Update: Credit Karma is now stating that the issue has been fixed. Full statement below:
Trust and safety is very important at Credit Karma and when something unforeseen happens related to our platform, we take it very seriously, take action and alert our members when necessary.
What our members experienced this morning was a technical malfunction that has now been fixed. There is no evidence of a data breach.
Credit Karma has multiple layers of defense in place that provide rigorous controls and protections to safeguard members’ personal information. Additionally, we use 128-bit or higher encryption to protect during the transmission of data to our site and encrypt data at rest.
I think it’s a bit disingenuous to say that there was no evidence of a data breach when the definition of a data breach is ‘A data breach is a security incident in which information is accessed without authorization.’ which is exactly what happened here.
Original post: In an apparent glitch, Credit Karma is showing your credit information to other people and other people’s credit information to you. When you login and refresh, you’ll continuously see other people’s credit information, scores, bankruptcty, etc.
Based on prior experience, it’s advisable NOT TO LOGIN INTO YOUR CREDIT KARMA since it’s possible that this is a cookie issue which causes your information to be shared with others. Of course that might have nothing to do with it, but as a precaution I’m avoiding checking mine.
Reports are that it’s affecting mobile, possibly not affecting computer, but it’s worth waiting this one out. Update: Affecting desktop as well.
Hat tip to u/Lontoron
View Comments (64)
New high interest bank account offering: Credit Karma launches high-yield savings account that earns over 20x the average
2.03%
Just deactivated my account. If they can't own up to their security breach, they're not getting my business.
What's a Credit Karma? Is this something I should join?
FWIW Swagbucks (for me at least) has a 200 point offer ($2) for signing up for Credit Karma.
Yeah. probably good if you're signing up for cc bonuses to check your credit score every now and then. I would just sign up for access even though you can get the same information elsewhere as my father had identity stolen and the person sign up for CK under his name Owning your own account probably will be easier in the future if you ever run into a dispute situation.
Yes, I just experienced it. I keep up with my credit and to my horror when I logged in it said I had almost $200,000 worth of credit card debt with several different cards I've never even heard of. I called support and it was just a glitch that was fixed within minutes of my call.
How were you able to call? I only see email ways for support?
A more full statement was sent to my email from Credit Karma when I reached out to their PR team, which seems like BS, they seem to think as long as they didn't link social security numbers it's not a "breach" rather a "technical issue":
"We believe today's technical issue has now been fixed. It affected less than 0.5% of our members. We have confirmed that no social security numbers or individual account numbers were exposed. A very limited number of people were able to see incorrect credit scores and credit factors. We are investigating an even smaller number of instances, around 1,000-2,000, where personally identifiable information could have been exposed, and if confirmed we will of course notify any affected individuals as soon as possible. If members are concerned or see any information that's not theirs, we ask that they reach out to us immediately. We take security very seriously, and we apologize for the issue and the concern this has caused our members."
And yet everyone who tried to check it saw it. So yeah 0.5% sure.
Is it bad that their home page's "See My Scores" button has been replaced with a "See Someone's Scores" button? And the "We treat your data as if it was our own" text has been replaced with "We treat your data like West Virginians treat their sisters on their honeymoon" text? Doesn't give me a good vibe.
Just had this happen today...it’s not fixed yet.
I rarely login to CK but seeing "DO NOT CHECK" makes my hand so itchy to login and see if I'm seeing something
Good. It's good excuse to push off your bankruptcy on someone else.
F me. I just happened to sign in around the time this post came out. Ugh. Hope no one else saw my info.
Are you the Doug with score around 784 and a citi card opened sometime in June? Definitely saw your info.