded to the consumer and the CFPB and chooses not to provide a public response","sub_issue":"Debt is not yours"},"highlight":{"complaint_what_happened":["I am a victim of a sophisticated identity <em>theft</em> using VPN and proxy number and XXXX XXXX XXXX \n\nXXXX. In account takeover <em>fraud</em>, criminals use a Virtual Private Network ( VPN ) or proxy server to make it appear as if they are accessing an account from the victim 's legitimate geographical location. This technique helps them bypass <em>fraud</em> detection systems that flag unusual login activity, such as a user suddenly accessing their account from a different country. \nXXXX."]},"sort":[8.129519,"16453537"]},{"_index":"complaint-public-v1","_id":"16452180","_score":8.066734,"_source":{"product":"Debt collection","complaint_what_happened":"XX/XX/XXXX Leadership : General Counsel XXXX XXXX Second Complaint to no avail from Capital One Legal Department and Executive Leadership Team I am filing a second complaint based on Capital One 's egregious statements made to the credit reporting agencies. a second complaint against Capital One for furnishing inaccurate and defamatory information to credit reporting agencies. Despite numerous requests, Capital One has failed to provide any documentation proving I am responsible for the alleged debt. Their only response has been that their investigation concluded the debt belongs to me. \n\nThis is unequivocally false. During the period this account was opened and used, I was XXXX  due to XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX Therefore, I could not have opened, charged, or authorized this account. \n\nFurthermore, this debt was removed from my credit report twice, only to be reinserted by Capital One. My credit file was then updated, indicating that additional details were received, and it was concluded that the account belongs to me. Capital One 's response stating the file would show \" disputed '' is insufficient, as the debt is not mine. \n\nXXXX  subsequently sent a deeply hurtful and embarrassing letter, accusing me that, based on information from Capital One, I misrepresented facts, leading them to lock my credit file. The letter even accused me of obtaining goods and services under pretenses, which is entirely untrue. \n\nI have contacted Capital One 's General Counsel and legal department, offering to sign a release for my medical records, including video footage that substantiates my incapacitation. Instead of seeking further details, they have subtly implied my statements are inconsistent. \n\nI have attached emails sent to Capital One 's legal team requesting a draft of a release to review my medical files, which will exonerate me and clear my name. I urge you to investigate this matter thoroughly and ensure my credit report is corrected. Additionally, look into my repeated request to review any files Capital One one accused me of being dishonest and refuse to provide me access to but apparently has either made statements or provided the XXXX credit reporting agencies something to make them conclude outside of the records I provided which was the police report, the FTC fraud affidavit, and pictures which are limited medical information why I was incapacitated during the alleged time the account was opened and charges made even a cash advance. I am a victim of a sophisticated identity theft using VPN and proxy number and XXXX, and XXXX. \n\nXXXX. In account takeover fraud, criminals use a Virtual Private Network ( VPN ) or proxy server to make it appear as if they are accessing an account from the victim 's legitimate geographical location. This technique helps them bypass fraud detection systems that flag unusual login activity, such as a user suddenly accessing their account from a different country. \nXXXX. Location spoofing After obtaining the credentials, the fraudster uses a VPN or proxy service to mask their actual IP address. \nThese services route the fraudster 's internet traffic through a remote server. The victim 's bank or e-commerce site will then only see the IP address of the VPN or proxy server, making it appear that the login is coming from that server 's geographic location. \n\nMimicking the victim : By choosing a VPN or proxy server located near the victim 's addressthe location where the account originated or is typically accessedthe criminal can fool a key security check. \n\nAdversary-in-the-Middle '' ( AitM ) phishing : Attackers set up a proxy web server that acts as an invisible layer between the victim and the legitimate website. \nRelaying credentials : When the victim enters their username, password, and the one-time passcode ( OTP ) on the fake site, the proxy server instantly relays the information to the real website. \nSession hijacking : Once the legitimate service validates the authentication and issues a session cookie, the fraudster 's proxy server intercepts and steals it. This allows the fraudster to access the victim 's account without needing the OTP againProxy detection : Many fraud detection systems include technology to identify and flag IP addresses known to be associated with proxies and VPNs. \nIP intelligence : Analyzing an IP address can reveal not just its general location but also if it's high-risk or tied to botnets, helping to build better fraud detection algorithms. \nBehavioral biometrics : This method focuses on user behavior patterns rather than just IP addresses. It can detect anomalies like unusual typing speed, mouse movements, or navigation patterns, which can signal that the user is a bot or a fraudster. \nStronger XXXX : Using XXXX methods that are more resilient to AitM attacks, such as hardware security keys, can provide greater protection than traditional XXXX  or email-based XXXX. \nA XX/XX/XXXX class-action lawsuit alleges that Capital One improperly denied fraud claims