{"took":282,"timed_out":false,"_shards":{"total":5,"successful":5,"skipped":0,"failed":0},"hits":{"total":{"value":661,"relation":"eq"},"max_score":null,"hits":[{"_index":"complaint-public-v1","_id":"10101571","_score":18.12733,"_source":{"product":"Credit reporting or other personal consumer reports","complaint_what_happened":"XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXXXX/XX/year> CFPB XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX Re : Method of Verification, Compliance with the XXXX XXXX XXXX XXXX, XXXXnaccurate Reporting of Bankruptcy Record, Dear Consumer, Financial Protection Bureau, I am writing to file a formal complaint and method of verification against LexisNexis Risk Solutions XXXX regarding inaccuracies in reporting and concerns of identity theft and securities fraud. This complaint is in response to there correspondence dated XX/XX/year> regarding the reported bankruptcy record, case number XXXX, on behalf of XXXX XXXX XXXX XXXX. \n1. Verification Process : LexisNexis claims to have verified XXXX XXXXXXXX XXXX bankruptcy record ; however, I am requesting detailed information on the methods and criteria used in this verification process. It is crucial that this verification strictly adheres to the Fair Credit Reporting Act ( FCRA ) and XXXX XXXX XXXX XXXX compliance standards, ensuring the accuracy and validity of consumer information. \n2. Source of Information : The information regarding XXXX XXXXXXXX XXXX address and partial Social Security number was reportedly obtained from public access to court electronic records ( PACER ). I seek clarification on how LexisNexis obtained and linked this information to XXXX XXXXXXXX XXXX consumer report, and what measures were taken to ensure its accuracy and relevance. \n3. Identity Theft and Securities Fraud : I am deeply concerned that LexisNexis may have engaged in identity theft and securities fraud by securitizing and profiting from my personal information without my consent. This potentially illegal action violates federal laws governing consumer privacy and data protection. I request a thorough explanation of how my personal information, including my Social Security number, was secured, and whether LexisNexis obtained written consent for such activities. \n4. Compliance with FCRA and Legal Standards : As a consumer protected under the FCRA, I am entitled to the highest standards of data accuracy, security, and privacy protection. Any failure to comply with these standards can significantly harm my creditworthiness and financial standing. I urge the Consumer Financial Protection Bureau to investigate these serious allegations promptly and ensure that LexisNexis fully complies with all FCRA and XXXX XXXX XXXX XXXX requirements. \n5. Opt-Out Opportunity : According to the Fair Credit Reporting Act ( FCRA ) Section 603 ( d ) ( 2 ) ( A ) ( iii ), consumers have the right to opt out of the inclusion of their information in a consumer report that will be used in connection with a credit or insurance transaction that is not initiated by the consumer. However, I was not provided with any opportunity to opt out of the reporting of my information by LexisNexis. Please provide documentation demonstrating that an opt-out notice was provided to me as required by law, or an explanation of why such notice was not provided. \n\nIn conclusion, I request immediate action to rectify the inaccuracies in the reported bankruptcy record and investigate the allegations of identity theft and securities fraud. I seek your assistance in pursuing damages resulting from these violations and protecting my rights and privacy. Please provide a comprehensive response addressing the concerns outlined above. \nRespectively submitted XXXX XXXX XXXX","date_sent_to_company":"2024-09-12T00:12:16.000Z","issue":"Improper use of your report","sub_product":"Credit reporting","zip_code":"23323","tags":null,"has_narrative":true,"complaint_id":"10101571","timely":"Yes","company_response":"Closed with non-monetary relief","submitted_via":"Web","company":"LEXISNEXIS","date_received":"2024-09-11T23:54:55.000Z","state":"VA","company_public_response":null,"sub_issue":"Reporting company used your report improperly"},"highlight":{"complaint_what_happened":["I request a thorough explanation of how my personal information, including my Social <em>Security</em> number, was secured, and whether LexisNexis obtained written consent for such activities. \n4. Compliance with FCRA and Legal <em>Standards</em> : As a consumer <em>protected</em> under the FCRA, I am entitled to the highest <em>standards</em> of data accuracy, <em>security</em>, and privacy <em>protection</em>. Any failure to comply with these <em>standards</em> can significantly harm my creditworthiness and financial standing."]},"sort":[18.12733,"10101571"]},{"_index":"complaint-public-v1","_id":"8675048","_score":17.2443,"_source":{"product":"Debt collection","complaint_what_happened":"I am writing to invoke my FCRA right to opt out. Please see attached letter that was sent to the creditor. \n15 U.S. Code 6801 - Protection of nonpublic personal information ( a ) Privacy obligation policy It is the policy of the Congress that each financial institution has an affirmative and continuing obligation to respect the privacy of its customers and to protect the security and confidentiality of those customers nonpublic personal information. \n\n( b ) Financial institutions safeguards In furtherance of the policy in subsection ( a ), each agency or authority described in section 6805 ( a ) of this title, other than the Bureau of Consumer Financial Protection, shall establish appropriate standards for the financial institutions subject to their jurisdiction relating to administrative, technical, and physical safeguards ( XXXX ) to insure the security and confidentiality of customer records and information ; ( XXXX ) to protect against any anticipated threats or hazards to the security or integrity of such records ; and ( XXXX ) to protect against unauthorized access to or use of such records or information which could result in substantial harm or inconvenience to any customer. \n15 U.S. Code 6802 - Obligations with respect to disclosures of personal information ( a ) Notice requirements Except as otherwise provided in this subchapter, a financial institution may not, directly or through any affiliate, disclose to a nonaffiliated third party any nonpublic personal information, unless such financial institution provides or has provided to the consumer a notice that complies with section 6803 of this title. \n( b ) Opt out ( XXXX ) In general A financial institution may not disclose nonpublic personal information to a nonaffiliated third party unless ( A ) such financial institution clearly and conspicuously discloses to the consumer, in writing or in electronic form or other form permitted by the regulations prescribed under section 6804 of this title, that such information may be disclosed to such third party ; ( B ) the consumer is given the opportunity, before the time that such information is initially disclosed, to direct that such information not be disclosed to such third party ; and ( C ) the consumer is given an explanation of how the consumer can exercise that nondisclosure option. \nAlso the Privacy Act of 1974 comes into play here.","date_sent_to_company":"2024-05-08T12:11:59.000Z","issue":"Attempts to collect debt not owed","sub_product":"I do not know","zip_code":"43055","tags":null,"has_narrative":true,"complaint_id":"8675048","timely":"Yes","company_response":"Closed with explanation","submitted_via":"Web","company":"Alorica Inc.","date_received":"2024-04-02T13:36:13.000Z","state":"OH","company_public_response":null,"sub_issue":"Debt was result of identity theft"},"highlight":{"complaint_what_happened":["( b ) Financial institutions safeguards In furtherance of the policy in subsection ( a ), each agency or authority described in section 6805 ( a ) of this title, other than the Bureau of Consumer Financial <em>Protection</em>, shall establish appropriate <em>standards</em> for the financial institutions subject to their jurisdiction relating to administrative, technical, and physical safeguards ( XXXX ) to insure the <em>security</em> and confidentiality of customer records and information ; ( XXXX ) to <em>protect</em> against"]},"sort":[17.2443,"8675048"]},{"_index":"complaint-public-v1","_id":"7887338","_score":17.037588,"_source":{"product":"Credit reporting or other personal consumer reports","complaint_what_happened":"I am not able to contact this institution. \n\n\n\" Cornerstone was originally contracted to service federal loans through XXXX, but it ended its contract in XX/XX/XXXX due to financial loss. Its website no longer exist, and all loans were transferred to FedLoan Servicing. '' - XXXX 15 U.S. Code 6802 - Obligations with respect to disclosures of personal information 15 U.S. Code 6801 - Protection of nonpublic personal information ( a ) Notice requirements Except as otherwise provided in this subchapter, a financial institution may not, directly or through any affiliate, disclose to a nonaffiliated third party any nonpublic personal information, unless such financial institution provides or has provided to the consumer a notice that complies with section 6803 of this title.\n\n( b ) Opt out ( 1 ) In general A financial institution may not disclose nonpublic personal information to a nonaffiliated third party unless ( A ) such financial institution clearly and conspicuously discloses to the consumer, in writing or in electronic form or other form permitted by the regulations prescribed under section 6804 of this title, that such information may be disclosed to such third party ; ( B ) the consumer is given the opportunity, before the time that such information is initially disclosed, to direct that such information not be disclosed to such third party ; and ( C ) the consumer is given an explanation of how the consumer can exercise that nondisclosure option. \n\n\nI am chosing to OPT OUT. But i am unable to contact this Loan Servicers 15 U.S. Code 6801 - Protection of nonpublic personal information ( a ) Privacy obligation policy It is the policy of the Congress that each financial institution has an affirmative and continuing obligation to respect the privacy of its customers and to protect the security and confidentiality of those customers nonpublic personal information. \n\n( b ) Financial institutions safeguards In furtherance of the policy in subsection ( a ), each agency or authority described in section 6805 ( a ) of this title, other than the Bureau of Consumer Financial Protection, shall establish appropriate standards for the financial institutions subject to their jurisdiction relating to administrative, technical, and physical safeguards ( 1 ) to insure the security and confidentiality of customer records and information ; ( 2 ) to protect against any anticipated threats or hazards to the security or integrity of such records ; and ( 3 ) to protect against unauthorized access to or use of such records or information which could result in substantial harm or inconvenience to any customer.","date_sent_to_company":"2023-11-21T15:39:38.000Z","issue":"Credit monitoring or identity theft protection services","sub_product":"Credit reporting","zip_code":"532XX","tags":null,"has_narrative":true,"complaint_id":"7887338","timely":"Yes","company_response":"Closed with explanation","submitted_via":"Web","company":"AES/PHEAA","date_received":"2023-11-21T15:15:22.000Z","state":"WI","company_public_response":null,"sub_issue":"Problem canceling credit monitoring or identify theft protection service"},"highlight":{"complaint_what_happened":["( b ) Financial institutions safeguards In furtherance of the policy in subsection ( a ), each agency or authority described in section 6805 ( a ) of this title, other than the Bureau of Consumer Financial <em>Protection</em>, shall establish appropriate <em>standards</em> for the financial institutions subject to their jurisdiction relating to administrative, technical, and physical safeguards ( 1 ) to insure the <em>security</em> and confidentiality of customer records and information ; ( 2 ) to <em>protect</em> against any anticipated"],"issue":["Credit monitoring or identity theft <em>protection</em> services"],"sub_issue":["Problem canceling credit monitoring or identify theft <em>protection</em> service"]},"sort":[17.037588,"7887338"]},{"_index":"complaint-public-v1","_id":"7887332","_score":17.03061,"_source":{"product":"Credit reporting or other personal consumer reports","complaint_what_happened":"I am not able to contact this institution. \n\n\n\" XXXX was originally contracted to service federal loans through XXXX, but it ended its contract in XX/XX/XXXX due to financial loss. Its website no longer exist, and all loans were transferred to XXXX XXXX. '' - XXXX 15 U.S. Code 6802 - Obligations with respect to disclosures of personal information 15 U.S. Code 6801 - Protection of nonpublic personal information ( a ) Notice requirements Except as otherwise provided in this subchapter, a financial institution may not, directly or through any affiliate, disclose to a nonaffiliated third party any nonpublic personal information, unless such financial institution provides or has provided to the consumer a notice that complies with section 6803 of this title.\n\n( b ) Opt out ( 1 ) In general A financial institution may not disclose nonpublic personal information to a nonaffiliated third party unless ( A ) such financial institution clearly and conspicuously discloses to the consumer, in writing or in electronic form or other form permitted by the regulations prescribed under section 6804 of this title, that such information may be disclosed to such third party ; ( B ) the consumer is given the opportunity, before the time that such information is initially disclosed, to direct that such information not be disclosed to such third party ; and ( C ) the consumer is given an explanation of how the consumer can exercise that nondisclosure option. \n\n\nI am chosing to OPT OUT. But i am unable to contact this Loan Servicers 15 U.S. Code 6801 - Protection of nonpublic personal information ( a ) Privacy obligation policy It is the policy of the Congress that each financial institution has an affirmative and continuing obligation to respect the privacy of its customers and to protect the security and confidentiality of those customers nonpublic personal information. \n\n( b ) Financial institutions safeguards In furtherance of the policy in subsection ( a ), each agency or authority described in section 6805 ( a ) of this title, other than the Bureau of Consumer Financial Protection, shall establish appropriate standards for the financial institutions subject to their jurisdiction relating to administrative, technical, and physical safeguards ( 1 ) to insure the security and confidentiality of customer records and information ; ( 2 ) to protect against any anticipated threats or hazards to the security or integrity of such records ; and ( 3 ) to protect against unauthorized access to or use of such records or information which could result in substantial harm or inconvenience to any customer.","date_sent_to_company":"2023-11-21T15:39:46.000Z","issue":"Credit monitoring or identity theft protection services","sub_product":"Credit reporting","zip_code":"532XX","tags":null,"has_narrative":true,"complaint_id":"7887332","timely":"Yes","company_response":"Closed with non-monetary relief","submitted_via":"Web","company":"TRANSUNION INTERMEDIATE HOLDINGS, INC.","date_received":"2023-11-21T15:39:44.000Z","state":"WI","company_public_response":"Company has responded to the consumer and the CFPB and chooses not to provide a public response","sub_issue":"Problem canceling credit monitoring or identify theft protection service"},"highlight":{"complaint_what_happened":["( b ) Financial institutions safeguards In furtherance of the policy in subsection ( a ), each agency or authority described in section 6805 ( a ) of this title, other than the Bureau of Consumer Financial <em>Protection</em>, shall establish appropriate <em>standards</em> for the financial institutions subject to their jurisdiction relating to administrative, technical, and physical safeguards ( 1 ) to insure the <em>security</em> and confidentiality of customer records and information ; ( 2 ) to <em>protect</em> against any anticipated"],"issue":["Credit monitoring or identity theft <em>protection</em> services"],"sub_issue":["Problem canceling credit monitoring or identify theft <em>protection</em> service"]},"sort":[17.03061,"7887332"]},{"_index":"complaint-public-v1","_id":"11668982","_score":16.54494,"_source":{"product":"Money transfer, virtual currency, or money service","complaint_what_happened":"I am writing to formally file a complaint against Cash App ( Block , Inc. ) regarding their inadequate customer service, failure to address fraudulent activity, and non-compliance with federal consumer protection laws, including the Consumer Financial Protection Act ( CFPB ), the Electronic Fund Transfer Act ( EFTA ), and Regulation E.