About Identity Monitoring – solbiZ

Use Identity Monitoring on Credit Karma to check if your personal information has been involved in a data breach.

Where does the breach information come from?
I’ve been notified that I was involved in a breach, what should I do next?
Why is my information associated with a website or service I’ve never been to?
What does this mean for the security of my Credit Karma account?
Why is Credit Karma doing this?

----

Where does the breach information come from?

Personal data that has been accessed without authorization typically by unknown individuals is often made public across the internet. By scanning billions of records from public data breaches and the dark web, Credit Karma has created a tool that runs searches for the email address associated with your Credit Karma account to tell you if your information was a part of a data breach.

I’ve been notified that I was involved in a breach, what should I do next?

If your personal info has been involved in a breach, you can take the following steps:

Change your passwords
Lock or freeze your credit reports
Review your financial accounts for suspicious activity
Request new credit cards or PIN numbers from your financial institution
File a report with the FTC

Why is my information associated with a website or service I’ve never been to?

When reviewing any data breaches you personal information has been involved in, you may notice that your information is associated with a website or service that you don’t recall visiting or signing up for. There are many possible reasons for this:

You forgot you signed up:

Most of us leave a large trail of accounts that we’ve signed up for over the years. It’s possible that you may have signed up for a service and forgotten about it as time goes by.

Websites often rename/re-brand or merge with other websites:

Companies are constantly adjusting their branding strategies, so there is a chance that the breach is connected to a company you are familiar with that has changed its name. Companies may also buy or merge with other companies. While it’s pretty rare that an acquisition or merger would lead to the exposure of your personal information, it is a possibility.

Other people can accidentally sign you up:

People often “fat-finger” (i.e., mistype) their email address when signing up for an online service. It’s possible that your email address was entered by mistake.

Your data was either sold or redistributed. It’s typical for websites to buy and redistribute data from other companies. As a result, it’s possible that:

Your information was shared with your permission (by accepting their privacy policy);
Your information was accessed by someone without your permission;
Or, your information was involved in a breach of a data aggregator. Data aggregator companies take information from public sources on the web and sell it to other companies.

Learn more about what it means if you were involved in a “Not Disclosed” breach.

What does this mean for the security of my Credit Karma account?

An Identity Monitoring result shows that your personal information has been exposed online related to a data breach of another company - not Credit Karma..

We recommend changing the compromised passwords wherever you used them. Reusing a password that has been exposed in a data breach can make it easier for unauthorized users to access any other account that uses that password. Learn more about strong passwords.

Credit Karma takes your security very seriously. To find out more about how we protect your account information, please visit our Security Practices.

Why is Credit Karma doing this?

Credit Karma wants to help you make real, meaningful financial progress, and Identity Monitoring is a huge part of that. Identity fraud can lead to significant financial consequences for victims. Fraudsters who have obtained your personal information can use your identity to open unauthorized accounts, take out loans, and more.