based on faulty fraud-detection technology. The suit claims the bank relied on flawed data searches to \" mechanically '' reject fraud claims, failing to conduct reasonable investigations as required by federal law. \n\nDetails of the class-action lawsuit The plaintiff 's case : The suit was filed in the U.S. District Court for the XXXX XXXX  of California by a woman who reported {$1500.00} in unauthorized charges after her wallet was stolen. Capital One denied her claim with a form letter and no explanation, closing her checking account shortly after. \nAllegation of flawed technology : According to the complaint, Capital One 's fraud-detection process is a \" black-box '' system that wrongfully blames the consumer, ignoring the bank 's own legal obligation to prove a transaction was authorized. \nViolation of federal law : The lawsuit claims Capital One violated the Electronic Funds Transfer Act ( EFTA ), which requires banks to conduct a proper investigation into unauthorized transactions. The EFTA places the burden of proof on the bank, not the customer, and requires the bank to provide documentation of its investigation. \nCapital One has been the subject of numerous FCRA complaints filed with the Consumer Financial Protection Bureau ( CFPB ) and various lawsuits over the years. The most frequent violations include : XXXX. Failure to Properly Investigate Disputes One of the most prevalent complaints involves Capital One failing to conduct reasonable investigations as required by the FCRA when consumers dispute information. Instead of thoroughly examining evidence provided by consumers, Capital One often : Conducts cursory, surface-level reviews Simply verifies that reported information matches their internal records ( without investigating whether those records are accurate ) Uses automated systems rather than human investigators for complex disputes A proper FCRA dispute investigation requires more than just checking internal databases. The law demands that furnishers like Capital One conduct a reasonable investigation that examines all relevant evidence. \n\nXXXX. Continued Reporting of Disputed Information Without Verification The FCRA requires that if information can not be verified as accurate following a dispute, it must be corrected or deleted. However, Capital One has been known to : Continue reporting disputed information even after failing to fully verify its accuracy Re-report previously deleted information without new evidence of accuracy Fail to mark accounts as disputed by consumer while investigations are pending XXXX. Inadequate Responses to Dispute Investigations Many consumers report receiving vague, form-letter responses from Capital One that : Lack specific details about what was investigated Fail to address the particular points raised in their dispute Provide no explanation for why the information was deemed accurate Omit copies of any documents relied upon during the investigation XXXX. Failure to Correct Information Across All Credit Bureaus When Capital One does correct erroneous information, they sometimes fail to notify all three major credit bureaus ( XXXX, XXXX, and XXXX ) of the correction, leaving inaccurate information on some of your credit reports. \n\nCapital Ones Policies on Credit Reporting Understanding Capital Ones approach to credit reporting can help you navigate potential FCRA issues : Dispute Procedures Capital Ones published dispute procedures include : An online portal for submission of disputes Stated investigation timeframe of up to 30 days ( the maximum allowed by the FCRA ) Options to add consumer statements to credit files Limited direct communication during the investigation process Unfortunately, this online dispute process often leads to superficial investigations. Capital One representatives handling online disputes typically have limited training in credit reporting laws and may simply match information against internal records rather than conducting genuine investigations. Even though Cap One wants you to dispute online, you are not limited to and should not use online dispute tools. Disputes made to the credit bureaus are routed to Capital One and give them fewer reasons to reject disputes.\n\nInternal Systems and Challenges Capital Ones credit reporting system faces several structural challenges : Heavy reliance on automated reporting systems with limited human oversight Departmental disconnects between fraud investigation teams and credit reporting teams Limited documentation systems for tracking dispute history Insufficient staff dedicated to dispute resolution compared to their massive customer base These systemic issues often result in a pattern of FCRA violations that can significantly impact consumers. Capital Ones conclusion subliminally says, There is no need for any further investigation because we did one and BELIEVE the account belongs to you, AND we are not releasing anything other than this letter from our database showing you lived at the address and the phone number, email address, and bank account belong to you. \n\nUnder duress and to clear my name, I have offered my private medical records to clear my name for once and for all. I am struggling financially and can not work within my field, and am facing homelessness because of Capital One 's bullying tactics. This is not my account, and I am being victimized all over again by Capital One 's false reporting and the credit reporting agencies ' reporting derogatory information based on verification obtained electronically. Based on recent reports regarding Capital One, what makes their credibility more credible than mine? I am being bullied at this point. \nRespectfully submitted XXXX XXXX","date_sent_to_company":"2025-10-08T14:13:30.000Z","issue":"Attempts to collect debt not owed","sub_product":"Credit card debt","zip_code":"30058","tags":null,"has_narrative":true,"complaint_id":"16452180","timely":"Yes","company_response":"Closed with explanation","submitted_via":"Web","company":"CAPITAL ONE FINANCIAL CORPORATION","date_received":"2025-10-08T14:13:05.000Z","state":"GA","company_public_response":null,"sub_issue":"Debt is not yours"},"highlight":{"complaint_what_happened":["I am a victim of a sophisticated identity <em>theft</em> using VPN and proxy number and XXXX, and XXXX. \n\nXXXX. In account takeover <em>fraud</em>, criminals use a Virtual Private Network ( VPN ) or proxy server to make it appear as if they are accessing an account from the victim 's legitimate geographical location. This technique helps them bypass <em>fraud</em> detection systems that flag unusual login activity, such as a user suddenly accessing their account from a different country. \nXXXX."]