\n\n1. Failure to Prevent and Address Fraud Cash App failed to implement sufficient security measures to protect my account from unauthorized transactions, despite industry-standard practices requiring financial institutions to take proactive steps in fraud prevention. When I reported fraudulent activity on my account, the response from Cash App was inadequate and dismissive. This lack of action resulted in financial losses that could have been prevented had they taken reasonable steps to safeguard my funds. \n\nXXXX. Unfair and Deceptive Dispute Resolution Process In addition to failing to protect my account, Cash Apps dispute resolution process was both unfair and deceptive. The company did not follow proper error resolution procedures under the EFTA and Regulation E, which require financial institutions to investigate disputes within specific time frames, provide provisional credits when applicable, and offer clear explanations regarding claim denials. Instead, I received vague and automated responses that did not adequately address my concerns or provide any reasonable justification for their decisions. \n\nXXXX. Violations of Consumer Protection Laws The actions of Cash App ( Block, Inc. ) constitute violations of consumer protection laws, including : The Consumer Financial Protection Act, which prohibits unfair, deceptive, or abusive practices in financial services.\n\nThe Electronic Fund Transfer Act ( EFTA ) and Regulation E, which set requirements for financial institutions in handling disputes related to unauthorized transactions. \nCash Apps failure to comply with these regulations has caused me significant inconvenience, financial loss, and undue stress. Their business practices demonstrate a clear lack of commitment to consumer protection, which should be addressed by the CFPB to prevent similar experiences for other users. \n\nRequested Resolution : I respectfully request the following actions be taken : A full refund of the fraudulent transactions that were improperly handled under Regulation E. \nA thorough review and investigation into Cash Apps dispute resolution process to ensure compliance with federal consumer protection laws. \nImplementation of stronger fraud prevention measures and improved customer service practices to prevent similar issues for other users. \nI am providing all supporting documentation, including transaction records, communications with Cash App, and any relevant case reference numbers for your review. Please let me know if additional information is needed. \n\nThank you for your time and prompt attention to this matter. I look forward to your response and a fair resolution.","date_sent_to_company":"2025-01-17T16:51:30.000Z","issue":"Other transaction problem","sub_product":"Domestic (US) money transfer","zip_code":"30180","tags":null,"has_narrative":true,"complaint_id":"11668982","timely":"Yes","company_response":"Closed with explanation","submitted_via":"Web","company":"Block, Inc.","date_received":"2025-01-17T16:21:10.000Z","state":"GA","company_public_response":null,"sub_issue":null},"highlight":{"complaint_what_happened":["Failure to Prevent and Address Fraud Cash App failed to implement sufficient <em>security</em> measures to <em>protect</em> my account from unauthorized transactions, despite industry-<em>standard</em> practices requiring financial institutions to take proactive steps in fraud prevention. When I reported fraudulent activity on my account, the response from Cash App was inadequate and dismissive."]},"sort":[16.54494,"11668982"]},{"_index":"complaint-public-v1","_id":"8667389","_score":16.416283,"_source":{"product":"Credit reporting or other personal consumer reports","complaint_what_happened":"XX/XX/XXXX I submitted disputes to XXXX, XXXX and Transunion to get several issues resolved to no avail. \nAll companies listed are in violation of the Privacy Act of 1974, Fair Credit Reporting Act 15 U.S.C 1681b and the Federal Educational Rights and Privacy Act ( FERPA ) 15 U.S. Code 6801 - PROTECTION OF NONPUBLIC PERSONAL INFORMATION ( a ) Privacy obligation policy It is the policy of the Congress that each financial institution has an affirmative and continuing obligation to respect the privacy of its customers and to protect the security and confidentiality of those customers nonpublic personal information. ( b ) Financial institutions safeguards In furtherance of the policy in subsection ( a ), each agency or authority described in section 6805 ( a ) of this title, other than the Bureau of Consumer Financial Protection, shall establish appropriate standards for the financial institutions subject to their jurisdiction relating to administrative, technical, and physical safeguards ( 1 ) to insure the security and confidentiality of customer records and information ; ( 2 ) to protect against any anticipated threats or hazards to the security or integrity of such records ; and ( 3 ) to protect against unauthorized access to or use of such records or information which could result in substantial harm or inconvenience to any customer.\n\n15 U.S. Code 6802 - OBLIGATIONS WITH RESPECT TO DISCLOSURES OF PERSONAL INFORMATION ( a ) Notice requirements Except as otherwise provided in this subchapter, a financial institution may not, directly or through any affiliate, disclose to a nonaffiliated third party any nonpublic personal information, unless such financial institution provides or has provided to the consumer a notice that complies with section 6803 of this title. ( b ) Opt out ( 1 ) In general A financial institution may not disclose nonpublic personal information to a nonaffiliated third party unless ( A ) such financial institution clearly and conspicuously discloses to the consumer, in writing or in electronic form or other form permitted by the regulations prescribed under section 6804 of this title, that such information may be disclosed to such third party Most Important is the violation of [ 16 CFG 313.3 ] DEFINITION ( o ) Personally identifiable financial information ( 2 ) Examples ( B ) Account balance information, payment history, overdraft history, and credit or debit card purchase information.","date_sent_to_company":"2024-04-02T04:58:07.000Z","issue":"Improper use of your report","sub_product":"Credit reporting","zip_code":"30127","tags":null,"has_narrative":true,"complaint_id":"8667389","timely":"Yes","company_response":"Closed with non-monetary relief","submitted_via":"Web","company":"TRANSUNION INTERMEDIATE HOLDINGS, INC.","date_received":"2024-04-02T04:58:05.000Z","state":"GA","company_public_response":"Company has responded to the consumer and the CFPB and chooses not to provide a public response","sub_issue":"Reporting company used your report improperly"},"highlight":{"complaint_what_happened":["than the Bureau of Consumer Financial <em>Protection</em>, shall establish appropriate <em>standards</em> for the financial institutions subject to their jurisdiction relating to administrative, technical, and physical safeguards ( 1 ) to insure the <em>security</em> and confidentiality of customer records and information ; ( 2 ) to <em>protect</em> against any anticipated threats or hazards to the <em>security</em> or integrity of such records ; and ( 3 ) to <em>protect</em> against unauthorized access to or use of such records or information which"]},"sort":[16.416283,"8667389"]},{"_index":"complaint-public-v1","_id":"8667388","_score":16.416283,"_source":{"product":"Credit reporting or other personal consumer reports","complaint_what_happened":"XX/XX/XXXXXXXX  I submitted disputes to XXXX, Equifax and XXXX to get several issues resolved to no avail. \nAll companies listed are in violation of the Privacy Act of 1974, Fair Credit Reporting Act 15 U.S.C 1681b and the Federal Educational Rights and Privacy Act ( FERPA ) 15 U.S. Code 6801 - PROTECTION OF NONPUBLIC PERSONAL INFORMATION ( a ) Privacy obligation policy It is the policy of the Congress that each financial institution has an affirmative and continuing obligation to respect the privacy of its customers and to protect the security and confidentiality of those customers nonpublic personal information. ( b ) Financial institutions safeguards In furtherance of the policy in subsection ( a ), each agency or authority described in section 6805 ( a ) of this title, other than the Bureau of Consumer Financial Protection, shall establish appropriate standards for the financial institutions subject to their jurisdiction relating to administrative, technical, and physical safeguards ( 1 ) to insure the security and confidentiality of customer records and information ; ( 2 ) to protect against any anticipated threats or hazards to the security or integrity of such records ; and ( 3 ) to protect against unauthorized access to or use of such records or information which could result in substantial harm or inconvenience to any customer.\n\n15 U.S. Code 6802 - OBLIGATIONS WITH RESPECT TO DISCLOSURES OF PERSONAL INFORMATION ( a ) Notice requirements Except as otherwise provided in this subchapter, a financial institution may not, directly or through any affiliate, disclose to a nonaffiliated third party any nonpublic personal information, unless such financial institution provides or has provided to the consumer a notice that complies with section 6803 of this title. ( b ) Opt out ( 1 ) In general A financial institution may not disclose nonpublic personal information to a nonaffiliated third party unless ( A ) such financial institution clearly and conspicuously discloses to the consumer, in writing or in electronic form or other form permitted by the regulations prescribed under section 6804 of this title, that such information may be disclosed to such third party Most Important is the violation of [ 16 CFG 313.3 ] DEFINITION ( o ) Personally identifiable financial information ( 2 ) Examples ( B ) Account balance information, payment history, overdraft history, and credit or debit card purchase information.","date_sent_to_company":"2024-04-02T04:58:07.000Z","issue":"Improper use of your report","sub_product":"Credit reporting","zip_code":"30127","tags":null,"has_narrative":true,"complaint_id":"8667388","timely":"Yes","company_response":"Closed with non-monetary relief","submitted_via":"Web","company":"EQUIFAX, INC.","date_received":"2024-04-02T04:58:05.000Z","state":"GA","company_public_response":null,"sub_issue":"Reporting company used your report improperly"},"highlight":{"complaint_what_happened":["than the Bureau of Consumer Financial <em>Protection</em>, shall establish appropriate <em>standards</em> for the financial institutions subject to their jurisdiction relating to administrative, technical, and physical safeguards ( 1 ) to insure the <em>security</em> and confidentiality of customer records and information ; ( 2 ) to <em>protect</em> against any anticipated threats or hazards to the <em>security</em> or integrity of such records ; and ( 3 ) to <em>protect</em> against unauthorized access to or use of such records or information which"]},"sort":[16.416283,"8667388"]},{"_index":"complaint-public-v1","_id":"8667387","_score":16.40625,"_source":{"product":"Credit reporting or other personal consumer reports","complaint_what_happened":"XX/XX/XXXX I submitted disputes to Experian, XXXX and XXXX to get several issues resolved to no avail. \nAll companies listed are in violation of the Privacy Act of 1974, Fair Credit Reporting Act 15 U.S.C 1681b and the Federal Educational Rights and Privacy Act ( FERPA ) 15 U.S. Code 6801 - PROTECTION OF NONPUBLIC PERSONAL INFORMATION ( a ) Privacy obligation policy It is the policy of the Congress that each financial institution has an affirmative and continuing obligation to respect the privacy of its customers and to protect the security and confidentiality of those customers nonpublic personal information. ( b ) Financial institutions safeguards In furtherance of the policy in subsection ( a ), each agency or authority described in section 6805 ( a ) of this title, other than the Bureau of Consumer Financial Protection, shall establish appropriate standards for the financial institutions subject to their jurisdiction relating to administrative, technical, and physical safeguards ( 1 ) to insure the security and confidentiality of customer records and information ; ( 2 ) to protect against any anticipated threats or hazards to the security or integrity of such records ; and ( 3 ) to protect against unauthorized access to or use of such records or information which could result in substantial harm or inconvenience to any customer. \n\n15 U.S. Code 6802 - OBLIGATIONS WITH RESPECT TO DISCLOSURES OF PERSONAL INFORMATION ( a ) Notice requirements Except as otherwise provided in this subchapter, a financial institution may not, directly or through any affiliate, disclose to a nonaffiliated third party any nonpublic personal information, unless such financial institution provides or has provided to the consumer a notice that complies with section 6803 of this title. ( b ) Opt out ( 1 ) In general A financial institution may not disclose nonpublic personal information to a nonaffiliated third party unless ( A ) such financial institution clearly and conspicuously discloses to the consumer, in writing or in electronic form or other form permitted by the regulations prescribed under section 6804 of this title, that such information may be disclosed to such third party Most Important is the violation of [ 16 CFG 313.3 ] DEFINITION ( o ) Personally identifiable financial information ( 2 ) Examples ( B ) Account balance information, payment history, overdraft history, and credit or debit card purchase information.","date_sent_to_company":"2024-04-02T04:58:07.000Z","issue":"Improper use of your report","sub_product":"Credit reporting","zip_code":"30127","tags":null,"has_narrative":true,"complaint_id":"8667387","timely":"Yes","company_response":"Closed with explanation","submitted_via":"Web","company":"Experian Information Solutions Inc.","date_received":"2024-04-02T04:58:05.000Z","state":"GA","company_public_response":"Company has responded to the consumer and the CFPB and chooses not to provide a public response","sub_issue":"Reporting company used your report improperly"},"highlight":{"complaint_what_happened":["than the Bureau of Consumer Financial <em>Protection</em>, shall establish appropriate <em>standards</em> for the financial institutions subject to their jurisdiction relating to administrative, technical, and physical safeguards ( 1 ) to insure the <em>security</em> and confidentiality of customer records and information ; ( 2 ) to <em>protect</em> against any anticipated threats or hazards to the <em>security</em> or integrity of such records ; and ( 3 ) to <em>protect</em> against unauthorized access to or use of such records or information which"]},"sort":[16.40625,"8667387"]},{"_index":"complaint-public-v1","_id":"8667399","_score":16.402102,"_source":{"product":"Credit reporting or other personal consumer reports","complaint_what_happened":"XX/XX/XXXX I submitted disputes to XXXX, XXXX and XXXX to get several issues resolved to no avail. \nAll companies listed are in violation of the Privacy Act of 1974, Fair Credit Reporting Act 15 U.S.C 1681b and the Federal Educational Rights and Privacy Act ( FERPA ) 15 U.S. Code 6801 - PROTECTION OF NONPUBLIC PERSONAL INFORMATION ( a ) Privacy obligation policy It is the policy of the Congress that each financial institution has an affirmative and continuing obligation to respect the privacy of its customers and to protect the security and confidentiality of those customers nonpublic personal information. ( b ) Financial institutions safeguards In furtherance of the policy in subsection ( a ), each agency or authority described in section 6805 ( a ) of this title, other than the Bureau of Consumer Financial Protection, shall establish appropriate standards for the financial institutions subject to their jurisdiction relating to administrative, technical, and physical safeguards ( 1 ) to insure the security and confidentiality of customer records and information ; ( 2 ) to protect against any anticipated threats or hazards to the security or integrity of such records ; and ( 3 ) to protect against unauthorized access to or use of such records or information which could result in substantial harm or inconvenience to any customer.