Officials of the credit monitoring site Credit Karma are blaming a “technical issue” for a data breach that exposed users’ credit and personal information to other site users.
Users began posting to Reddit and Twitter this week to point out the issue, saying when they logged into the site they were given access to other users’ credit files that contained personal information such as names, addresses, and credit scores and reports.
One Reddit user explained, “Okay so first time logging in it gave me my information, but as soon as I refreshed the screen it gave me someone else’s info. Refreshed again and bam – someone else’s info. It’s like roulette.”
Another Reddit user said when he logged in “each time I had full access to a different random person’s credit file. Extremely troubling.”
On Twitter, user @sweedie415 tweeted to Credit Karma, saying, “I am not Christie Dolwick, yet I had her entire address and credit history. I hope this finds her so she can take appropriate action. Now I’m concerned about my info.”
Credit Karma representatives said the issue exposing the incorrect users’ data has been fixed. They said about .5% of the site users have been affected and those users will be notified.