},"sort":[8.066734,"16452180"]},{"_index":"complaint-public-v1","_id":"10741046","_score":7.013398,"_source":{"product":"Credit reporting or other personal consumer reports","complaint_what_happened":"XXXX XXXX Equifax XXXX XXXX XXXX XXXX XXXX XXXX XXXX for XXXX XXXX IVE submitted updated drivers license my minor children, DOJ FBI VNS FTC REPORTS CFPB XXXX XXXX ORDERED DOCUMENTS FROM THE JUDGE STAMPED AND SEALED AMENDED BIRTH CERTIFICATE IM BEING RETAILITATED AGAINST DUE TO MY DL SSN NAME ALL CHANGED. My kids and. Sufffered medical malpractice due to misuse of our XXXX TAX FRAUD IVE ATTACHED EVERYTHING DUE TO DEVICES MAILED COMPRMOSED BEFORE I GET THEM IT APPEARS IM THE CRIMINAL THEY REFUSE TO REMOVE THE FRAUD NEGATIVE INFO ON MY REPORT. \nIn recent years, my family and I have been victims of numerous data breaches, fraudulent activities, and ongoing issues with medical, financial, and personal information. We were notified of a medical data breach through XXXX, impacting me and my XXXX children. Since then, I have received no settlement payments from major breaches, including XXXX XXXX, XXXX, Equifax, or Bank XXXX XXXX. Additionally, neither my children nor I have received any victims compensation from the Department of Justice, despite proof of victimization, which I have attached. \nIn XXXX, due to issues with our XXXX, our XXXX numbers were changed in an emergency by the South Carolina XXXX XXXX XXXX. The inspector assigned to the case was XXXX XXXX. After this change, I was accused of XXXX fraud. Initially, officials claimed it was a systematic error but later reversed their stance, suggesting I committed fraud, which I categorically deny. Despite my honesty and record-keeping, this accusation was sent to addresses where suspects, such as my mother XXXX XXXX XXXX XXXX XXXX XXXX ) and my sister, reside. This systematic error negatively impacted my financial situation and my familys stability. The address XXXX XXXX XXXX in XXXX, SC, has been linked to XXXX and other records with fraudulent updates, despite never being associated with me personally. \n\nFurther, in XXXX of this year, unauthorized access to my and my childrens medical and financial records was documented, with information accessed monthly. I have had to repeatedly request the removal of a middle initial mistakenly added to my name on South Carolina XXXX XXXX. Despite assurances each time that it would be corrected, the issue persists. This is compounded by issues with phone numbers linked to breached accounts from XXXX, such as XXXX, XXXX, and XXXX. These breaches and unauthorized uses of my personal information have been verified through phone provider records. \n\nNotably, the Department XXXX XXXX XXXX ( XXXX ) appears connected to some discrepancies. For example, while my XXXX benefits and associated records display my updated legal name, my benefits recertification information was suddenly switched back to my old name without explanation. Despite showing evidence of these discrepancies to officials, my benefit records have been manipulated to misrepresent my identity and financial standing. \n\nSimilarly, changes in records have affected my insurance and federal records. Unauthorized individuals manipulated my XXXX account and benefits, compromising my IP address, email authentication, and even my insurance with XXXX XXXX. Recently, fraudulent XXXX charges appeared on my insurance on XX/XX/XXXX, despite my lack of involvement. \n\nAdditional fraud has involved relatives. For instance, my sons father recently won a settlement of {$190000.00} in XX/XX/XXXX in XXXX, yet child support adjustments have been erratic, likely due to changes in XXXX and health information. XXXX XXXX noted my mothers involvement in our records, despite my request to remove her due to misuse of my information. \n\nIn XXXX, I observed unusual financial XXXX among relatives who were previously in debt but suddenly gained perfect credit. I suspected fraud, involving a XXXX associate and manipulation of XXXX records, which at XXXX point falsely listed me as the owner of a hotel with foreign employees. My former business, XXXX XXXX XXXX, was taken from me after presenting a multi-million-dollar entertainment concept to XXXX XXXX. Following this meeting, my devices were compromised, stolen, and accessed without authorization, severely impacting my career. \n\nMy current employer, XXXX XXXX XXXX, has also mishandled my compensation and benefits. After suffering a XXXX in XX/XX/XXXX, I qualified for medical leave but have yet to receive payment. Similarly, after my emergency hysterectomy in XXXX, I did not receive my full XXXX pay. In XXXX, I was shorted XXXX hours. Equipment issues were frequent, and the company appeared to hinder my ability to work by sending defective towers and assigning me to classes with inadequate resources. At XXXX point, a neighbor brought a box of equipment that XXXX confirmed had been sent to the wrong address by XXXX, compromising my security. Despite following all protocol