\n\n15 U.S. Code 6802 - OBLIGATIONS WITH RESPECT TO DISCLOSURES OF PERSONAL INFORMATION ( a ) Notice requirements Except as otherwise provided in this subchapter, a financial institution may not, directly or through any affiliate, disclose to a nonaffiliated third party any nonpublic personal information, unless such financial institution provides or has provided to the consumer a notice that complies with section 6803 of this title. ( b ) Opt out ( 1 ) In general A financial institution may not disclose nonpublic personal information to a nonaffiliated third party unless ( A ) such financial institution clearly and conspicuously discloses to the consumer, in writing or in electronic form or other form permitted by the regulations prescribed under section 6804 of this title, that such information may be disclosed to such third party Most Important is the violation of [ 16 CFG 313.3 ] DEFINITION ( o ) Personally identifiable financial information ( 2 ) Examples ( B ) Account balance information, payment history, overdraft history, and credit or debit card purchase information.","date_sent_to_company":"2024-04-02T04:57:59.000Z","issue":"Improper use of your report","sub_product":"Credit reporting","zip_code":"30127","tags":null,"has_narrative":true,"complaint_id":"8667399","timely":"Yes","company_response":"Closed with explanation","submitted_via":"Web","company":"AMERICAN EXPRESS COMPANY","date_received":"2024-04-02T04:19:15.000Z","state":"GA","company_public_response":null,"sub_issue":"Reporting company used your report improperly"},"highlight":{"complaint_what_happened":["than the Bureau of Consumer Financial <em>Protection</em>, shall establish appropriate <em>standards</em> for the financial institutions subject to their jurisdiction relating to administrative, technical, and physical safeguards ( 1 ) to insure the <em>security</em> and confidentiality of customer records and information ; ( 2 ) to <em>protect</em> against any anticipated threats or hazards to the <em>security</em> or integrity of such records ; and ( 3 ) to <em>protect</em> against unauthorized access to or use of such records or information which"]},"sort":[16.402102,"8667399"]},{"_index":"complaint-public-v1","_id":"8581871","_score":16.287907,"_source":{"product":"Debt collection","complaint_what_happened":"Subject : Notice to Principal is Notice to Agent and Notice to Agent is Notice to Principal - Legal Violations Regarding Consumer Profile i hope this NOTICE finds you well. i am writing to address a matter of utmost significance regarding the improper use of my consumer profile, leading to potential discrimination from other collection agencies based on inaccurate credit reporting. It is crucial that Original Creditor : ( XXXX XXXX ) rectifies these issues promptly in accordance with applicable laws and regulations. The foundational principle, Notice to Principal is Notice to Agent and Notice to Agent is Notice to Principal, deeply embedded in legal doctrine, serves as the bedrock for addressing the violation at hand. Title 15, Section 1692c ( 15 U.S.C. 1692c ) of the United States Code establishes explicit limitations on communication in connection with debt collection. These limitations prohibit debt collectors from communicating about a consumers debt to third parties unless under specific circumstances, such as with the consumers consent or for the purpose of locating the consumer. In conjunction with these provisions, it is imperative to comprehend the concept of permissible purpose as defined in 15 U.S.C. 1681b. This section delineates the legitimate reasons for obtaining and using consumer reports, ensuring that creditors have a valid and authorized basis for accessing and utilizing a consumers credit information. Violating this principle arises when a creditor sells a debt without a permissible purpose, raising significant concerns about the legality of such actions.\n\nThe violation extends beyond the boundaries of the Fair Debt Collection Practices Act ( FDCPA ). While the FDCPA primarily applies to third-party debt collectors, original creditors, such as [ Companys Name ], must also adhere to other applicable laws and regulations. The Truth in Lending Act ( TILA ), specifically TILA Violation 1026.9, mandates adequate notice of the sale of debt. The absence of such notice constitutes a violation of TILA, compounding the severity of the violation.\n\nAccording to 16 CFR 313.7, I hereby opt out of having any information pertaining to my account with Original Creditor : ( XXXX XXXX ) to credit reporting agencies. Please ensure that my account status and any associated data are not disclosed to any credit bureaus or included in any credit reports. This request is in accordance with my rights under the Fair Credit Reporting Act. Under the provisions of 15 USC 6802, I demand that Original Creditor : ( XXXX XXXX ) refrain from disclosing any of my personal information to third parties for marketing purposes. Please ensure that my personal data, including but not limited to my name, contact information, and transaction history, is not shared with any external entities without my explicit consent. \n\nThis request is made in accordance with the protections afforded to consumers under the Gramm-Leach-Bliley Act. Your compliance with this demand is imperative to safeguarding my privacy rights, and any violation will be subject to legal recourse. Under 15 USC 1666b, companies are prohibited from reporting transaction histories on credit reports. This statute protects consumers by ensuring that sensitive financial information, such as detailed transaction histories, remains confidential and does not influence their creditworthiness. Transaction histories typically contain detailed records of purchases and payments, which are not relevant to assessing credit risk. Instead, credit reports focus on factors such as payment history, credit utilization, and length of credit history. By limiting the information included in credit reports to relevant credit-related data, consumers ' privacy is preserved, and the accuracy of credit assessments is maintained. Therefore, any attempt by a company to report transaction histories on credit reports would be in violation of this federal law.\n\n17 CFR 424 is a regulation issued by the U.S. Securities and Exchange Commission ( SEC ) that pertains to the filing of prospectuses and communications with the public under the Securities Act of 1933. This regulation outlines the requirements for the content, format, and filing procedures of prospectuses, which are documents used by companies to disclose information about securities offerings to potential investors. Under 17 CFR 424, issuers are required to file prospectuses with the SEC, ensuring that investors receive accurate and comprehensive information about the securities being offered for sale. Additionally, the regulation governs the use of free writing prospectuses and other communications made by issuers during the offering process, aiming to promote transparency and investor protection in the securities markets. Compliance with 17 CFR 424 is essential for issuers to adhere to the regulatory standards set forth by the SEC and maintain the integrity of the public offering process.\n\n45 CFR Part 160 and Subparts A and E of Part 164. In Compliance to The HIPAA Privacy Rule establishes national standards to protect individuals ' medical records and other individually identifiable health information ( collectively defined as protected health information ) and applies to health plans, health care clearinghouses, and those health care providers that conduct certain health care transactions electronically. The Rule requires appropriate safeguards to protect the privacy of protected health information and sets limits and conditions on the uses and disclosures that may be made of such information without an individuals authorization. The Rule also gives individuals rights over their protected health information, including rights to examine and obtain a copy of their health records, to direct a covered entity to transmit to a third party an electronic copy of their protected health information in an electronic health record, and to request corrections.","date_sent_to_company":"2024-03-20T01:39:33.000Z","issue":"Attempts to collect debt not owed","sub_product":"Medical debt","zip_code":"641XX","tags":null,"has_narrative":true,"complaint_id":"8581871","timely":"Yes","company_response":"Closed with explanation","submitted_via":"Web","company":"Kansas Counselors, Inc.","date_received":"2024-03-20T00:26:33.000Z","state":"MO","company_public_response":null,"sub_issue":"Debt is not yours"},"highlight":{"complaint_what_happened":["In Compliance to The HIPAA Privacy Rule establishes national <em>standards</em> to <em>protect</em> individuals ' medical records and other individually identifiable health information ( collectively defined as <em>protected</em> health information ) and applies to health plans, health care clearinghouses, and those health care providers that conduct certain health care transactions <em>electronically</em>."]},"sort":[16.287907,"8581871"]},{"_index":"complaint-public-v1","_id":"8174216","_score":15.655945,"_source":{"product":"Credit card","complaint_what_happened":"I have ask for my agreement and my written consent acct # XXXX and XXXX as a consumer I am OPTING OUT of any and all written, unwritten, verbal, and nonverbal agreements I may or may not have as of the day this dispute is received.\n\npursuant ; 15 U.S. Code 6801 - Protection of nonpublic personal information ( a ) Privacy obligation policy It is the policy of the Congress that each financial institution has an affirmative and continuing obligation to respect the privacy of its customers and to protect the security and confidentiality of those customers nonpublic personal information.\n\n( b ) Financial institutions safeguards In furtherance of the policy in subsection ( a ), each agency or authority described in section 6805 ( a ) of this title, other than the Bureau of Consumer Financial Protection, shall establish appropriate standards for the financial institutions subject to their jurisdiction relating to administrative, technical, and physical safeguards ( XXXX ) to insure the security and confidentiality of customer records and information ; ( XXXX ) to protect against any anticipated threats or hazards to the security or integrity of such records ; and ( XXXX ) to protect against unauthorized access to or use of such records or information which could result in substantial harm or inconvenience to any customer. \n15 U.S. Code 6802 - Obligations with respect to disclosures ( a ) Notice requirements Except as otherwise provided in this subchapter, a financial institution may not, directly or through any affiliate, disclose to a nonaffiliated third party any nonpublic personal information, unless such financial institution provides or has provided to the consumer a notice that complies with section 6803 of this title. \n( b ) Opt out ( XXXX ) In general A financial institution may not disclose nonpublic personal information to a nonaffiliated third party unless ( A ) such financial institution clearly and conspicuously discloses to the consumer, in writing or in electronic form or other form permitted by the regulations prescribed under section 6804 of this title, that such information may be disclosed to such third party ; 15 USC 1681n and 1681o ( a ) In general. Any person who willfully fails to comply with any requirement imposed under this title with respect to any consumer is liable to that consumer in an amount equal to the sum of ( XXXX ) ( A ) any actual damages sustained by the consumer as a result of the failure or damages of not less than {$100.00} and not more than {$1000.00} ; or ( B ) in the case of liability of a natural person for obtaining a consumer report under false pretenses or knowingly without a permissible purpose, actual damages sustained by the consumer as a result of the failure or {$1000.00}, whichever is greater ; 16 CFR 313.2","date_sent_to_company":"2024-01-19T07:51:43.000Z","issue":"Other features, terms, or problems","sub_product":"General-purpose credit card or charge card","zip_code":"19973","tags":null,"has_narrative":true,"complaint_id":"8174216","timely":"Yes","company_response":"Closed with explanation","submitted_via":"Web","company":"CAPITAL ONE FINANCIAL CORPORATION","date_received":"2024-01-19T07:08:57.000Z","state":"DE","company_public_response":null,"sub_issue":"Other problem"},"highlight":{"complaint_what_happened":["( b ) Financial institutions safeguards In furtherance of the policy in subsection ( a ), each agency or authority described in section 6805 ( a ) of this title, other than the Bureau of Consumer Financial <em>Protection</em>, shall establish appropriate <em>standards</em> for the financial institutions subject to their jurisdiction relating to administrative, technical, and physical safeguards ( XXXX ) to insure the <em>security</em> and confidentiality of customer records and information ; ( XXXX ) to <em>protect</em> against any"]},"sort":[15.655945,"8174216"]},{"_index":"complaint-public-v1","_id":"14867623","_score":15.439726,"_source":{"product":"Money transfer, virtual currency, or money service","complaint_what_happened":"I am submitting this complaint against Block , Inc., doing business as Cash App, due to gross negligence, failure to protect consumer assets, and blatant violations of federal law. Cash Apps conduct represents a pattern of abuse, deception, and systemic disregard for consumer rights. \n\nXXXX. Negligent Failure to Prevent Fraud and Secure Consumer Accounts Cash App knowingly failed to implement effective security measures to prevent unauthorized access to my account. Despite numerous indications of fraudulent activity and multiple attempts to notify the company, no meaningful intervention occurred. Instead, I was left vulnerable and unprotected while unauthorized transactions were allowed to proceed. \n\nThis dereliction of duty constitutes unfair, abusive, and predatory conduct in violation of the Consumer Financial Protection Act ( 12 U.S.C. 5531 ). It reflects a conscious decision to prioritize profit and platform growth over consumer safety and legal compliance. \n\nXXXX. Deliberate Violation of the Electronic Fund Transfer Act & Regulation E Cash App willfully ignored its legal obligations under the Electronic Fund Transfer Act ( 15 U.S.C. 1693 ) and Regulation E ( 12 C.F.R. 1005 ) by failing to : Promptly investigate my dispute ; Provisionally recredit the funds within the required XXXX business days ; Provide written findings or a reasonable explanation for denial ; Maintain a good-faith, transparent dispute resolution process. \n\nThis isnt just poor customer service ; it is noncompliance with black-letter law, and it has directly resulted in uncompensated financial loss. \n\nXXXX. Unfair, Deceptive, and Abusive Practices ( UDAAPs ) Cash Apps systemic failures are more than a glitch ; they are evidence of a corporate policy of evasion and obfuscation. The companys actions meet the legal standard for Unfair, Deceptive, and Abusive Acts or Practices ( UDAAP ) as defined by the XXXX. \n\nI was misled, ignored, and denied rightful protections. This cost me time, energy, peace of mind, and most importantly, money. Their conduct was not only negligent, it was calculated and coercive in how it withheld remedies and obstructed communication.","date_sent_to_company":"2025-07-24T06:03:05.000Z","issue":"Other transaction problem","sub_product":"Domestic (US) money transfer","zip_code":"63130","tags":null,"has_narrative":true,"complaint_id":"14867623","timely":"Yes","company_response":"Closed with explanation","submitted_via":"Web","company":"Block, Inc.","date_received":"2025-07-24T05:42:08.000Z","state":"MO","company_public_response":null,"sub_issue":null},"highlight":{"complaint_what_happened":["I am submitting this complaint against Block , Inc., doing business as Cash App, due to gross negligence, failure to <em>protect</em> consumer assets, and blatant violations of federal law. Cash Apps conduct represents a pattern of abuse, deception, and systemic disregard for consumer rights. \n\nXXXX. Negligent Failure to Prevent Fraud and Secure Consumer Accounts Cash App knowingly failed to implement effective <em>security</em> measures to prevent unauthorized access to my account."]},"sort":[15.439726,"14867623"]},{"_index":"complaint-public-v1","_id":"17994082","_score":15.3732815,"_source":{"product":"Prepaid card","complaint_what_happened":"Urgent Consumer Complaint On XX/XX/year>, I, XXXX XXXX, experienced unauthorized transactions on my Venmo account resulting from the theft of my Venmo card. The incident occurred in XXXX XXXX, Florida, at approximately XXXXXXXX XXXX. I discovered several fraudulent activities, including XXXX ATM withdrawals of {$300.00} each ( totaling {$910.00} ) at different times and locations, which were confirmed as fraudulent after reviewing security footage with ATM operators. Additionally, there was a {$100.00} transaction and XXXX small purchases at a gas station totaling {$6.00}, both of which I did not authorize or participate in, as verified by the gas station footage. \nVenmo only credited me {$1.00} for these unauthorized transactions, but they are denying the remaining {$1000.00}. This is highly problematic because I urgently need the funds to pay my {$800.00} rent. The fact that Venmo is only reimbursing a very small amount while denying the rest of the stolen money is unfair and unacceptable, especially given the verified evidence of fraud. \nI immediately reported these transactions to Venmo and my bank, and I contacted the ATM owners and gas station management to verify details and gather evidence. I collected security footage confirming I was not present during these transactions. The total amount stolen was {$1000.00}. \nI also filed a police report with the XXXX XXXX XXXX XXXX XXXX regarding the theft. I am submitting this information to help recover the full stolen amount and to hold the involved companies accountable. \nThere were no injuries or property damages involved in this incident. Summary of Potential Violations by Venmo Venmo appears to have violated their own terms and conditions and federal regulations concerning the handling of unauthorized transactions. Under Regulation E ( Electronic Fund Transfer Act ), consumers are protected against unauthorized electronic transactions, and financial institutions are required to investigate disputes promptly and provide provisional credit while the investigation is ongoing. \nIn this case, despite clear evidence of fraudincluding security footage and transaction recordsVenmo has repeatedly denied my dispute and refused to reimburse the full stolen amount. They only credited me {$1.00}, which is insufficient and inconsistent with their obligations under Regulation E. Their delays and outright denial, despite overwhelming evidence, suggest they are attempting to circumvent their legal responsibilities and avoid providing the necessary provisional credit and full reimbursement to consumers affected by unauthorized transactions.