Skip to content


Despite Rampant Hacking & Identity Theft, Consumers Aren’t Notified When Access To Their Credit Is Requested To Create A New Account; Instead, Most Find Out Only When Their Credit Is Drained Or Their Score Has Tanked, Costing Them Dearly   

Schumer’s Push Would Mean Credit Bureaus Must Notify Consumers The Moment Access To Their Credit Is Requested; Just Last Week, NYC Hospital Employees Sold Patient Info That Enabled Instant Access To Victims’ Credit

Schumer: A Person’s Credit Is The Holy Grail Of Their Financial Identity & The Credit Bureaus Should Notify Consumers The Moment A Credit Inquiry Occurs  

In light of major security breaches and rampant identity theft across the country, and recent data breaches within the government and even at a New York City hospital this past week, U.S. Senator Charles E. Schumer today announced a new plan that directs the three national credit reporting agencies to implement a ‘credit inquiry alert’ that would immediately notify consumers whenever access to their credit is requested—alerting them to when someone tries to open a new line of credit or a new account in their name, using their personal information. Schumer called on the three credit bureau agencies of Experian, Equifax and Transunion to set up a simple, easily accessible notification system that would alert consumers whenever access to their credit is requested.

Schumer said that this will better protect consumers from falling victim to one of the most common ways identity thieves steal from consumers—by gaining access to their credit. Schumer’s plan would allow consumers—for the first time ever—to receive an instant notification from a credit bureau that would allow a consumer to freeze their credit at the moment unauthorized access to their credit is requested; before new purchases are made or before access to credit turns into costly fraud. Schumer detailed how hackers and ID thieves drain credit, and thereby lower the credit scores of consumers, along with how he planned to get the credit bureaus to implement these ‘credit inquiry alerts’ on behalf of the public. Schumer added, the two major ways hackers drain the credit and lower the credit score of a consumer is by opening a line of credit in one’s name or setting up an entirely new account, unknown to the consumer.   

“Despite widespread hacking and identity theft across the country, consumers are not notified when access to their credit is requested to create a new account. Instead, consumers are often in the dark until their credit is drained or their credit score has tanked,” said Senator Schumer. “So, today I’m urging the three national credit reporting bureaus: Experian, Equifax and Transunion to set up a simple, easily-accessible voluntary system that would notify consumers anytime their credit is checked or accessed to open a new account or establish a line of credit to buy a car, rent a home, or worse. A ‘credit inquiry alert’ would instantly notify consumers—by phone or by email--- every time there is an authorized or unauthorized query on their credit file. Simply put, a “credit inquiry alert” would give consumers a heads up to freeze his or her credit and put a halt to the problematic, and possibly fraudulent activity, before it’s too late.”

Schumer pointed to a number of cyber hackings in the U.S. that involved personally identifiable information, including Social Security numbers. For instance, the federal Office of Personnel Management was hacked into in December. The files contained personal data on over 4 million current and former federal employees and included birthdates, addresses, pension information, and possibly Social Security numbers. The hacking was much deeper than originally suspected and may also contain the Social Security numbers of spouses, partners and other family members, according to reports. In addition, there was a cyber-breach at the IRS, which included the tax returns of over 100,000 individuals. Even locally, an employee at Montefiore Medical Center in the Bronx stole the personal information of more than 12,500 patients and sold the data to an identity theft ring. The records included Social Security numbers, credit card numbers, birth dates and more. Schumer said that these are just a few of the most recent security breaches that have occurred in New York and across the country.

Schumer explained that, despite rampant hacking and identity theft, consumers are not currently notified about credit inquiries. Credit inquiries are instances in which a person’s credit is checked or verified. For instance, inquiries may occur when an individual is applying for a loan, credit card or mortgage; credit inquiries may also occur when one is looking to sign up for cable, buy a car, or  rent an apartment. Schumer today said that because there is no immediate notification when credit inquiries are made, consumers may not be aware that criminals have stolen their personal information and accessed their credit until it is too late and their credit score has already tanked. Right now, consumers can set up notifications on their credit cards so that they know when their credit card is used; consumers can also set up notifications on their e-mail accounts to let them know when their account is accessed from a new computer. However, no such notification exists for credit inquiries.

Schumer today wrote to the three national credit reporting bureaus: Experian, Equifax and Transunion, and called for a simple, easily accessible service to help better protect the credit of Americans who may be victims of identity theft. Specifically, Schumer is calling for the credit reporting bureaus to provide a voluntary ‘credit inquiry alert.’ In his letter, Schumer urged the credit reporting bureaus to set up a notification system that would notify individuals any time access to their credit is requested. Schumer explained that, right now, individuals should know when they have or have not authorized a query on their credit file. An instant credit inquiry alert would allow a consumer to freeze his credit and put a halt to the problematic, possibly fraudulent activity, before it is too late.  Schumer said the credit inquiry alert could be via e-mail or phone.

Schumer’s letter to Brian Cassin, CEO of Experian; Rick Smith, Chairman and CEO of Equifax; and James M. Peck, CEO, of Transunion appears below:

Dear Messrs. Cassin, Smith, and Peck,

As you are well aware, theft of Americans' most personal, sensitive data has become disturbingly commonplace.  The recently-reported hack of the Office of Personnel Management, which targeted millions of federal employees, is a large-scale version of what is taking place every day in smaller, less visible ways.  We don't always know what hackers have planned for the data, but we know what they can do with it - use it to assume the identity and wreak havoc on the credit and finances of innocent Americans.

The most frightening thing to many people is that they have no idea whether they have been the victim of an attack until it’s too late.  Too many people have faced the reality of learning that someone else has opened new lines of credit in their names only once their score has already been run into the ground.

Your companies, the three national credit reporting bureaus, hold enormous power over American citizens by developing our credit files and scores.  I appreciate that you have a shared interest in preventing fraud and protecting people's identities, and I know you already provide various services to help accomplish that goal.  However, I believe you need to do more.

Today, I am asking that you consider one simple, additional mechanism so that people can be aware of whether their identity and credit is potentially being used for nefarious purposes.  You should set up an easily accessible mechanism to notify an individual instantly (by email or phone) any time his credit file is queried, and allow individuals to voluntarily sign-up for this service. Consumers already can set up similar notifications on their credit cards or even their email accounts through which they receive an email anytime their card is used or their account is accessed by a new computer.  The analogous service should be available for credit files.

Individuals know when they have authorized a query of their credit file, for example when they apply for a new loan or to rent an apartment.  Therefore, they will also know if a query of their file is not authorized, and therefore a likely sign of criminal activity.  Such notification will allow a consumer to freeze his credit and put a halt to the problematic behavior before it is too late.

I believe this simple, easy voluntary service is consistent with your responsibility to protect the valuable information you control.  If you are not willing to take it independently, however, I will work with the relevant regulators at the Consumer Financial Protection Bureau, copied here, to mandate its adoption, or I will pursue legislation if necessary.

I look forward to working with you to ensure that Americans are protected as best they can be from the damage that can be done by identity thieves.


U.S. Senator Charles E. Schumer