and returning faulty equipment, the company claimed they had not received it, affecting my employment eligibility. \n\nEarlier this year, I faced issues with Concentrixs recruiter, who falsely claimed I needed a drug test, which I passed. Despite my repeated attempts to follow up, I never received responses or job confirmation. Meanwhile, XXXX unlawfully reported incorrect wages to the Social Security XXXX, resulting in a decrease in my sons XXXX benefits. Furthermore, the XXXX has provided inconsistent information about these reports, adding to our ongoing hardship. \n\nMy and my childrens medical records have also been tampered with. For example, despite having XXXX XXXX XXXX listed in my XXXX XXXX records, my primary care provider has said otherwise, leading to medical misdiagnoses. Billing inconsistencies, such as the erroneous {$80000.00} charges to XXXX for services I never received, illustrate these fraudulent practices. When I reported these discrepancies, the primary care provider unjustly dismissed me from her practice. \n\nOn several occasions, our personal records and belongings have been stolen from our home. Mail theft, unauthorized entries, and missing personal documents are regular occurrences. Recently, when XXXX requested my high school diploma, I discovered it had been stolen, along with my childrens report cards and certifications. \n\nWith evidence of multiple orchestrated financial crimes and unauthorized access to our personal, financial, and medical records by various individuals and organizations, I am seeking immediate action. This includes : XXXX. Changes to my and my childrens names. \nXXXX. Sealing of our medical record numbers, clinical records, and account histories to prevent further misuse. \nXXXX. Investigation into companies involved, including XXXX, XXXX, and other associated agencies. \n\nThese actions, constituting fraud, identity theft, unauthorized access, XXXX violations, discrimination, and retaliation, have created an unsafe environment for my family and inflicted significant financial, emotional, and physical distress. I request that immediate steps be taken to secure our information and hold responsible parties accountable. \nOver the past year, I have experienced an orchestrated pattern of financial, employment, and medical mismanagement by various organizations and individuals. The cumulative effects of these incidents have led to severe personal, medical, and financial hardship for my family and me. I implore you to address these issues with the utmost urgency, as they have impacted my health, my childrens well-being, and our financial stability. \nPersonal Background and Employment Issues with XXXX XXXX XXXX I am a single mother of XXXX children, and until recently, I was employed with XXXX XXXX XXXX. I experienced multiple incidents of payroll inconsistencies, mismanagement, and unaddressed medical leave issues due to my XXXX in XX/XX/XXXX and a prior emergency hysterectomy in XX/XX/XXXX. Despite being eligible for medical leave under federal law, I encountered severe delays and missing paychecks, including errors in my XXXX and XX/XX/XXXX payroll. XXXX withheld portions of my income during these times, creating significant financial strain. Despite my best efforts to resolve these issues internally, I was encouraged by my supervisor, XXXX XXXX, to file for unemployment, which led to additional complications. \n\nOn top of that, I faced unusual and unethical recruitment practices in XX/XX/XXXX, when I was asked to take a drug screening for a new assignment that was, according to XXXX, urgent. During this process, I encountered irregularities, including late-night calls from the recruiter, delays, and unreturned messages. Although I passed the test, the recruiter stopped responding after confirming the validity of my prescription medications. I was left without employment, and my attempts to reach XXXX or XXXX XXXX about this recruiter were met with dismissal. This left me stranded financially and emotionally, as I felt I was being set up to fail without any recourse. \n\nMoreover, I discovered frequent alterations to my tax withholding information within the XXXX system between XXXX and XX/XX/XXXX. Despite repeatedly adjusting my XXXX to reflect my head-of-household status with XXXX dependents, it was changed back to XXXX allowances without my consent. I provided proof to XXXX, but this continued unchecked. \n\nMedical and XXXX XXXX XXXX I have a complex medical history, including childhood XXXX XXXX and XXXX concerns, which have been mishandled and misdiagnosed by both XXXX XXXX XXXX XXXX and XXXX XXXX. Following my XXXX, which was initially recorded as a mild XXXX ( TIA ), my medical records were altered to indicate a diagnosis of hemiplegic migrainesa condition my son, not I, suffers from. This falsification has led to additional complications in my treatment and care, as my true medical needs have not been addressed. \n\nMy children and I have also faced issues with XXXX and XXXX. There are records falsely listing XXXX as XXXX, and despite requesting corrections, the errors persist. Our medical charts contain inaccurate information, including previous diagnoses, and unauthorized changes to my name and other details have resurfaced despite multiple updates. The confusion around these records has not only impacted our ability to receive proper medical care but has caused my sons XXXX benefits to decrease based on false wage reporting by XXXX. The inaccuracies in our medical histories have left us without essential treatments and correct medical advice, placing our health in jeopardy. \n\nMail Theft, Identity Theft, and XXXX XXXX I have experienced repeated mail theft, including the unauthorized removal of important documents such as my high school diploma, my childrens report cards, and various personal identification