\n\nThis behavior raises a red flag for potential regulatory violations, as it undermines consumer protections designed to ensure timely resolution and fair treatment in cases of electronic fund fraud. It appears Venmo is working around the standards set by federal law to avoid fulfilling their obligation to reimburse victims of unauthorized transactions promptly and fully.","date_sent_to_company":"2026-04-02T13:45:35.000Z","issue":"Problem with a purchase or transfer","sub_product":"General-purpose prepaid card","zip_code":"33467","tags":null,"has_narrative":true,"complaint_id":"17994082","timely":"Yes","company_response":"Closed with monetary relief","submitted_via":"Web","company":"Paypal Holdings, Inc","date_received":"2025-11-28T01:30:20.000Z","state":"FL","company_public_response":null,"sub_issue":"Charged for a purchase or transfer you did not make with the card"},"highlight":{"complaint_what_happened":["This behavior raises a red flag for potential regulatory violations, as it undermines consumer <em>protections</em> designed to ensure timely resolution and fair treatment in cases of <em>electronic</em> fund fraud. It appears Venmo is working around the <em>standards</em> set by federal law to avoid fulfilling their obligation to reimburse victims of unauthorized transactions promptly and fully."]},"sort":[15.3732815,"17994082"]},{"_index":"complaint-public-v1","_id":"7722600","_score":15.259688,"_source":{"product":"Money transfer, virtual currency, or money service","complaint_what_happened":"I am trying to transfer my XXXX funds from Direct Express to my financial institution. Direct Express requires that you send your confidential information by standard unencrypted email. I asked if they would take a fax ( they said No - photo ID must be in XXXX ). I tried to send this info using secure email ( XXXX and XXXX Mail ) but they said if the information requires a passphrase or is not standard email attachment, then they will not process it. \nI sent the information on Monday XX/XX/XXXX. Their reply email says it will be processed in XXXX business hours. I called today and they said they could not process the faxes or the secure emails that I sent on Monday ( XXXX faxes and XXXX emails ) because I did not send the information as standard email attachments. They denied my request to ACH transfer my benefit funds to my bank. \n\nA banker friend helped me write the following : XX/XX/XXXX Dear Sirs : It has come to my attention that the service provider for the XXXX Direct Express MasterCard program may be exposing the confidential non-public information ( NPI ) ) of cardholders and government benefit recipients unnecessarily in violation of federal and state information security guidelines, regulations, statutes, and possibly XXXX PCI DSS standards. \n\nIt is unclear at this point who operates these cardholder services ; it may be Comerica Bank, N.A. or their money service business vendor, possibly i2c, Inc., or Conduent Corporation. The Direct Express program appears to be managed by the Fiscal Bureau of the Department of The Treasury. Comerica Bank is regulated by the Federal Reserve Bank of Dallas , Federal Deposit Insurance Corporation, and the Texas Department of Banking. Additionally, your organization, the Consumer Financial Protection Bureau, along with the Federal Trade Commission, MasterCard International, and Office of the Inspector General for the Department of the Treasury may have jurisdiction or oversight responsibilities depending on the specific operations of this program. \n\nMy concern is Direct Expresss method of communicating and exchanging information with consumers for facilitating transactions and authenticating its customers. The website http : //web.usdirectexpress.com/ does not provide for any means of contact other than by telephone. \n\nFor example, to initiate an ACH transfer from a cardholders account to a demand deposit account with another financial institution, the account holder is instructed to attach to a standard email, unredacted copies of the cardholders state photograph identification card ( such as a drivers license ) and a copy of their statement that includes their name, address, institution routing and account number information. The account information must include the full account number and routing number, unredacted. Direct Express prohibits this information from being faxed as their internal policies require a XXXX photo ID. They do not offer a secure portal for uploading information. My friend attempted to share information with them using an encryption service ( like XXXX, XXXX, etc. ) and they stated that if a password was required to access the file, then it would not be processed. Only standard email attachments are acceptable. They document some of their policies on their website at XXXX XXXX XXXX. \n\nTheir website is cobranded with Comerica and their terms of use and privacy policy reference Comerica Banks policies ( XXXX XXXX XXXX XXXX XXXX XXXX ). \n\nFederal laws, regulations, and standards would appear to prohibit a financial institution from requiring consumers to send non-public information like their state issued photo ID card and financial institutional account information by standard unencrypted email. In fact, Comerica Banks consumer E-Mail Practices page ( XXXX XXXX XXXX ) states that \" Comerica is committed to safeguarding the privacy of your personal information. Comerica will never request personal information ( e.g., Social Security number, account numbers, user IDs or passwords ) via e-mail. '' It would seem that financial institutions and their service providers are required to safeguard customer information, limit access & usage of customer information, and develop policies and procedures to safeguard such information ( Section 501 ( b ) of the Gramm Leach Bliley Act, also known as the Financial Services Modernization Act of 1999 ( P.L. 106-102, 113 Stat.1338 and codified as 15 USC 6801 ( b ) ) ).\n\nSeveral regulatory agencies have promulgated information security regulations, and the Federal Financial Institutions Examination Council has published interagency guidelines for information security standards. Applicable federal guidelines that may apply include the FFIECs Interagency Guidelines Establishing Information Security Standards, 16 CFR 314 ( Federal Trade Commission ), 12 CFR 208.61 and Appendices D-1 & D-2 to Part 208, as supplemented ( FRS ). 12 CFR 1016 ( CFPB ), and Parts 364 & 332 of CFR Title 12 ( FDIC ). \n\nAdditionally, XXXX requires its merchants and service providers to safeguard cardholder confidential information and comply with Payment Card Industry Data Security Standards. These standards may include requirements to protect cardholder data with strong cryptography during transmission over open public networks as well as develop organizational policies and programs supporting cardholder information security. They may also restrict access to cardholder confidential non-public information on a need-to-know basis. Open unencrypted email sent to a general email address would not appear to limit access to such information on such a basis. \n\nTexas banking and business laws require businesses to protect against data breaches via electronic information systems and financial institutions to adhere with federal information security standards. \n\nI believe that it would be in the best interest of federal benefit recipients and Direct Express consumers if this program either allowed consumers to upload confidential information through a secure site or developed an encrypted email system that would allow cardholders to securely share their XXXX information with Direct Express.","date_sent_to_company":"2023-10-25T16:02:19.000Z","issue":"Trouble accessing funds in your mobile or digital wallet","sub_product":"Mobile or digital wallet","zip_code":"76133","tags":"Servicemember","has_narrative":true,"complaint_id":"7722600","timely":"Yes","company_response":"Closed with explanation","submitted_via":"Web","company":"Comerica","date_received":"2023-10-18T15:35:34.000Z","state":"TX","company_public_response":null,"sub_issue":null},"highlight":{"complaint_what_happened":["Texas banking and business laws require businesses to <em>protect</em> against data breaches via <em>electronic</em> information systems and financial institutions to adhere with federal information <em>security</em> <em>standards</em>."]},"sort":[15.259688,"7722600"]},{"_index":"complaint-public-v1","_id":"10125051","_score":15.022731,"_source":{"product":"Debt collection","complaint_what_happened":"This account is reporting inaccurately because they are reporting against my wishes in general.You did NOT offer me this option at no point. 15 US code 6802 b ( 1 ) b Obligations with respect to disclosures of personal information. ( b ) 1 ( b ) Opt out the consumer is given the opportunity, before the time that such information is initially disclosed, to direct that such information is not disclosed to such a third party ( C ) the consumer is given an explanation of how the consumer can exercise that nondisclosure option. \n15 US code 6803 states At the time of establishing a customer relationship with a consumer and not less than annually during the continuation of such relationship, a financial institution shall provide a clear and conspicuous disclosure to such consumer, in writing or in electronic form or other form permitted by the regulations prescribed under section 6804 of this title, of such financial institutions policies and practices with respect to ( 1 ) disclosing nonpublic personal information to affiliates and nonaffiliated third parties, consistent with section 6802 of this title, including the categories of information that may be disclosed ; ( 2 ) disclosing nonpublic personal information of persons who have ceased to be customers of the financial institution; and ( 3 ) protecting the nonpublic personal information of consumers. \n15 US code 6801 ( a ) Privacy obligation policy. It is the policy of the Congress that each financial institution has an affirmative and continuing obligation to respect the privacy of its customers and to protect the security and confidentiality of those customers nonpublic personal information. ( b ) Financial institutions safeguard In furtherance of the policy in subsection ( a ), each agency or authority described in section 6805 ( a ) of this title, other than the Bureau of Consumer Financial Protection, shall establish appropriate standards for the financial institutions subject to their jurisdiction relating to administrative, technical, and physical safeguards ( 1 ) to insure the security and confidentiality of customer records and information ; ( 2 ) to protect against any anticipated threats or hazards to the security or integrity of such records ; and ( 3 ) to protect against unauthorized access to or use of such records or information which could result in substantial harm or inconvenience to any customer. \nThis debt was charged off. I never received the 1099C for this debt. Please provide me with the Assignment Contract of the Debt showing you have the right to collect on this debt. Since you did not offer me the opportunity to OPT out, you did not provide me with a clear disclosure. Provide written signed agreements saying that I was offered the option to OPT out of the account reporting prior to reporting. Are you denying me the above rights that were put in place as a way of fair regulation by the government?","date_sent_to_company":"2024-09-14T03:04:45.000Z","issue":"Written notification about debt","sub_product":"Credit card debt","zip_code":"627XX","tags":null,"has_narrative":true,"complaint_id":"10125051","timely":"Yes","company_response":"Closed with explanation","submitted_via":"Web","company":"Portfolio Recovery Associates, LLC","date_received":"2024-09-14T03:00:08.000Z","state":"IL","company_public_response":null,"sub_issue":"Didn't receive enough information to verify debt"},"highlight":{"complaint_what_happened":["It is the policy of the Congress that each financial institution has an affirmative and continuing obligation to respect the privacy of its customers and to <em>protect</em> the <em>security</em> and confidentiality of those customers nonpublic personal information. ( b ) Financial institutions safeguard In furtherance of the policy in subsection ( a ), each agency or authority described in section 6805 ( a ) of this title, other than the Bureau of Consumer Financial <em>Protection</em>, shall establish appropriate <em>standards</em>"]},"sort":[15.022731,"10125051"]},{"_index":"complaint-public-v1","_id":"6487801","_score":15.020101,"_source":{"product":"Vehicle loan or lease","complaint_what_happened":"\" on XX/XX/2023 I was denied a loan for XXXX XXXX XXXX XXXX, they did not Protect against nonpublic personal information. they gave my information to 3rd part financial institutions without my knowledge or consent, nor was it clear an conspicuous, I wasn't notified or given the opportunity to opt out of said information being disclosed '' 15 U.S. Code 6801 - Protection of nonpublic personal information- ( a ) Privacy obligation policy It is the policy of the Congress that each financial institution has an affirmative and continuing obligation to respect the privacy of its customers and to protect the security and confidentiality of those customers nonpublic personal information.\n\n( b ) Financial institutions safeguards In furtherance of the policy in subsection ( a ), each agency or authority described in section 6805 ( a ) of this title, other than the Bureau of Consumer Financial Protection, shall establish appropriate standards for the financial institutions subject to their jurisdiction relating to administrative, technical, and physical safeguards ( 1 ) to insure the security and confidentiality of customer records and information ; ( 2 ) to protect against any anticipated threats or hazards to the security or integrity of such records ; and ( 3 ) to protect against unauthorized access to or use of such records or information which could result in substantial harm or inconvenience to any customer.\n\n15 U.S. Code 6803 - Disclosure of institution privacy policy ( a ) Disclosure required At the time of establishing a customer relationship with a consumer and not less than annually during the continuation of such relationship, a financial institution shall provide a clear and conspicuous disclosure to such consumer, in writing or in electronic form or other form permitted by the regulations prescribed under section 6804 of this title, of such financial institutions policies and practices with respect to ( 1 ) disclosing nonpublic personal information to affiliates and nonaffiliated third parties, consistent with section 6802 of this title, including the categories of information that may be disclosed ; ( 2 ) disclosing nonpublic personal information of persons who have ceased to be customers of the financial institution; and ( 3 ) protecting the nonpublic personal information of consumers.\n\n\" they disclosed my consumer information to a non-affiliated 3rd party, witch would be XXXX. Mercedes Benz being an inhouse financial institution, there isn't a need or wasn't a clear an conspicuous disclosure that I have the right to opt out of said information being obtained '' 15 U.S. Code 6802 - Obligations with respect to disclosures of personal information - ( a ) Notice requirements Except as otherwise provided in this subchapter, a financial institution may not, directly or through any affiliate, disclose to a nonaffiliated third party any nonpublic personal information, unless such financial institution provides or has provided to the consumer a notice that complies with section 6803 of this title.