Privacy Hacks May Hurt Your Credit + You Won! Can You Hide?

Money News & Moves: Security fails routinely expose your personal financial info. And you can't even buy privacy.
Hal M. Bundrick, CFP®
By Hal M. Bundrick, CFP® 
Edited by Kathy Hinson

Many or all of the products featured here are from our partners who compensate us. This influences which products we write about and where and how the product appears on a page. However, this does not influence our evaluations. Our opinions are our own. Here is a list of our partners and here's how we make money.

MORE LIKE THISPersonal Finance

Privacy seems to be an increasingly rare commodity. How often do we hear about security breaches that reveal our personal information to some bad actor somewhere? It feels as if it's almost daily. 

LastPass, the password security app (ironically enough), Chick-fil-A and Twitter have all recently (like in the past couple of weeks or so) had security fails.

And even if you win a billion-dollar lottery, only a few states allow you to remain anonymous. You can't even buy privacy, it seems.

Big money = little privacy

Let's say you just won a bazillion-dollar lottery, and everyone has to know about it. Yeah, sure, you'll want to share the exciting news with your family and friends (yes?). But telling the world? Yikes.

In most states, you can't claim that jackpot anonymously.

The rules vary according to the prevailing laws in each state. Though the landscape often changes, at last count, only about a dozen states allow you to remain anonymous. Arizona, Delaware, Georgia, Kansas, Maryland, New Jersey, North Dakota, Ohio, South Carolina, Texas and Virginia are among those that give you the option to keep the big news to yourself.

Just about every other state requires some kind of identity reveal for big winners. In California, state laws require releasing a winner's full name and where they bought the ticket. That may be why a $2 billion Powerball ticket winner from November has yet to come forward.

Some states will allow you to set up a trust to accept the payout, which can add a layer of privacy.

So, if you win the lottery, check your state laws to find out whether you'll have to wear a disguise and change your name after you cash in. Or, you could snag the cash and move to Pitcairn Island in the South Pacific. Said to be one of the most secluded areas in the world, the island is home to only about 50 people — but there's high-speed internet.

You'll have to fly in all of your friends, family and food, but hey, for you, Big Winner, cost is no object.

Nerd out on investing news
A NerdWallet account is the smartest way to see the latest financial news and what it means for your wallet.
NerdWallet News

Your credit report for all to see

OK, so that's the fun dream-of-winning-the-lottery privacy angle. A much more pressing privacy concern is linked to your credit score. 

A flaw in the website of Experian, one of the three major credit reporting companies, has recently been reported. According to Brian Krebs, a computer security reporter and blogger, identity thieves had been retrieving the credit reports of an unknown number of consumers.

Apparently, a glitch allowed anyone to bypass the usual security measures and access a consumer's report. All that was needed was a person's name, address, birthday and Social Security number — items often found on the dark web for a price.

This month, the Consumer Financial Protection Bureau released an analysis of nearly half a million consumer complaints involving credit reporting bureaus — that’s Experian as well as Equifax and TransUnion. CFPB Director Rohit Chopra said the credit bureaus "routinely top the list of complaints submitted by consumers," but the report also called out improvements in the way complaints are handled and the frequency of relief provided to consumers. 

The bureau said the three credit reporting agencies must continue working to improve compliance with consumer financial protection laws and serve consumers better. "We will be exploring new rules to ensure that they are following the law rather than cutting corners to fuel their profit model," Chopra added.

Last year, the CFPB reported that the credit reporting companies had "often allowed their processes to be used to coerce individuals to pay medical bills they may not even owe."

The CFPB said that once medical bills were placed in collections and submitted to credit reporting agencies, consumers saw their credit scores fall. The lower scores became "weapons" collectors could use against people to force payment. Some people were so frustrated that they simply gave in and paid, whether the amount was owed or not. They were desperate to make the collection hassles end and protect their credit from further damage.

This year, credit bureaus will stop reporting medical debt collections under $500, and changes to credit scoring models will reduce the credit score impact of unpaid medical debt.

False 'junk data' on credit reports

In the recently reported Experian credit report access hack, security reporter Krebs said that when he accessed his report using the security glitch criminals used, he found his credit report contained "so many errors that it's probably going to take a good deal of effort on my part to straighten out."

In an October statement, the CFPB noted the prevalence of "obviously false 'junk data'" in consumer credit reports. An example included the accusation of someone "defaulting on a loan before they were born."

With recent breaches and security hacks in mind, you may want to:

  • Update the master password of your password manager app (or get one if you don't have one), and change the passwords of any important financial websites you access.

  • Request your credit file from, the government website that allows you to access your three credit reports for free. Look for errors, then report and correct them with the appropriate bureau.

  • Consider freezing your credit. And if you previously had your credit frozen, make sure it still is.