papers. On XXXX occasion, my home was left open, and my childs football game folder, which contained sensitive identification documents, was disturbed. These repeated invasions have left my family feeling vulnerable and unsafe. \n\nIn addition, I have encountered false tax documents and compromised IRS returns. XXXX forms showing electronic signatures have appeared without my knowledge, and previous years returns were tampered with, creating suspicion that I completed forms I did not. Concerningly, Ive noticed unusual discrepancies involving the Federal Reserve, where records tied to my settlements and victims compensation have been altered, preventing those funds from reaching me. Compounding this, my tax information has been altered to show false wages that caused financial setbacks, such as my sons XXXX reduction. \n\nOn multiple occasions, I have observed unauthorized changes to our benefits, accounts, and medical information from unidentified foreign sources in the XXXX, XXXX, and XXXX. Ive seen indicators suggesting that my documents are being manipulated and sold, including when XXXX documentation unexpectedly appeared on my personal devices. The situation has escalated to XXXX XXXX that my familys personal and financial records are being remotely accessed and modified, creating continual disruption to our financial and medical security. \n\nUrgent Request for Action These interconnected actions have violated numerous federal laws, including : XXXX Violations : Unauthorized access and alteration of medical records, resulting in misdiagnoses and incorrect medical treatment. \nXXXX XXXX Violations : Wrongful termination and mishandling of medical leave rights and pay by XXXX. \nSocial Security XXXX Violations : False reporting of wages to the XXXX, leading to wrongful reductions in XXXX benefits. \nIdentity Theft and XXXX XXXX : Manipulation of personal information, tax records, and financial data, impacting access to settlements and benefits. \nVictims Rights Violations : Withholding of victims compensation and child support deposits, likely due to altered banking records. \n\nThe cumulative impact of these issues is more than financial ; it has placed my familys health, well-being, and sense of security at grave risk. I request immediate intervention to investigate these ongoing issues, enforce accountability among involved parties, and ensure that our recordsmedical, employment, and financialare corrected and secured. \n\nThank you for your attention to this matter. I am prepared to provide any additional documentation needed and am hopeful that with your assistance, my family and I can regain control over our health, financial stability, and personal security. \n\nI am urgently reaching out to address suspected fraud and identity misuse affecting my account and linked records, with the goal of correcting these errors and ensuring the privacy and safety of my familys energy services. This situation has caused significant concern for our household security, and I request your immediate assistance in investigating and removing fraudulent data associated with my account. \n\nSuspected Fraudulent Activity and Urgent Concerns There are multiple emails, addresses, and phone numbers that I have discovered associated with my XXXX XXXX account and records, which I did not authorize. The following emails in XXXX and XXXX fraudulent. I am asking for them to be immediately deleted from any association with my XXXX XXXX account or records. \n\nOn XX/XX/XXXX, I requested that the account for meter XXXX XXXX XXXX, XXXX, SC reflect my updated information, including my new name, Social Security number, and drivers license number. However, my records do not show this update, and neither do they list other addresses I have lived at under my old name. These addresses include : XXXX XXXX XXXX, XXXX XXXX, XXXX, SC XXXX XXXX XXXX XXXX XXXX, SC XXXX Lakecrest Apartments in XXXX, SC XXXX XXXX XXXX in Taylors, SC XXXX XXXX XXXX XXXX, XXXX XXXX?, XXXX, SC XXXX XXXX XXXX XXXX, XXXX XXXX, XXXX, SC XXXX This discrepancy is a serious issue, as it leaves my new identity information unlinked, while fraudulently assigned addresses remain on record. I request either the removal of XXXX XXXX XXXX from my account or the addition of my legitimate, previous addresses under my old identity. Currently, my consumer report lists a fraudulent address that was never mine and that I believe was being used by others while I maintained my own separate residence. \n\nFraudulent Use of My Identity and That of My Children Between XX/XX/XXXX and now, there have been individuals who have repeatedly used my name and my minor childrens names to obtain services and hide behind our identities. Specifically, XXXX XXXX XXXX, XXXX, SC XXXX appears fraudulently in my records as an address someone else used to access my information and receive my drivers license. \n\nThose I believe responsible for using my identity fraudulently include : XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX ) XXXX XXXX XXXX XXXX and XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX These individuals have misused my identity and that of my minor children, XXXX XXXX XXXX and XXXX XXXX XXXX, in various financial schemes, manipulating records and identities linked to XXXX XXXX. It is essential that no accounts, direct deposits, or service addresses associated with these names, or variations like XXXX XXXX or XXXX XXXX, be linked to my XXXX XXXX account. \n\nXXXX XXXX and Billing Concerns It has come to my attention that fraudulent deposits marked as child support are being associated with my XXXX XXXX account. I also see discrepancies in my billing statements, with statements showing XXXX, OH as the merchant location, while my receipts indicate XXXX, NC. This inconsistency raises serious concerns about the integrity of these charges