\n\n( b ) Opt out ( 1 ) In general A financial institution may not disclose nonpublic personal information to a nonaffiliated third party unless ( A ) such financial institution clearly and conspicuously discloses to the consumer, in writing or in electronic form or other form permitted by the regulations prescribed under section 6804 of this title, that such information may be disclosed to such third party ; ( B ) the consumer is given the opportunity, before the time that such information is initially disclosed, to direct that such information not be disclosed to such third party ; and ( C ) the consumer is given an explanation of how the consumer can exercise that nondisclosure option. \n\" The 1st financial institution I initiated a contractual agreement with is Mercedes Benz of XXXX but because yall are inhouse Financing that makes XXXX a non-affiliated 3rd party. And according to the gramm-leach-bliley act debt collectors are considered to be financial institutions as well. So because XXXX is a non affiliated 3rd party that means Mercedes Benz XXXX XXXX didn't protect against unauthorized access to or use of such records or information which could result in substantial harm or inconvenience to me as according to 15 U.S. Code 6801 ( b ) ( 3 ) \"","date_sent_to_company":"2023-01-25T22:21:04.000Z","issue":"Getting a loan or lease","sub_product":"Loan","zip_code":"92407","tags":null,"has_narrative":true,"complaint_id":"6487801","timely":"Yes","company_response":"Closed with explanation","submitted_via":"Web","company":"Mercedes Benz Financial Services","date_received":"2023-01-25T20:18:05.000Z","state":"CA","company_public_response":null,"sub_issue":"Credit denial"},"highlight":{"complaint_what_happened":["( b ) Financial institutions safeguards In furtherance of the policy in subsection ( a ), each agency or authority described in section 6805 ( a ) of this title, other than the Bureau of Consumer Financial <em>Protection</em>, shall establish appropriate <em>standards</em> for the financial institutions subject to their jurisdiction relating to administrative, technical, and physical safeguards ( 1 ) to insure the <em>security</em> and confidentiality of customer records and information ; ( 2 ) to <em>protect</em> against any anticipated"]},"sort":[15.020101,"6487801"]},{"_index":"complaint-public-v1","_id":"11811691","_score":14.9876795,"_source":{"product":"Prepaid card","complaint_what_happened":"Subject : Urgent Complaint Regarding Data Breach and Theft of XXXX XXXX Benefits by JPMorgan Chase Bank To Whom It May Concern, I am writing to formally lodge a complaint against JPMorgan Chase Bank, the issuer of my state 's food stamp ( SNAP ) EBT card, regarding their failure to protect my benefits, resulting in the theft of all funds due to a data breach. This situation is a direct and catastrophic violation of multiple state and federal consumer protection laws, as well as provisions under the Uniform Commercial Code ( UCC ). It has caused significant and irreparable harm to me and my children, who are now facing a dire threat to our survival due to this negligence. \n\nAs of XX/XX/year>, I have lost {$1800.00} in benefits due to this theft. This loss has deprived my family of essential resources, leaving us unable to purchase food. JPMorgan Chase has failed to take appropriate action to restore these funds or address the underlying security failure that caused this issue. \n\nViolations and Legal Breaches : Federal Consumer Protection Laws 1. Electronic Fund Transfer Act ( EFTA ), 15 U.S.C. 1693 et seq.\n\nJPMorgan Chase is obligated to safeguard electronic transactions and protect consumers from unauthorized transfers. Their failure to promptly detect and prevent the theft constitutes a breach of their duty under Regulation E, including failure to investigate and resolve unauthorized transactions within 10 business days as required.\n\n2. Fair Credit Reporting Act ( FCRA ), 15 U.S.C. 1681 et seq.\n\nIf JPMorgans data breach exposed personal information, they failed to safeguard sensitive data, thereby violating their duty under FCRA to protect consumer data from unauthorized access. \n\nXXXX. XXXX XXXX ( XXXX ), 15 U.S.C. 6801 JPMorgan failed to implement adequate security protocols to protect the confidentiality of financial and nonpublic personal information. \n\n\nUniform Commercial Code ( UCC ) Violations 1. UCC 4A-202 : Security Procedures for Payment Orders JPMorgan failed to maintain commercially reasonable security procedures to verify that only authorized transactions were processed. The theft of my benefits directly indicates a lapse in implementing proper safeguards. \n\n\n\n2. UCC 4A-203 : Unauthorized Payment Orders JPMorgan is liable for processing unauthorized transactions. Their failure to detect and prevent the unauthorized access to my XXXX account constitutes gross negligence under this provision. \n\n3. UCC 4A-204 : Refund of Payment Orders Under this section, JPMorgan is obligated to refund the full amount of unauthorized transfers and can not disclaim responsibility due to the lack of security measures. \n\n4. UCC 4A-305 : Liability for Loss Caused by Improper Execution or Failure to Execute JPMorgan failed to execute their obligations properly by allowing unauthorized transactions and failing to reverse the improper transfers once reported.\n\n5. UCC 4-103 : Variation by Agreement and Standards of Care The bank can not disclaim liability for its lack of ordinary care or bad faith. Allowing unauthorized access to my benefits and failing to resolve the issue promptly violates this provision.\n\n6. UCC 4-401 : Bank 's Authority to Pay Items A bank is only authorized to pay items that are properly payable. Transactions resulting from unauthorized access are not \" properly payable, '' and JPMorgan must be held accountable for allowing them. \n\n7. UCC 4-406 : Customers Duty to Review Statements While customers are required to report unauthorized activity promptly, JPMorgans inadequate security measures facilitated the breach. Their failure to protect against foreseeable fraud and unauthorized use of my account violates this duty.\n\nGeorgia Consumer Protection Laws 1. Georgia Personal Identity Protection Act ( O.C.G.A. 10-1-910 et seq. ) This act mandates that any entity maintaining computerized data that includes personal information of individuals must notify affected Georgia residents of any breach of the security of the system without unreasonable delay. JPMorgan 's failure to promptly inform me of the data breach constitutes a violation of this statute. \n\n2. Georgia Fair Business Practices Act ( O.C.G.A. 10-1-390 et seq. ) JPMorgan 's inadequate security measures and failure to prevent unauthorized access to my XXXX account constitute unfair and deceptive acts or practices in the conduct of consumer transactions, violating Georgia 's Fair Business Practices Act. \n\n\nConsequences of JPMorgans Negligence : This data breach and subsequent theft have directly deprived my family of the means to purchase food, putting our health and survival at imminent risk. Additionally, the mental and emotional toll of this ordeal has been devastating, causing undue stress and anxiety. \n\nDemands for Remedy : I demand the following remedies to address the violations and harm caused by JPMorgan Chase : 1. Immediate restoration of stolen XXXX benefits, totaling {$1800.00}, to my XXXX account in full to ensure my familys survival. \n\n\nXXXX. Compensation for damages, including : Emotional distress caused by JPMorgans negligence.\n\nTime and resources spent addressing this issue.\n\n3. Implementation of enhanced security measures to prevent future breaches, including : Multi-factor authentication for all XXXX transactions. \n\nReal-time fraud detection alerts. \n\nXXXX. Written acknowledgment of responsibility from JPMorgan Chase and a detailed explanation of how the breach occurred. \n\nFailure to resolve this matter promptly will leave me no choice but to escalate this complaint further, including pursuing legal remedies under applicable laws. \n\nRequest for Immediate Action : I urge the Consumer Financial Protection Bureau to investigate this matter with the utmost urgency. JPMorgan Chase must be held accountable for their failure to protect my benefits and sensitive data. This breach has jeopardized the well-being of vulnerable families like mine, and immediate corrective action is required. \n\nThank you for your prompt attention to this serious matter. \n\nSincerely, XXXX XXXX XXXX XXXX XXXX XXXX XXXX","date_sent_to_company":"2025-01-28T15:52:50.000Z","issue":"Problem with a purchase or transfer","sub_product":"Government benefit card","zip_code":"304XX","tags":null,"has_narrative":true,"complaint_id":"11811691","timely":"Yes","company_response":"Closed with explanation","submitted_via":"Web","company":"JPMORGAN CHASE & CO.","date_received":"2025-01-28T15:24:42.000Z","state":"GA","company_public_response":null,"sub_issue":"Card company isn't resolving a dispute about a purchase or transfer"},"highlight":{"complaint_what_happened":["JPMorgan Chase has failed to take appropriate action to restore these funds or address the underlying <em>security</em> failure that caused this issue. \n\nViolations and Legal Breaches : Federal Consumer <em>Protection</em> Laws 1. <em>Electronic</em> Fund Transfer Act ( EFTA ), 15 U.S.C. 1693 et seq.\n\nJPMorgan Chase is obligated to safeguard <em>electronic</em> transactions and <em>protect</em> consumers from unauthorized transfers."]},"sort":[14.9876795,"11811691"]},{"_index":"complaint-public-v1","_id":"18422434","_score":14.7212305,"_source":{"product":"Credit card","complaint_what_happened":"I am filing this new complaint because Bank of America has failed to rectify the issues stated in Complaint ID XXXX and continues to violate my rights as a consumer. \n\nDespite my explicit instructions to stop all data sharing via the Visa Account Updater ( VAU ) program, Bank of America has again allowed an unauthorized merchant charge to bypass a card replacement. This is a direct result of the banks refusal to process an opt-out request that Visas own documentation states is the consumer 's right. \n\nBecause of VAU my credit card continues to experience fraud charges. I have notified them to block these merchants multiple times and even request to be removed from VAU. And they have done nothing. \n\nLegal Violations : Regulation Z ( Truth in Lending Act ) : Bank of America is facilitating unauthorized charges by proactively sending my private, updated account information to merchants I have already attempted to block. By failing to stop this data transmission after being told to do so, the bank is responsible for the resulting unauthorized transactions. \n\nRegulation E ( Electronic Fund Transfer Act ) : The bank is allowing recurring electronic access to my account credentials without my valid, ongoing consent. \n\nUDAAP ( Unfair, Deceptive, or Abusive Acts or Practices ) : Bank of America representatives have repeatedly and falsely claimed that an opt-out for VAU is \" impossible. '' Providing false information regarding a consumer 's ability to control their financial data is a deceptive practice.\n\nBreach of Fiduciary Duty regarding Data Security : By forcing my participation in a data-sharing web ( VAU ) against my express written and verbal instructions, the bank is intentionally creating a security vulnerability. They are providing \" keys to my house '' to merchants I have already moved to evict from my account. \n\nDeceptive Omissions : Bank of America fails to clearly and conspicuously disclose the VAU opt-out process in their initial Cardholder Agreement. This lack of transparency is a deceptive practice intended to keep consumers trapped in recurring payment cycles for the bank 's own profit via interchange fees. \n\nViolation of the Gramm-Leach-Bliley Act ( GLBA ) / Privacy Rule : Bank of America is sharing my non-public personal information ( NPI ) specifically my updated credit card numbers and expiration dateswith third-party merchants without my consent. Because I have explicitly revoked my \" opt-in '' to the VAU program, their continued sharing of this data constitutes a breach of federal privacy standards and a failure to protect my financial data from unauthorized disclosure. \n\nRequired Resolution : I demand that Bank of America immediately : Hard-block my account from the Visa Account Updater ( VAU ) Reverse the unauthorized charges allowed through this service. \n\nProvide a written statement explaining why my previous requests to opt out were ignored or met with false information from staff. \n\nI have attempted to resolve this through standard customer service channels multiple times to no avail. I am now seeking CFPB intervention to force compliance with federal consumer protection standards.","date_sent_to_company":"2026-01-02T17:00:31.000Z","issue":"Other features, terms, or problems","sub_product":"General-purpose credit card or charge card","zip_code":"85226","tags":null,"has_narrative":true,"complaint_id":"18422434","timely":"Yes","company_response":"Closed with monetary relief","submitted_via":"Web","company":"BANK OF AMERICA, NATIONAL ASSOCIATION","date_received":"2026-01-02T16:53:13.000Z","state":"AZ","company_public_response":"Company has responded to the consumer and the CFPB and chooses not to provide a public response","sub_issue":"Privacy issues"},"highlight":{"complaint_what_happened":["I have attempted to resolve this through <em>standard</em> customer service channels multiple times to no avail. I am now seeking CFPB intervention to force compliance with federal consumer <em>protection</em> <em>standards</em>."]},"sort":[14.7212305,"18422434"]},{"_index":"complaint-public-v1","_id":"15482261","_score":14.098628,"_source":{"product":"Checking or savings account","complaint_what_happened":"To Whom It May Concern, This letter serves as a formal demand for the full reimbursement of funds improperly debited from my account. Based on a documented timeline of unauthorized transactions, Wells Fargo is 100 % liable for all financial losses related to recurring payments to XXXX. The bank 's actions represent a systemic failure to protect my account and a clear violation of its duty of care and federal law. \nFactual Basis of the Claim In On XX/XX/XXXX, I contacted Wells Fargo and provided explicit instructions to cease all future recurring charges from Afterpay to my checking and savings accounts. At that time, the debit card associated with these charges, ending in XXXX, was reported as compromised or cancelled by the bank. \nDespite these clear instructions and the card 's cancellation, my bank statements show that Wells Fargo proceeded to authorize and process multiple recurring payments to XXXX on the cancelled card, or through other means, well into XXXX and XXXX. The bank 's own statements, titled \" UNAUTHORIZED AFTERPAY TRANSACTIONS, '' show a clear and continuous pattern of negligence. The statements explicitly use the term \" RECURRING PAYMENT AUTHORIZED, '' which proves that Wells Fargo 's system was actively reauthorizing these payments, a key point of failure. \nFurthermore, the statements show transactions on at least XXXX different card numbers, including XXXX and XXXX, in addition to the original XXXX. This indicates a broader systemic security failure and a breakdown in the bank 's ability to protect my account from a single merchant. The payments were for varying and arbitrary amounts, ranging from as low as {$7.00} to over {$65.00}, a chaotic pattern that further demonstrates a lack of ordinary care. \nLegal and Procedural Arguments Any argument by Wells Fargo based on an expired \" stop payment '' order is irrelevant and invalid. This case is not based on a technical \" stop payment '' request, which the Uniform Commercial Code ( UCC ) states is only effective for XXXX months. My case is based on the bank 's failure to honor a card cancellation and its duty to prevent unauthorized recurring payments on a compromised account. The bank 's action of cancelling the card was a direct instruction to cease all activity, and by processing subsequent transactions, it violated its own internal procedures and federal law.\n\nFederal laws, such as the Electronic Fund Transfer Act ( EFTA ), found in 15 U.S.C. 1693 et seq., and its implementing regulation, Regulation E ( 12 C.F.R. Part 1005 ), establish a bank 's liability for unauthorized electronic fund transfers. My liability for these unauthorized charges should be limited to {$0.00} under 12 C.F.R.\n\n1005.6. By making payments on a compromised or cancelled card, the bank failed to meet its basic security and fraud protection standards, which is a clear breach of its duty to its customer.Conclusion Wells Fargo 's liability is total and complete. The banks own records serve as documented proof of its negligence and a continuous, systemic failure to manage recurring payments, honor a card cancellation, and protect my account from unauthorized transactions.\n\nThe financial and emotional strain this has caused on both of us, particularly given our age and health conditions, is horrific. This is more than a simple financial loss ; it is a fundamental breach of trust. \nPlease note, the detailed documentation for each of these unauthorized charges will be provided on separate documents.","date_sent_to_company":"2025-08-24T13:23:57.000Z","issue":"Managing an account","sub_product":"Checking account","zip_code":"36301","tags":null,"has_narrative":true,"complaint_id":"15482261","timely":"Yes","company_response":"Closed with monetary relief","submitted_via":"Web","company":"WELLS FARGO & COMPANY","date_received":"2025-08-24T13:13:28.000Z","state":"AL","company_public_response":"Company has responded to the consumer and the CFPB and chooses not to provide a public response","sub_issue":"Funds not handled or disbursed as instructed"},"highlight":{"complaint_what_happened":["By making payments on a compromised or cancelled card, the bank failed to meet its basic <em>security</em> and fraud <em>protection</em> <em>standards</em>, which is a clear breach of its duty to its customer.Conclusion Wells Fargo 's liability is total and complete. The banks own records serve as documented proof of its negligence and a continuous, systemic failure to manage recurring payments, honor a card cancellation, and <em>protect</em> my account from unauthorized transactions."]},"sort":[14.098628,"15482261"]},{"_index":"complaint-public-v1","_id":"9848520","_score":14.030823,"_source":{"product":"Credit reporting or other personal consumer reports","complaint_what_happened":"1 am writing to formally demand that Equifax Inc. immediately cease and desist from any further unauthorized use, disclosure, and sale of my personal information, including but not limited to my name, Social Security number, and address. This demand follows the significant data breach that compromised my personal information, causing me considerable concern over the potential for identity theft, fraud, and other harms.\n\nLegal Basis The unauthorized disclosure and potential misuse of my personal information are clear violations of several federal and state consumer protection laws, including : 1. 15 U.S. Code 6821 - Privacy Protection for Customer Information of Financial Institutions : This statute, part of the Gramm-Leach-Bliley Act ( GLBA ), makes it illegal for financial institutions including credit reporting agencies like Equifax, to obtain or disclose customer information without proper authorization. The data breach and any subsequent sale of my personal information represent a direct violation of this statute.\n\n2. Gramm-Leach-Bliley Act ( GLBA ) : The GLBA mandates financial institutions to protect the privacy of their customers ' nonpublic personal information. Equifax 's failure to secure my data in accordance with the standards set forth in the GLBA constitutes a significant breach of its legal obligations.\n\n3. Fair Credit Reporting Act ( FCRA ) : The FCRA imposes strict requirements on credit reporting agencies to ensure the accuracy, confidentiality, and proper handling of consumer information. The unauthorized disclosure of my personal information violates my rights under this Act.\n\n4. Federal Trade Commission Act ( FTC Act ) Section 5 : The FTC Act prohibits unfair or deceptive practices in commerce.\n\nEquifax 's failure to implement adequate security measures to protect my personal information from a breach is an unfair practice under this statute.\n\n5. Consumer Financial Protection Act ( CFPA ) : Under the CFPA, the Consumer Financial Protection Bureau ( CFPB ) is empowered to take action against companies engaged in unfair, deceptive, or abusive acts or practices. Equifax 's handling of my personal information may be considered such an act.\n\n6. State-Specific Data Breach Notification Laws : Depending on the state in which I reside, Equifax 's failure to promptly notify me of the breach and its failure to adequately protect my personal information may also constitute a violation of state laws governing data breaches and consumer pr-tection. 7. U.C.C. Article 2 ( Sales ) and Article 9 ( Secured Transactions ) : The unauthorized sale or transfer of my personal information without my consent is a violation of the U.C.C. provisions related to the sale and securing of intangible assets.\n\n8. Right to Financial Privacy Act ( RFPA ) : The RFPA restricts access to individuals ' financial records without their consent. Equifax 's actions may have infringed upon these protections.\n\n9. Identity Theft and Assumption Deterrence Act : This federal law criminalizes the unauthorized use or transfer of another person 's personal identifying information with the intent to commit fraud. Equifax 's failure to secure my data has increased my risk of becoming a victim under this Act.\n\n10. Electronic Communications Privacy Act ( ECPA ) : The ECPA prohibits the unauthorized access to and disclosure of electronic communications. Equifax 's failure to secure its systems could constitute a violation of this Act.\n\n11. Stored Communications Act ( SCA ) : The SCA is a part of the ECPA and offers protections for the contents of stored communications. The breach of Equifax 's systems likely violated these protections.\n\n12. California Consumer Privacy Act ( CCPA ) ( if applicable ) : If I reside in California, the CCPA provides additional rights and protections concerning the use and sale of my personal information.\n\nEquifax 's actions may have violated these rights.\n\n13. New York SHIELD Act ( if applicable : If I reside in New York, the SHIELD Act requires businesses to implement reasonable data security measures. Equifax 's failure to protect my data could be a violation of this Act.\n\n14. Illinois Personal Information Protection Act ( if applicable ) : If I reside in Illinois, this Act requires entities to implement and maintain reasonable security measures to protect personal information.\n\nEquifax 's failure in this regard is a violation of this Act.\n\n15. Data Breach Accountability and Enforcement Act : This proposed federal legislation underscores the importance of holding entities accountable for data breaches. While not yet enacted, it reflects the growing recognition of the need for stricter enforcement against companies that fail to protect consumer data. Demands 1. Immediate Cessation : Equifax must immediately cease the unauthorized use, disclosure, and sale of my personal information. This includes ensuring that any third parties with whom my information was shared or sold cease using it.\n\n2. Remediation Plan : I demand that Equifax provide a detailed plan for how it intends to remediate the damage caused by this data breach.\n\nThis should include steps taken to prevent future breaches, compensation for any damages I have suffered, in the amount of {$1000.00} per violation and a comprehensive credit monitoring service at no cost to me.\n\n3. Proof of Compliance : Within 30 days of receipt of this letter, I expect to receive written confirmation that Equifax has ceased all unauthorized activities related to my personal information and has implemented the requested remedial measures.Delete all negative charge offs late and missed payments, remove all negative account that are impacting my score due to my information being sold illegally in data breach by Equifax. I also want the other bureau notified and updated the same way deleted all negative accounts charge offs late payments closed accounts and anything that is negatively effecting my score. It has been a year and the company has yet to respond yet my information has been leaked and confirmed by company ( EQUIFAX ) my credit report has suffered severely with accounts & inquiries unauthorized by me negative reports that violated my consumer rights, I am receiving an extreme number of non stop spam calls and emails from companies I have never dealt, with financial threats and solicitation from credit agencies I have never done business with .They failed to produce contact baring my human wet or signature or to respond. This must be fixed immediately.","date_sent_to_company":"2024-08-19T03:46:13.000Z","issue":"Improper use of your report","sub_product":"Credit reporting","zip_code":"70122","tags":null,"has_narrative":true,"complaint_id":"9848520","timely":"Yes","company_response":"Closed with explanation","submitted_via":"Web","company":"EQUIFAX, INC.","date_received":"2024-08-19T03:06:35.000Z","state":"LA","company_public_response":null,"sub_issue":"Reporting company used your report improperly"},"highlight":{"complaint_what_happened":["<em>Electronic</em> Communications Privacy Act ( ECPA ) : The ECPA prohibits the unauthorized access to and disclosure of <em>electronic</em> communications. Equifax 's failure to secure its systems could constitute a violation of this Act.\n\n11. Stored Communications Act ( SCA ) : The SCA is a part of the ECPA and offers <em>protections</em> for the contents of stored communications. The breach of Equifax 's systems likely violated these <em>protections</em>.\n\n12."]},"sort":[14.030823,"9848520"]},{"_index":"complaint-public-v1","_id":"17916534","_score":13.922756,"_source":{"product":"Money transfer, virtual currency, or money service","complaint_what_happened":"Complaint Regarding Chimes Failure to Investigate Fraud, Failure to Comply With Regulation E, and Breach of Fiduciary Duties XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX Member since XXXX Account ending in : XXXX Chime Financial , Inc. \nAttn : XXXX XXXX XXXX  Re : Formal Complaint Failure to Investigate Fraud, Regulation E Violations, XXXX XXXX XXXX, and Member Safety Concerns To Whom It May Concern : I submit this formal complaint regarding Chimes continuing refusal to investigate clear fraudulent activity involving another Chime account holder who obtained funds from me under false pretenses, in violation of Chimes Member Guidelines, U.S. banking law, and applicable consumer-protection regulations. Despite multiple notifications, Chime has failed to conduct a proper investigation, failed to follow Regulation E, and failed to take any meaningful steps to protect its customer. \n\nBackground On XX/XX/XXXX, I contacted Chime to report that I had been the victim of fraud committed by another Chime account holder who induced me to send funds through deceptive means. I provided clear notice that the transaction involved obtaining money under a false pretense, which constitutes fraud and triggers Chimes statutory investigatory obligations. \n\nOn XX/XX/XXXX, I spoke with XXXX from Chime Support located in the XXXX. Her handling of the matter was dismissive and inconsistent with required fraud-investigation procedures. Similarly, on last Thursday, I spoke with a representative named XXXX via Chat feature, who refused to answer whether she was located in the United States and similarly declined to take any investigative action or escalate the matter appropriately.\n\nLegal Standards Under the Electronic Fund Transfer Act ( EFTA ), 15 U.S.C. 1693 et seq., and its implementing regulation, Regulation E ( 12 C.F.R. 1005.11 ), once a consumer provides notice of an unauthorized or fraudulent electronic fund transfer, a financial institution must : Promptly initiate an investigation ; Conduct a reasonable, good-faith review of the consumers claim ; Obtain and evaluate evidence, including merchant or counterparty information ; Determine whether an error occurred ; Correct any identified error ; Provide a written explanation of findings ; Issue provisional credit within the statutory timeframe when required.\n\nChimes failure to engage in any of these mandatory steps constitutes prima facie non-compliance with EFTA and Regulation E. \n\nFurthermore, PayPaloperating both as a bank-level financial institution and a XXXX provideroffers aggressive, structured, and consumer-protective mediation services, including mandatory merchant outreach, transaction holds, case reviews, and detailed documentation. This comparison demonstrates that Chimes response falls substantially below industry standard, particularly for institutions operating in the XXXX and quasi-banking space. \n\nChime is required to act as a responsible steward of member funds and owes a fiduciary-like duty to maintain reasonable security, enforce its XXXX XXXX, and protect consumers from fraud. \n\nXXXX and Risk-Management Concerns The fraudsters account historywhich you can review internallyshows unusual activity, including exclusively cash-based deposits, a known red-flag indicator under AML and BSA compliance standards. When an internal customer is accused of obtaining funds by false pretenses and their transaction patterns indicate high risk, this requires : Suspicious Activity Report ( SAR ) review Enhanced Due Diligence ( EDD ) Account restrictions, holds, or closure Verification of true beneficial ownership and contact information Chime failed to take any of these steps despite receiving explicit notice of fraud. \n\nChimes Failure to Act To date, Chime has : Failed to open a proper investigation ; Failed to follow Regulation E requirements ; Failed to contact or meaningfully review the account of the alleged fraudster ; Failed to verify the account holders address or identity ; Failed to conduct XXXX XXXX despite indicators of suspicious activity ; Failed to offer any mediation or consumer-protection steps typically employed by comparable institutions ; Failed to protect a customer reporting criminal activity. \n\n\nThese failures are systemic and unacceptable. \n\nRequested Action I respectfully request that Chime take the following actions immediately : Open a formal Regulation E investigation into the fraudulent transfer.\n\nProvide written confirmation of the steps taken, findings, and evidence reviewed.\n\nProvisionally credit the disputed funds as required under 12 C.F.R. 1005.11 ( c ) ( 2 ).\n\nConduct a full XXXX assessment of the counterparty account, including unusual cash deposit patterns and allegations of obtaining funds by false pretense. \n\n\nClose the fraudsters account if your review confirms improper activity or identity inconsistencies. \n\n\nDocument and communicate whether a XXXX was filed. \n\n\nProvide the name and department of the XXXX XXXX assigned to this case. \n\n\n\nConclusion Chimes failure to take appropriate action after multiple notices of fraud violates federal law, internal policy, and industry standards for consumer protection and risk management. I request immediate corrective action and written confirmation of the steps being taken. \n\nThank you for your prompt attention to this matter. \nXXXX XXXX XXXX I am recently retired from working in Fraud and Collections from a Bank/XXXX card issuer .","date_sent_to_company":"2025-11-25T09:22:12.000Z","issue":"Fraud or scam","sub_product":"Domestic (US) money transfer","zip_code":"89107","tags":null,"has_narrative":true,"complaint_id":"17916534","timely":"Yes","company_response":"Closed with explanation","submitted_via":"Web","company":"Chime Financial Inc","date_received":"2025-11-25T08:46:10.000Z","state":"NV","company_public_response":null,"sub_issue":null},"highlight":{"complaint_what_happened":["This comparison demonstrates that Chimes response falls substantially below industry <em>standard</em>, particularly for institutions operating in the XXXX and quasi-banking space. \n\nChime is required to act as a responsible steward of member funds and owes a fiduciary-like duty to maintain reasonable <em>security</em>, enforce its XXXX XXXX, and <em>protect</em> consumers from fraud."]},"sort":[13.922756,"17916534"]},{"_index":"complaint-public-v1","_id":"8025640","_score":13.881818,"_source":{"product":"Credit reporting or other personal consumer reports","complaint_what_happened":"XXXX XXXX, equifax. \n15 U.S. Code 1679c - Disclosures ( a ) Disclosure required Any credit repair organization shall provide any consumer with the following written statement before any contract or agreement between the consumer and the credit repair organization is executed : Consumer Credit File Rights Under State and Federal Law You have a right to dispute inaccurate information in your credit report by contacting the credit bureau directly. However, neither you nor any credit repair company or credit repair organization has the right to have accurate, current, and verifiable information removed from your credit report. The credit bureau must remove accurate, negative information from your report only if it is over 7 years old. Bankruptcy information can be reported for 10 years. \n604. Permissible purposes of consumer reports [ 15 U.S.C. 1681b ] ( a ) In general. Subject to subsection ( c ), any consumer reporting agency may furnish a consumer report under the following circumstances and no other : ( 1 ) In response to the order of a court having jurisdiction to issue such an order, or a subpoena issued in connection with proceedings before a Federal grand jury. ( 2 ) In accordance with the written instructions of the consumer to whom it relates. \n15 U.S. Code 6801 - Protection of nonpublic personal information ( a ) Privacy obligation policy It is the policy of the Congress that each financial institution has an affirmative and continuing obligation to respect the privacy of its customers and to protect the security and confidentiality of those customers nonpublic personal information. \n\n15 U.S. Code 6802 - Obligations with respect to disclosures of personal information ( a ) Notice requirements Except as otherwise provided in this subchapter, a financial institution may not, directly or through any affiliate, disclose to a nonaffiliated third party any nonpublic personal information, unless such financial institution provides or has provided to the consumer a notice that complies with section 6803 of this title.