and possible unauthorized use. \n\nFurthermore, I have noted unusually high energy bills when our lights are on, which directly affects my familys health, as we experience symptoms of sickness when lights are used for extended periods. This unusual billing and possible connection with external deposits must be investigated, as it suggests potential fraudulent activity that could jeopardize our energy security. \n\nRequest for XXXX XXXX I am asking XXXX XXXX to take immediate steps to : XXXX. Remove fraudulent emails ( XXXX and XXXX ) and phone numbers associated with my account. \nXXXX. Correct my address history by either removing XXXX XXXX XXXX or adding legitimate past addresses under my old identity. \nXXXX. Investigate and remove unauthorized accounts or deposits connected to names used fraudulently, including aliases associated with my childrens names. \nXXXX. Examine discrepancies in billing statements and merchant location data, as these XXXX indicate unauthorized activity affecting my account. \n\nMy family depends on XXXX XXXX secure and reliable service, and any errors or fraud in our records directly impact our daily lives and well-being. I trust that XXXX XXXX will investigate and resolve these issues quickly to ensure the integrity of our account and the safety of our home. \nI am detailing the complex misuse of my identity and records by family members, which has led to financial and legal confusion. \n\nXXXX. Address and XXXX Records : Although my sister does not use my address with XXXX, XXXX with the Department of XXXX and XXXX XXXX XXXX XXXX ) XXXX her under my address. This has led to a mix-up, as the court records show payments from XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX the determination of who is responsible for certain obligations. \nXXXX. Medical Record Number ( XXXX ) Discrepancies : At the hospital, I am listed under XXXX separate MRNsone for XXXX XXXX and another for XXXX XXXX XXXX. My sons XXXX was also changed without my consent. These discrepancies suggest attempts to use our medical records to forge identities or claim benefits fraudulently. \nXXXX. IRS Form XXXX Corrections : In XX/XX/XXXX, I received XXXX corrected IRS Forms XXXX, despite no legitimate reason for such changes. This suggests manipulation of our records, possibly to alter tax or insurance status. \nXXXX. Tax Filing Irregularities : I filed with XXXX XXXX XXXX XXXX XXXX and expected a refund of {$6200.00} ; however, I only received {$5100.00}. I believe my sons father manipulated tax information, possibly claiming benefits as the head of household. Despite records showing my daughter is the head of household, corrections continue to misclassify this status. \nXXXX. XXXX XXXX and XXXX Discrepancies : My sons financial deposit history begins with XXXX, identical to numbers found in XXXX records for liens and judgments related to me as a victim. Previous checks issued to me as restitution for victimization are now missing, and XXXX Carolinas Disbursement Unit ( SC SDU ) is not recording deposits to my account ( XXXX ), though some deposits appear in FHE format ( indicating possible child support or benefits for family household expenses ). \n\nThe extensive misuse of my personal information, medical and tax records, and financial deposits has caused both personal and financial harm. I am seeking thorough investigation and corrective action. \nI am filing this complaint to report extensive fraud involving forged medical and financial records linked to my family. Specifically, my sons XXXX, XXXX XXXX XXXX, and other family members have allegedly altered my childrens medical records at XXXX XXXX and XXXX XXXX under my former name, XXXX XXXX. Theyve manipulated record numbers and listed incorrect dates of service, even though XXXX XXXX lived in XXXX since XXXX. Furthermore, I have evidence showing XXXX distinct medical record numbers for XXXX XXXX and XXXX XXXX XXXX. \nXXXX recently won a {$200000.00} lawsuit at XXXX XXXX. Additionally, when he falsely accused me of criminal domestic XXXX ( XXXX ), the public index records show my name twice instead of his, further indicating fraudulent misuse of my identity. I have also found evidence that XXXX signed as my sons birth parent, using fraudulent documents to access benefits and funds without my consent. \nI also uncovered misuse of XXXX benefits in our medical records, falsely indicating absent parent support. In the Child Support Portal, over {$1000.00} in payments meant for my son has been held by the South Carolina State Disbursement Unit without explanation. Additionally, it appears my tax returns were forged and intercepted, with {$5100.00} issued on a fraudulent check from XXXX & XXXX XXXX XXXX instead of the original {$6200.00} owed. \nI have evidence suggesting a XXXX XXXX account was linked to my Treasury XXXX account under my new identity without my authorization. Despite removing certain addresses, XXXX and XXXX XXXX XXXX records show XXXX continued to use my address. The ongoing manipulation of my records has been substantiated by documents, and my XXXX data was also accessed without permission. I am seeking corrective action and an investigation into these fraudulent activities, which have left me financially compromised. \n\n\nSubject : Urgent Report of Financial and Privacy Violations, Medical Record Manipulation, and Fraudulent Activity To Whom It XXXX Concern, I am writing to urgently bring to your attention a series of serious violations and fraudulent activities that have caused significant financial hardship, emotional distress, and breaches of privacy for both myself and my children. We have become victims of what appears to be a carefully orchestrated scheme involving unauthorized access to medical records, misuse of personal information, and the misallocation of benefits. The following outlines in detail the specific violations, the individuals involved, and the detrimental impact this has had on our lives. \n\nXXXX. XXXX XXXX XXXX and Misdiagnosis My sons medical records at XXXX XXXX reveal troubling discrepancies, particularly an instance where his father, XXXX XXXX XXXX, signed as the patient for a visit. He did not sign as the legal guardian or authorized representativehe signed as if he were my son, which is neither accurate nor authorized. Additionally, my sons medical record number for this visit does not match the number assigned to him at birth. This inconsistency raises serious concerns about tampering and unauthorized access to our medical records. \n\nFurther, I suffered a XXXX in XX/XX/XXXX. However, records at XXXX XXXX XXXX ( connected to XXXX XXXX and XXXX XXXX ) indicate my son was admitted for hemiplegic migraines on the exact dates of my hospitalization, suggesting either gross error or intentional misrepresentation. This not only complicates my own diagnosis but has led to an inappropriate medical history being attached to my son. \n\nXXXX. Financial Hardship and Incorrect XXXX Benefit Allocation Recently, the Social Security XXXX reduced my sons XXXX benefits, citing funds he supposedly received from his father, who has not made any child support payments for over XXXX months. Despite my providing evidence of this nonpayment, the XXXX has continued to decrease his benefits. This financial burden has caused me great hardship and confusion, especially as my sons fathers unpaid child support was supposed to be offset against my tax refund, which was delayed for XXXX months and ultimately arrived short by over {$2000.00}. \n\nAdditionally, the Department XXXX XXXX XXXX ( XXXX ) has been deducting child support for XXXX, yet only for my son, XXXX, and not my other child. XXXX claimed no offset was done, which conflicts with earlier communications. It has also come to my attention that my insurance through XXXX XXXX XXXX XXXX XXXX, XXXX assurances from XXXX administrators XXXX I owe no TANF obligations. This misrepresentation of benefits further amplifies my financial distress. \n\nXXXX. XXXX XXXX and XXXX XXXX Evidence suggests that someone XXXX have gained unauthorized access to my online records and accounts. My IP address has shown unusual access points from XXXX, where my sons father resides. In XXXX, someone using a XXXX device accessed my XXXX account without my authorization, specifically connected to XXXX XXXX. I have explained these issues to the Department of Treasury and the Department of XXXX, but the concerns persist. \n\nAdditionally, a detective revealed that my sister had used my address with the Department XXXX XXXX and XXXX XXXX, although her name does not appear in the XXXX system. Her use of my address for state services could be contributing to the financial and identity confusion affecting us. This misuse of my address and personal information by family members, combined with unauthorized access to my accounts, suggests a significant compromise of my personal privacy and civil rights. \n\nXXXX. Forgery, Misrepresentation, and Potential Financial Gain On XX/XX/XXXX, my sister reportedly forged my signature, making it appear that my son was in the hospital at the same time I was. This forged record enabled further manipulation of our medical history and potentially allowed for financial claims I did not authorize. In addition, school records have inexplicably reversed the roles between myself and my daughter, listing me as the student and her as the parent, which further indicates identity tampering and misrepresentation. \n\nSubjects Involved and Methods Used XXXX XXXX XXXX : Used my sons medical information, signing as the patient at XXXX XXXX without authorization. The motives appear to be tied to manipulating medical records and possibly accessing benefits fraudulently. \nMy Sister : Forged my signature, used my address with the Department XXXX XXXX XXXX and XXXX, and XXXX have contributed to the ongoing misrepresentation issues with the XXXX and state agencies. \nDepartment XXXX XXXX XXXX ( XXXX ) : Deducted child support for XXXX but failed to apply it correctly, resulting in unexplained benefit misallocations and tax offset confusion. \n\nThese actions have collectively created a web of complications that leave XXXX vulnerable, financially strained, and emotionally distressed. Our rights to privacy, fair treatment, and accurate benefits allocation have been compromised. The effects of these ongoing issues are profound and have disrupted every aspect of our lives, leading to financial instability and unwarranted emotional trauma. \n\nRequest for Urgent Intervention I urge your office to investigate the following : Unauthorized Medical Record Access and Forgery : Violations under XXXX due to unauthorized changes and access to medical records. \nSocial Security XXXX : Manipulation of XXXX benefits and associated financial documents, resulting in incorrect benefit allocation. \nXXXX XXXX : Potential manipulation of child support payments, XXXX misallocation, and missing tax offsets. \nIdentity Theft and Impersonation : Fraudulent use of my address and unauthorized access to my records, resulting in compromised privacy and civil rights violations. \nWe have become victims treated as criminals, facing unwarranted scrutiny and reduction in necessary benefits. I respectfully ask for an in-depth investigation to provide relief, clarity, and accountability for those responsible. Thank you for your attention to this matter, and I look forward to your prompt response.","date_sent_to_company":"2024-11-09T19:30:12.000Z","issue":"Improper use of your report","sub_product":"Credit reporting","zip_code":"296XX","tags":"Servicemember","has_narrative":true,"complaint_id":"10741046","timely":"Yes","company_response":"Closed with explanation","submitted_via":"Web","company":"EQUIFAX, INC.","date_received":"2024-11-09T18:41:16.000Z","state":"SC","company_public_response":null,"sub_issue":"Reporting company used your report improperly"},"highlight":{"complaint_what_happened":["These actions, constituting <em>fraud</em>, identity <em>theft</em>, <em>unauthorized</em> access, XXXX violations, discrimination, and retaliation, have created an unsafe environment for my family and inflicted significant financial, emotional, and physical distress. I request that immediate steps be taken to secure our information and hold responsible parties accountable."]