\n\n( b ) Opt out ( 1 ) In general A financial institution may not disclose nonpublic personal information to a nonaffiliated third party unless ( A ) such financial institution clearly and conspicuously discloses to the consumer, in writing or in electronic form or other form permitted by the regulations prescribed under section 6804 of this title, that such information may be disclosed to such third party ; ( B ) the consumer is given the opportunity, before the time that such information is initially disclosed, to direct that such information not be disclosed to such third party ; and ( C ) the consumer is given an explanation of how the consumer can exercise that nondisclosure option. \n\n15 U.S. Code 6803 - Disclosure of institution privacy policy ( a ) Disclosure required At the time of establishing a customer relationship with a consumer and not less than annually during the continuation of such relationship, a financial institution shall provide a clear and conspicuous disclosure to such consumer, in writing or in electronic form or other form permitted by the regulations prescribed under section 6804 of this title, of such financial institutions policies and practices with respect to ( 1 ) disclosing nonpublic personal information to affiliates and nonaffiliated third parties, consistent with section 6802 of this title, including the categories of information that may be disclosed ; ( 2 ) disclosing nonpublic personal information of persons who have ceased to be customers of the financial institution; and ( 3 )\n\nprotecting the nonpublic personal information of consumers. 15 U.S. Code 6804 - Rulemaking ( a ) Regulatory authority ( 1 ) Rulemaking ( A ) In general Except as provided in subparagraph ( C ), the Bureau of Consumer Financial Protection and the Securities and Exchange Commission shall have authority to prescribe such regulations as may be necessary to carry out the purposes of this subchapter with respect to financial institutions and other persons subject to their respective jurisdiction under section 6805 of this title ( and notwithstanding subtitle B of the Consumer Financial Protection Act of 2010 [ 12 U.S.C. 5511 et seq. ] ), except that the Bureau of Consumer Financial Protection shall not have authority to prescribe regulations with respect to the standards under section 6801 of this title.","date_sent_to_company":"2023-12-19T22:46:39.000Z","issue":"Improper use of your report","sub_product":"Credit reporting","zip_code":"43211","tags":null,"has_narrative":true,"complaint_id":"8025640","timely":"Yes","company_response":"Closed with explanation","submitted_via":"Web","company":"EQUIFAX, INC.","date_received":"2023-12-19T22:46:36.000Z","state":"OH","company_public_response":null,"sub_issue":"Reporting company used your report improperly"},"highlight":{"complaint_what_happened":["Financial <em>Protection</em> Act of 2010 [ 12 U.S.C. 5511 et seq. ] ), except that the Bureau of Consumer Financial <em>Protection</em> shall not have authority to prescribe regulations with respect to the <em>standards</em> under section 6801 of this title."]},"sort":[13.881818,"8025640"]},{"_index":"complaint-public-v1","_id":"8025221","_score":13.858706,"_source":{"product":"Credit reporting or other personal consumer reports","complaint_what_happened":"experian, transunion, XXXX. \n15 U.S. Code 1679c - Disclosures ( a ) Disclosure required Any credit repair organization shall provide any consumer with the following written statement before any contract or agreement between the consumer and the credit repair organization is executed : Consumer Credit File Rights Under State and Federal Law You have a right to dispute inaccurate information in your credit report by contacting the credit bureau directly. However, neither you nor any credit repair company or credit repair organization has the right to have accurate, current, and verifiable information removed from your credit report. The credit bureau must remove accurate, negative information from your report only if it is over XXXX XXXX XXXX. Bankruptcy information can be reported for 10 years.\n\n604. Permissible purposes of consumer reports [ 15 U.S.C. 1681b ] ( a ) In general. Subject to subsection ( c ), any consumer reporting agency may furnish a consumer report under the following circumstances and no other : ( XXXX ) In response to the order of a court having jurisdiction to issue such an order, or a subpoena issued in connection with proceedings before a Federal grand jury. ( 2 ) In accordance with the written instructions of the consumer to whom it relates.\n\n15 U.S. Code 6801 - Protection of nonpublic personal information ( a ) Privacy obligation policy It is the policy of the Congress that each financial institution has an affirmative and continuing obligation to respect the privacy of its customers and to protect the security and confidentiality of those customers nonpublic personal information. \n\n15 U.S. Code 6802 - Obligations with respect to disclosures of personal information ( a ) Notice requirements Except as otherwise provided in this subchapter, a financial institution may not, directly or through any affiliate, disclose to a nonaffiliated third party any nonpublic personal information, unless such financial institution provides or has provided to the consumer a notice that complies with section 6803 of this title.\n\n( b ) Opt out ( 1 ) In general A financial institution may not disclose nonpublic personal information to a nonaffiliated third party unless ( A ) such financial institution clearly and conspicuously discloses to the consumer, in writing or in electronic form or other form permitted by the regulations prescribed under section 6804 of this title, that such information may be disclosed to such third party ; ( B ) the consumer is given the opportunity, before the time that such information is initially disclosed, to direct that such information not be disclosed to such third party ; and ( C ) the consumer is given an explanation of how the consumer can exercise that nondisclosure option. \n\nXXXX XXXX XXXX XXXX - XXXX of institution privacy policy ( a ) XXXX required At the time of establishing a customer relationship with a consumer and not less than annually during the continuation of such relationship, a financial institution shall provide a clear and conspicuous disclosure to such consumer, in writing or in electronic form or other form permitted by the regulations prescribed under section 6804 of this title, of such financial institutions policies and practices with respect to ( 1 ) disclosing nonpublic personal information to affiliates and nonaffiliated third parties, consistent with section 6802 of this title, including the categories of information that may be disclosed ; ( 2 ) disclosing nonpublic personal information of persons who have ceased to be customers of the financial institution; and ( 3 ) protecting the nonpublic personal information of consumers.\n\n15 U.S. Code 6804 - Rulemaking ( a ) Regulatory authority ( 1 ) Rulemaking ( A ) In general Except as provided in subparagraph ( C ), the Bureau of Consumer Financial Protection and the Securities and Exchange Commission shall have authority to prescribe such regulations as may be necessary to carry out the purposes of this subchapter with respect to financial institutions and other persons subject to their respective jurisdiction under section 6805 of this title ( and notwithstanding subtitle B of the Consumer Financial Protection Act of 2010 [ 12 U.S.C. 5511 et seq. ] ), except that the Bureau of Consumer Financial Protection shall not have authority to prescribe regulations with respect to the standards under section XXXX of this title.","date_sent_to_company":"2023-12-19T22:46:31.000Z","issue":"Improper use of your report","sub_product":"Credit reporting","zip_code":"43211","tags":null,"has_narrative":true,"complaint_id":"8025221","timely":"Yes","company_response":"Closed with non-monetary relief","submitted_via":"Web","company":"TRANSUNION INTERMEDIATE HOLDINGS, INC.","date_received":"2023-12-19T22:09:51.000Z","state":"OH","company_public_response":"Company has responded to the consumer and the CFPB and chooses not to provide a public response","sub_issue":"Reporting company used your report improperly"},"highlight":{"complaint_what_happened":["Financial <em>Protection</em> Act of 2010 [ 12 U.S.C. 5511 et seq. ] ), except that the Bureau of Consumer Financial <em>Protection</em> shall not have authority to prescribe regulations with respect to the <em>standards</em> under section XXXX of this title."]},"sort":[13.858706,"8025221"]},{"_index":"complaint-public-v1","_id":"6121667","_score":13.756896,"_source":{"product":"Credit reporting, credit repair services, or other personal consumer reports","complaint_what_happened":"To whom it may concern, I have recently received my credit report and noticed violations under the 15 us code 1681 and 15 us code 1681b and 15 us code 6801 and 15 us code 6802 ( FCRA ). The law clearly states the following 15 USC 15 U.S. Code 1681 - Congressional findings and statement of purpose ( a ) ACCURACY AND FAIRNESS OF CREDIT REPORTINGThe Congress makes the following findings : ( 1 ) The banking system is dependent upon fair and accurate credit reporting. Inaccurate credit reports directly impair the efficiency of the banking system, and unfair credit reporting methods undermine the public confidence which is essential to the continued functioning of the banking system. ( 4 ) There is a need to insure that consumer reporting agencies exercise their grave responsibilities with fairness, impartiality, and a respect for the consumers right to privacy. ( b ) REASONABLE PROCEDURES It is the purpose of this subchapter to require that consumer reporting agencies adopt reasonable procedures for meeting the needs of commerce for consumer credit, personnel, insurance, and other information in a manner which is fair and equitable to the consumer, with regard to the confidentiality, accuracy, relevancy, and proper utilization of such information in accordance with the requirements of this subchapter. 15 U.S. Code 6801 - Protection of nonpublic personal information ( a ) PRIVACY OBLIGATION POLICY It is the policy of the Congress that each financial institution has an affirmative and continuing obligation to respect the privacy of its customers and to protect the security and confidentiality of those customers nonpublic personal information. ( b ) FINANCIAL INSTITUTIONS SAFEGUARDSIn furtherance of the policy in subsection ( a ), each agency or authority described in section 6805 ( a ) of this title, other than the Bureau of Consumer Financial Protection, shall establish appropriate standards for the financial institutions subject to their jurisdiction relating to administrative, technical, and physical safeguards ( 1 ) to insure the security and confidentiality of customer records and information ; ( 2 ) to protect against any anticipated threats or hazards to the security or integrity of such records ; and ( 3 ) to protect against unauthorized access to or use of such records or information which could result in substantial harm or inconvenience to any customer. 15 U.S. Code 6802 - Obligations with respect to disclosures of personal information ( a ) NOTICE REQUIREMENTS Except as otherwise provided in this subchapter, a financial institution may not, directly or through any affiliate, disclose to a nonaffiliated third party any nonpublic personal information, unless such financial institution provides or has provided to the consumer a notice that complies with section 6803 of this title. ( b ) OPT OUT ( 1 ) IN GENERALA financial institution may not disclose nonpublic personal information to a nonaffiliated third party unless ( A ) such financial institution clearly and conspicuously discloses to the consumer, in writing or in electronic form or other form permitted by the regulations prescribed under section 6804 of this title, that such information may be disclosed to such third party ; ( B ) the consumer is given the opportunity, before the time that such information is initially disclosed, to direct that such information not be disclosed to such third party ; and ( C ) the consumer is given an explanation of how the consumer can exercise that nondisclosure option. The following accounts are inaccurate and are in clear violation of my privacy. Which is a violation of the law. This is embarrassing and damaging to my reputation as a consumer. As the consumer I demand the following accounts be DELETED from my credit report immediately. XXXX OF XXXX / NELNET XXXX DEPT XXXX XXXX / NELNET XXXX","date_sent_to_company":"2022-10-24T19:52:22.000Z","issue":"Improper use of your report","sub_product":"Credit reporting","zip_code":"77089","tags":null,"has_narrative":true,"complaint_id":"6121667","timely":"Yes","company_response":"Closed with explanation","submitted_via":"Web","company":"Nelnet, Inc.","date_received":"2022-10-24T19:38:06.000Z","state":"TX","company_public_response":null,"sub_issue":"Reporting company used your report improperly"},"highlight":{"complaint_what_happened":["than the Bureau of Consumer Financial <em>Protection</em>, shall establish appropriate <em>standards</em> for the financial institutions subject to their jurisdiction relating to administrative, technical, and physical safeguards ( 1 ) to insure the <em>security</em> and confidentiality of customer records and information ; ( 2 ) to <em>protect</em> against any anticipated threats or hazards to the <em>security</em> or integrity of such records ; and ( 3 ) to <em>protect</em> against unauthorized access to or use of such records or information which"]},"sort":[13.756896,"6121667"]},{"_index":"complaint-public-v1","_id":"6323242","_score":13.73447,"_source":{"product":"Credit reporting, credit repair services, or other personal consumer reports","complaint_what_happened":"My non public personal information was disclosed to a nonaffiliated third party ( the credit bureau ) without a notice that complies with section 6803 of 15 U.S. Code 6802 - Obligations with respect to disclosures of personal information.\n\n15 U.S. Code 6801 - Protection of nonpublic personal information ( b ) Financial institutions safeguards In furtherance of the policy in subsection ( a ), each agency or authority described in section 6805 ( a ) of this title, other than the Bureau of Consumer Financial Protection, shall establish appropriate standards for the financial institutions subject to their jurisdiction relating to administrative, technical, and physical safeguards ( 1 ) to insure the security and confidentiality of customer records and information ; ( 2 ) to protect against any anticipated threats or hazards to the security or integrity of such records ; and ( 3 ) to protect against unauthorized access to or use of such records or information which could result in substantial harm or inconvenience to any customer. \n( Pub. XXXX XXXX, title XXXX, XXXX, XXXX XXXX, XXXX, XXXX XXXX. XXXX ; Pub. XXXX XXXX, title X, XXXX ( XXXX ), XX/XX/XXXX, XXXX XXXX. XXXX. ) - XXXX XXXX XXXX XXXX - Obligations with respect to disclosures of personal information : ( a ) Notice requirements Except as otherwise provided in this subchapter, a financial institution may not, directly or through any affiliate, disclose to a nonaffiliated third party any nonpublic personal information, unless such financial institution provides or has provided to the consumer a notice that complies with section 6803 of this title.\n\n( b ) Opt out ( 1 ) In general A financial institution may not disclose nonpublic personal information to a nonaffiliated third party unless ( A ) such financial institution clearly and conspicuously discloses to the consumer, in writing or in electronic form or other form permitted by the regulations prescribed under section 6804 of this title, that such information may be disclosed to such third party ; ( B ) the consumer is given the opportunity, before the time that such information is initially disclosed, to direct that such information not be disclosed to such third party ; and ( C ) the consumer is given an explanation of how the consumer can exercise that nondisclosure option.\n\n15 U.S. Code 1681a - Definitions ; rules of construction : ( 2 ) Exclusions.Except as provided in paragraph ( 3 ), the term consumer report does not include ( A ) subject to section 1681s3 of this title, any ( i ) report containing information solely as to transactions or experiences between the consumer and the person making the report ; ( ii ) communication of that information among persons related by common ownership or affiliated by corporate control; or ( iii ) communication of other information among persons related by common ownership or affiliated by corporate control, if it is clearly and conspicuously disclosed to the consumer that the information may be communicated among such persons and the consumer is given the opportunity, before the time that the information is initially communicated, to direct that such information not be communicated among such persons ;","date_sent_to_company":"2022-12-16T03:16:39.000Z","issue":"Incorrect information on your report","sub_product":"Credit reporting","zip_code":"315XX","tags":null,"has_narrative":true,"complaint_id":"6323242","timely":"Yes","company_response":"Closed with explanation","submitted_via":"Web","company":"EQUIFAX, INC.","date_received":"2022-12-16T03:16:33.000Z","state":"GA","company_public_response":null,"sub_issue":"Account status incorrect"},"highlight":{"complaint_what_happened":["and information ; ( 2 ) to <em>protect</em> against any anticipated threats or hazards to the <em>security</em> or integrity of such records ; and ( 3 ) to <em>protect</em> against unauthorized access to or use of such records or information which could result in substantial harm or inconvenience to any customer"]},"sort":[13.73447,"6323242"]}]},"aggregations":{"has_narrative":{"meta":{},"doc_count":661,"has_narrative":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":1,"key_as_string":"true","doc_count":661}]}},"product":{"doc_count":661,"product":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Credit reporting or other personal consumer reports","doc_count":472,"sub_product.