},"sort":[7.013398,"10741046"]}]},"aggregations":{"has_narrative":{"meta":{},"doc_count":19,"has_narrative":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":1,"key_as_string":"true","doc_count":19}]}},"product":{"doc_count":19,"product":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Credit reporting or other personal consumer reports","doc_count":6,"sub_product.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Credit reporting","doc_count":6}]}},{"key":"Debt collection","doc_count":6,"sub_product.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Credit card debt","doc_count":4},{"key":"Other debt","doc_count":2}]}},{"key":"Checking or savings account","doc_count":3,"sub_product.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Checking account","doc_count":3}]}},{"key":"Credit card","doc_count":3,"sub_product.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"General-purpose credit card or charge card","doc_count":3}]}},{"key":"Money transfer, virtual currency, or money service","doc_count":1,"sub_product.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Domestic (US) money transfer","doc_count":1}]}}]}},"issue":{"doc_count":19,"issue":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Attempts to collect debt not owed","doc_count":4,"sub_issue.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Debt is not yours","doc_count":4}]}},{"key":"Problem with a company's investigation into an existing problem","doc_count":3,"sub_issue.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Their investigation did not fix an error on your report","doc_count":3}]}},{"key":"False statements or representation","doc_count":2,"sub_issue.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Attempted to collect wrong amount","doc_count":2}]}},{"key":"Improper use of your report","doc_count":2,"sub_issue.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Credit inquiries on your report that you don't recognize","doc_count":1},{"key":"Reporting company used your report improperly","doc_count":1}]}},{"key":"Managing an account","doc_count":2,"sub_issue.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Banking errors","doc_count":1},{"key":"Problem using a debit or ATM card","doc_count":1}]}},{"key":"Other features, terms, or problems","doc_count":2,"sub_issue.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Privacy issues","doc_count":2}]}},{"key":"Advertising and marketing, including promotional offers","doc_count":1,"sub_issue.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Confusing or misleading advertising about the credit card","doc_count":1}]}},{"key":"Other service problem","doc_count":1,"sub_issue.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[]}},{"key":"Problem with a lender or other company charging your account","doc_count":1,"sub_issue.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Transaction was not authorized","doc_count":1}]}},{"key":"Unable to get your credit report or credit score","doc_count":1,"sub_issue.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Other problem getting your report or credit score","doc_count":1}]}}]}},"timely":{"doc_count":19,"timely":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Yes","doc_count":19}]}},"company_response":{"doc_count":19,"company_response":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Closed with explanation","doc_count":14},{"key":"Closed with monetary relief","doc_count":3},{"key":"Closed with non-monetary relief","doc_count":2}]}},"submitted_via":{"doc_count":19,"submitted_via":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Web","doc_count":19}]}},"company":{"doc_count":19,"company":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"JPMORGAN CHASE & CO.","doc_count":3},{"key":"BARCLAYS BANK DELAWARE","doc_count":2},{"key":"CAPITAL ONE FINANCIAL CORPORATION","doc_count":2},{"key":"CITIBANK, N.A.","doc_count":2},{"key":"EQUIFAX, INC.","doc_count":2},{"key":"Experian Information Solutions Inc.","doc_count":2},{"key":"CBC Companies, Inc.","doc_count":1},{"key":"LEXISNEXIS","doc_count":1},{"key":"Radius Global Solutions LLC","doc_count":1},{"key":"TRANSUNION INTERMEDIATE HOLDINGS, INC.","doc_count":1},{"key":"WELLS FARGO & COMPANY","doc_count":1},{"key":"WESBANCO BANK, INC.","doc_count":1}]}},"state":{"doc_count":19,"state":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"MI","doc_count":3},{"key":"TX","doc_count":3},{"key":"AR","doc_count":2},{"key":"CT","doc_count":2},{"key":"GA","doc_count":2},{"key":"CA","doc_count":1},{"key":"IL","doc_count":1},{"key":"NC","doc_count":1},{"key":"NJ","doc_count":1},{"key":"OH","doc_count":1},{"key":"SC","doc_count":1},{"key":"UT","doc_count":1}]}},"company_public_response":{"doc_count":19,"company_public_response":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Company has responded to the consumer and the CFPB and chooses not to provide a public response","doc_count":9}]}},"tags":{"doc_count":19,"tags":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Servicemember","doc_count":4}]}}},"_meta":{"license":"CC0","last_updated":"2026-07-14T12:00:00-05:00","last_indexed":"2026-07-14T12:00:00-05:00","total_record_count":16441818,"is_data_stale":false,"has_data_issue":false,"break_points":{}}}