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Credit reporting","doc_count":465},{"key":"Other personal consumer report","doc_count":7}]}},{"key":"Credit reporting, credit repair services, or other personal consumer reports","doc_count":87,"sub_product.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Credit reporting","doc_count":87}]}},{"key":"Debt collection","doc_count":38,"sub_product.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Credit card debt","doc_count":14},{"key":"I do not know","doc_count":8},{"key":"Medical debt","doc_count":6},{"key":"Other debt","doc_count":4},{"key":"Auto debt","doc_count":3},{"key":"Telecommunications debt","doc_count":2},{"key":"Rental debt","doc_count":1}]}},{"key":"Checking or savings account","doc_count":20,"sub_product.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Checking account","doc_count":17},{"key":"Savings account","doc_count":2},{"key":"Other banking product or service","doc_count":1}]}},{"key":"Credit card","doc_count":12,"sub_product.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"General-purpose credit card or charge card","doc_count":11},{"key":"Store credit card","doc_count":1}]}},{"key":"Money transfer, virtual currency, or money service","doc_count":8,"sub_product.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Domestic (US) money transfer","doc_count":3},{"key":"Mobile or digital wallet","doc_count":2},{"key":"Virtual currency","doc_count":2},{"key":"Check cashing service","doc_count":1}]}},{"key":"Vehicle loan or lease","doc_count":8,"sub_product.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Loan","doc_count":8}]}},{"key":"Mortgage","doc_count":5,"sub_product.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"VA mortgage","doc_count":4},{"key":"FHA mortgage","doc_count":1}]}},{"key":"Student loan","doc_count":4,"sub_product.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Federal student loan servicing","doc_count":3},{"key":"Private student loan","doc_count":1}]}},{"key":"Credit card or prepaid card","doc_count":3,"sub_product.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"General-purpose credit card or charge card","doc_count":2},{"key":"General-purpose prepaid card","doc_count":1}]}},{"key":"Prepaid card","doc_count":2,"sub_product.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"General-purpose prepaid card","doc_count":1},{"key":"Government benefit card","doc_count":1}]}},{"key":"Payday loan, title loan, or personal loan","doc_count":1,"sub_product.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Installment loan","doc_count":1}]}},{"key":"Payday loan, title loan, personal loan, or advance loan","doc_count":1,"sub_product.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Personal line of credit","doc_count":1}]}}]}},"issue":{"doc_count":661,"issue":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Improper use of your report","doc_count":283,"sub_issue.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Reporting company used your report improperly","doc_count":264},{"key":"Credit inquiries on your report that you don't recognize","doc_count":18},{"key":"Report provided to employer without your written authorization","doc_count":1}]}},{"key":"Problem with a company's investigation into an existing problem","doc_count":141,"sub_issue.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Their investigation did not fix an error on your report","doc_count":122},{"key":"Investigation took more than 30 days","doc_count":14},{"key":"Problem with personal statement of dispute","doc_count":3},{"key":"Difficulty submitting a dispute or getting information about a dispute over the phone","doc_count":1},{"key":"Was not notified of investigation status or results","doc_count":1}]}},{"key":"Incorrect information on your report","doc_count":114,"sub_issue.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Account status incorrect","doc_count":51},{"key":"Account information incorrect","doc_count":30},{"key":"Personal information incorrect","doc_count":26},{"key":"Information belongs to someone else","doc_count":5},{"key":"Information is incorrect","doc_count":1},{"key":"Old information reappears or never goes away","doc_count":1}]}},{"key":"Problem with a credit reporting company's investigation into an existing problem","doc_count":19,"sub_issue.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Their investigation did not fix an error on your report","doc_count":18},{"key":"Difficulty submitting a dispute or getting information about a dispute over the phone","doc_count":1}]}},{"key":"Attempts to collect debt not owed","doc_count":17,"sub_issue.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Debt is not yours","doc_count":8},{"key":"Debt was result of identity theft","doc_count":8},{"key":"Debt was already discharged in bankruptcy and is no longer owed","doc_count":1}]}},{"key":"Written notification about debt","doc_count":16,"sub_issue.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Didn't receive notice of right to dispute","doc_count":11},{"key":"Didn't receive enough information to verify debt","doc_count":5}]}},{"key":"Managing an account","doc_count":13,"sub_issue.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Funds not handled or disbursed as instructed","doc_count":4},{"key":"Problem using a debit or ATM card","doc_count":4},{"key":"Deposits and withdrawals","doc_count":3},{"key":"Banking errors","doc_count":1},{"key":"Cashing a check","doc_count":1}]}},{"key":"Credit monitoring or identity theft protection services","doc_count":6,"sub_issue.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Billing dispute for services","doc_count":4},{"key":"Problem canceling credit monitoring or identify theft protection service","doc_count":2}]}},{"key":"Other features, terms, or problems","doc_count":6,"sub_issue.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Privacy issues","doc_count":5},{"key":"Other problem","doc_count":1}]}},{"key":"Closing on a mortgage","doc_count":4,"sub_issue.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[]}},{"key":"Dealing with your lender or servicer","doc_count":4,"sub_issue.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Received bad information about your loan","doc_count":3},{"key":"Trouble with how payments are being handled","doc_count":1}]}},{"key":"Fraud or scam","doc_count":4,"sub_issue.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[]}},{"key":"Repossession","doc_count":4,"sub_issue.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Lender trying to repossess or disable the vehicle","doc_count":2},{"key":"Notice to repossess","doc_count":1},{"key":"Voluntary repossession","doc_count":1}]}},{"key":"Other transaction problem","doc_count":3,"sub_issue.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[]}},{"key":"Problem caused by your funds being low","doc_count":3,"sub_issue.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Overdrafts and overdraft fees","doc_count":2},{"key":"Late or other fees","doc_count":1}]}},{"key":"Problem with a purchase or transfer","doc_count":3,"sub_issue.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Card company isn't resolving a dispute about a purchase or transfer","doc_count":2},{"key":"Charged for a purchase or transfer you did not make with the card","doc_count":1}]}},{"key":"Took or threatened to take negative or legal action","doc_count":3,"sub_issue.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Threatened or suggested your credit would be damaged","doc_count":2},{"key":"Seized or attempted to seize your property","doc_count":1}]}},{"key":"Getting a credit card","doc_count":2,"sub_issue.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Application denied","doc_count":1},{"key":"Delay in processing application","doc_count":1}]}},{"key":"Getting a loan or lease","doc_count":2,"sub_issue.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Credit denial","doc_count":1},{"key":"Loan opened without my consent or knowledge","doc_count":1}]}},{"key":"Managing the loan or lease","doc_count":2,"sub_issue.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Billing problem","doc_count":1},{"key":"Loan sold or transferred to another company","doc_count":1}]}},{"key":"Problem with a lender or other company charging your account","doc_count":2,"sub_issue.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Transaction was not authorized","doc_count":2}]}},{"key":"Closing an account","doc_count":1,"sub_issue.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Funds not received from closed account","doc_count":1}]}},{"key":"Closing your account","doc_count":1,"sub_issue.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Company closed your account","doc_count":1}]}},{"key":"Communication tactics","doc_count":1,"sub_issue.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Frequent or repeated calls","doc_count":1}]}},{"key":"Electronic communications","doc_count":1,"sub_issue.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"You told them to stop contacting you, but they keep trying","doc_count":1}]}},{"key":"Opening an account","doc_count":1,"sub_issue.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Unable to open an account","doc_count":1}]}},{"key":"Problem when making payments","doc_count":1,"sub_issue.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[]}},{"key":"Problem with a purchase shown on your statement","doc_count":1,"sub_issue.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Card was charged for something you did not purchase with the card","doc_count":1}]}},{"key":"Problem with the payoff process at the end of the loan","doc_count":1,"sub_issue.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[]}},{"key":"Trouble accessing funds in your mobile or digital wallet","doc_count":1,"sub_issue.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[]}},{"key":"Trouble during payment process","doc_count":1,"sub_issue.raw":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[]}}]}},"timely":{"doc_count":661,"timely":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Yes","doc_count":659},{"key":"No","doc_count":2}]}},"company_response":{"doc_count":661,"company_response":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Closed with explanation","doc_count":405},{"key":"Closed with non-monetary relief","doc_count":250},{"key":"Closed with monetary relief","doc_count":6}]}},"submitted_via":{"doc_count":661,"submitted_via":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Web","doc_count":661}]}},"company":{"doc_count":661,"company":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Experian Information Solutions Inc.","doc_count":167},{"key":"TRANSUNION INTERMEDIATE HOLDINGS, INC.","doc_count":149},{"key":"EQUIFAX, INC.","doc_count":137},{"key":"CAPITAL ONE FINANCIAL CORPORATION","doc_count":17},{"key":"BANK OF AMERICA, NATIONAL ASSOCIATION","doc_count":13},{"key":"JPMORGAN CHASE & CO.","doc_count":10},{"key":"LEXISNEXIS","doc_count":9},{"key":"Resurgent Capital Services L.P.","doc_count":8},{"key":"WELLS FARGO & COMPANY","doc_count":7},{"key":"CBC Companies, Inc.","doc_count":6},{"key":"SYNCHRONY FINANCIAL","doc_count":6},{"key":"Block, Inc.","doc_count":5},{"key":"CITIBANK, N.A.","doc_count":5},{"key":"DISCOVER BANK","doc_count":5},{"key":"NAVY FEDERAL CREDIT UNION","doc_count":5},{"key":"ALLY FINANCIAL INC.","doc_count":4},{"key":"GOLDMAN SACHS BANK USA","doc_count":4},{"key":"ID Analytics, Inc.","doc_count":4},{"key":"Portfolio Recovery Associates, LLC","doc_count":4},{"key":"AMERICAN EXPRESS COMPANY","doc_count":3},{"key":"Bread Financial Holdings, Inc.","doc_count":3},{"key":"ENCORE CAPITAL GROUP INC.","doc_count":3},{"key":"Early Warning Services, LLC","doc_count":3},{"key":"Nelnet, Inc.","doc_count":3},{"key":"TRUIST FINANCIAL CORPORATION","doc_count":3},{"key":"U.S. BANCORP","doc_count":3},{"key":"UNITED SERVICES AUTOMOBILE ASSOCIATION","doc_count":3},{"key":"AES/PHEAA","doc_count":2},{"key":"BARCLAYS BANK DELAWARE","doc_count":2},{"key":"Bridgecrest Acceptance Corporation","doc_count":2},{"key":"Fidelity National Information Services, Inc. (FNIS)","doc_count":2},{"key":"Maximus Federal Services, Inc.","doc_count":2},{"key":"Mercedes Benz Financial Services","doc_count":2},{"key":"Paypal Holdings, Inc","doc_count":2},{"key":"Self Financial Inc.","doc_count":2},{"key":"Source Receivables Management LLC","doc_count":2},{"key":"TD BANK US HOLDING COMPANY","doc_count":2},{"key":"Westlake Services, LLC","doc_count":2},{"key":"ADP Inc.","doc_count":1},{"key":"Advanced Resolution Services Inc.","doc_count":1},{"key":"Affirm Holdings, Inc","doc_count":1},{"key":"Alorica Inc.","doc_count":1},{"key":"Apelles, LLC","doc_count":1},{"key":"Avant Holding Company, Inc.","doc_count":1},{"key":"BANK OF NEW YORK MELLON CORPORATION, THE","doc_count":1},{"key":"CAINE & WEINER COMPANY, INC.","doc_count":1},{"key":"CAVALRY INVESTMENTS, LLC","doc_count":1},{"key":"CNG HOLDINGS INC","doc_count":1},{"key":"Capio Partners, LLC","doc_count":1},{"key":"CarMax, Inc.","doc_count":1},{"key":"Carvana Group, LLC","doc_count":1},{"key":"Chime Financial Inc","doc_count":1},{"key":"Clark County Collection Service","doc_count":1},{"key":"Comerica","doc_count":1},{"key":"Continental Finance Company, LLC","doc_count":1},{"key":"Credit International Corporation","doc_count":1},{"key":"DigniFi","doc_count":1},{"key":"EdFinancial Services","doc_count":1},{"key":"Exeter Finance, LLC.","doc_count":1},{"key":"Flagstar Bank, N.A.","doc_count":1},{"key":"GUARANTEED RATE INC.","doc_count":1},{"key":"General Motors Financial Company, Inc.","doc_count":1},{"key":"Grain Technology, Inc.","doc_count":1},{"key":"HUNTINGTON NATIONAL BANK, THE","doc_count":1},{"key":"Harvard Collections, LLC","doc_count":1},{"key":"KEYCORP","doc_count":1},{"key":"Kansas Counselors, Inc.","doc_count":1},{"key":"Kinum, Inc., Indianapolis, IN Branch","doc_count":1},{"key":"Lendmark Financial Services","doc_count":1},{"key":"Lennar Financial Services, LLC","doc_count":1},{"key":"Lloyd & McDaniel, PLC","doc_count":1},{"key":"Mr. Cooper Group Inc.","doc_count":1},{"key":"NCB Management Services Inc.","doc_count":1},{"key":"National Account Systems of Omaha, LLC","doc_count":1},{"key":"PNC Bank N.A.","doc_count":1},{"key":"SANTANDER HOLDINGS USA, INC.","doc_count":1},{"key":"SMITH, ROUCHON & ASSOCIATES, INC.","doc_count":1},{"key":"Southwest Recovery Services, Inc.","doc_count":1},{"key":"Spring Oaks Capital, LLC","doc_count":1},{"key":"Suttell, Hammer & White, P.S","doc_count":1},{"key":"T.S. Holdings","doc_count":1},{"key":"TOYOTA MOTOR CREDIT CORPORATION","doc_count":1},{"key":"Tesla, Inc.","doc_count":1},{"key":"United Military Mortgage, LLC","doc_count":1},{"key":"United PanAm Financial Corp.","doc_count":1},{"key":"VW Credit","doc_count":1},{"key":"Village Capital & Investment LLC","doc_count":1},{"key":"Winklevoss Exchange LLC","doc_count":1}]}},"state":{"doc_count":661,"state":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"GA","doc_count":122},{"key":"CA","doc_count":83},{"key":"FL","doc_count":78},{"key":"TX","doc_count":52},{"key":"PA","doc_count":42},{"key":"NJ","doc_count":35},{"key":"NY","doc_count":35},{"key":"MI","doc_count":31},{"key":"IL","doc_count":30},{"key":"OH","doc_count":16},{"key":"VA","doc_count":15},{"key":"MO","doc_count":14},{"key":"NC","doc_count":14},{"key":"RI","doc_count":12},{"key":"AL","doc_count":10},{"key":"MD","doc_count":9},{"key":"NE","doc_count":8},{"key":"NV","doc_count":8},{"key":"HI","doc_count":6},{"key":"MS","doc_count":5},{"key":"KY","doc_count":4},{"key":"LA","doc_count":4},{"key":"WA","doc_count":4},{"key":"DE","doc_count":3},{"key":"ID","doc_count":3},{"key":"IN","doc_count":3},{"key":"SC","doc_count":3},{"key":"UT","doc_count":3},{"key":"WI","doc_count":3},{"key":"AZ","doc_count":2},{"key":"AR","doc_count":1},{"key":"DC","doc_count":1},{"key":"MA","doc_count":1},{"key":"WV","doc_count":1}]}},"company_public_response":{"doc_count":661,"company_public_response":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Company has responded to the consumer and the CFPB and chooses not to provide a public response","doc_count":362},{"key":"Company believes it acted appropriately as authorized by contract or law","doc_count":10}]}},"tags":{"doc_count":661,"tags":{"doc_count_error_upper_bound":0,"sum_other_doc_count":0,"buckets":[{"key":"Servicemember","doc_count":44},{"key":"Older American","doc_count":4}]}}},"_meta":{"license":"CC0","last_updated":"2026-07-14T12:00:00-05:00","last_indexed":"2026-07-14T12:00:00-05:00","total_record_count":16441818,"is_data_stale":false,"has_data_issue":false,"break_points":{"2":[13.733803,"6323242"],"3":[12.695221,"8077179"],"4":[12.053264,"8020546"],"5":[11.541689,"8159035"],"6":[10.861794,"7387189"],"7":[10.524666,"8017153"],"8":[9.919869,"8013567"]}}}