HI there
Has anyone else been contracted by TBC regarding their personal data.
I must be right on the cusp of data holding laws as I don’t think I have worked for them for six years (?).
A link to use Experian Identity Plus for a year is provided, however having registered I find myself on the most basic free for anyone service. I have today emailed Experian to complain, TBC to follow.
Mods: am I free to discuss this? It’s quite a can of worms for the SWS Group (TBC parent co).
What exactly are you complaining about? I don’t really follow your complaint.
Are you complaining it’s only a free basic account?
Are you complaining about having to sign up to this service?
Sent from my CPH2173 using Tapatalk
If it’s…
About The Best Connection, it’ll probably be a complaint.
TBC have been subject to a ransomware attack which has resulted in staff details being stolen, things like copies of ID, NI Number, email, phone, bank details etc…etc. Basically, if you have done any work for them within the last 6 years is it (?), your personal data may have been stolen. The email from TBC recommended actions like changing your passport and driving licence.
The icing on the cake for me was, having tried my best to see that this wasn’t another scam, I used to link provided to access a years free use of Experian Credit Identity Plus, only to find it was a bog standard free service anyone can use. This is probably an admin ■■■■ up.
I wanted to see if anyone else has had a similar experience, both with the initial email from TBC and subsequent access link to Experian.
Data being accessed is something that does happen by hackers.
It does not automatically mean the company is liable for it. They are by law forced to inform all parties of any data held if any security breaches have been identified. It does not mean you data has been compromised in a lot of cases.
They have given you a link to Experian free identity plus service so you can monitor your personal details for leaks.
There is always a risk of personal data being stolen by hackers from just about everywhere you use online and even offline if they store documents electronically.
Sent from my CPH2173 using Tapatalk
yourhavingalarf:
If it’s…About The Best Connection, it’ll probably be a complaint.
That’s true as is any thread about an agency usually.
Sent from my CPH2173 using Tapatalk
simcor:
yourhavingalarf:
If it’s…About The Best Connection, it’ll probably be a complaint.
That’s true as is any thread about an agency usually.
Sent from my CPH2173 using Tapatalk
Fair comment…
I have a particular dislike of TBC. After submitting invoices to them which initially weren’t honoured and then when they did pay up it was (surprise surprise) short. Every payment subsequently was incorrect because it always discounted the corrected amount. After months of emails and phone calls with the local office, I called the head office in Brum and finally got through to their head of finance. He, without a quiver in his voice said, ‘the office I was dealing with had a new finance team and you couldn’t expect them to get everything right immediately’. I kid you not.
I took what I could and pulled the plug on them. Only to be harassed for weeks with ‘how’s my star driver?’ phone calls.
cheersdrive:
A link to use Experian Identity Plus for a year is provided, however having registered I find myself on the most basic free for anyone service. I have today emailed Experian to complain, TBC to follow.
What are you going complain about? Why is it going to be a can of worms? They’re required to retain data on employees for up to 6 years. Under data protection regulations they’ve suffered a data breach which they’re legally required to inform ICO about as well as everyone affected which given the fact you’ve been given a free Experian Indentity Plus account suggests they have. The advanced once doesn’t offer anything that would be of any use in regards to checking whether someone is using your personal data. The advanced one is basically a marketing tool that Experian use to market credit cards and loans to get you to sign up and they get commission from if you go through them and they convince you to pay a monthly fee for that privilege.
ICO will take a look at the case and decide if there are any penalties to be levied or compensation to be claimed.
Blimey, I may be from Devon but I’m not a complete country bumpkin.
I am aware that hacking happens and it’s a pain when it affects you. I know I’m not going to spontaneously combust. I have requested clarification of when I last worked for TBC as it may have been over 6 years ago.
I really needed to know I’m not subject to another clever scam, it happens. That is why I’m asking the question.
The link to an Experian account should be a paid one (and yes I do know how they operate) that monitors your activity every day, not put out a monthly round up. That is my understanding. I am requesting clarification. Again, it would be nice to know if others can shed more light on this rather than make me feel like it’s my fault, or I’m just being a stupid drama queen.
It’s a can of worms as lots of drivers on here use TBC and it makes them look bad. I got the impression during a call to a local branch (the head office line was permanently engaged) that the email may have door dropped a bit early, I could be wrong.
Complaint is a strong word, but sometimes you have to go through this channel as some firms make it nigh on impossible to talk to a human over the phone. I’m using it as a generic term. I would have let it go had the link provided not taken you to an account which is clearly free to all and not the paid one I was informed it would be. It would have been useful for me to know if others had a different experience.
Have you considered the following?
Personal Data has been stolen en masse.
The new “Owners” of that data, now set up a website with it, reflecting what at the time is accurate information based on the data stolen.
The fraudulant website - then sends emails out, inviting people to “correct mistakes”.
The info is only what you already know - Eg. the stolen info about yourself, with no info about your real credit rating with “Experion”, because the site “linked” - actually has no access to experion itself, it just calls itself that to lull you into a false sense of security.
This “Fake Website” then goes through the following with you, the reeled-in “scam victim” who was actually scammed - the moment they hit the link to what they thought was the “Experion” website.
You are invited to change your password, which then gives the site access to your real, updated passwords for other sites.
You might even be daft enough to give them your bank passwords in request, as they already know, and have reflected back to you - your bank, sort code, address info etc.
THIS is the scam!!!
Whilst there IS a real outfit called “Experion” - it is a fantastic “Cover Front” for any would-be hacker in possession of fresh, but fast going-out-of-date data to glean both more data out of the “Mug” who hits that link, and verify the data they already have on you…
You can have a similar experience with a dodgy cash machine “front”;
You insert your card, it invites you to type in your PIN, and you do. It gives you your balance, and then says the machine cannot dispense money, because there is a fault.
Congratulations! - Your card and pin number have just both been harvested, and a new cloned card can be made on 3-d Printer to empty your account.
You, meanwhile - didn’t even realize you’ve been scammed!
It is night time, and you need fuel.
You pull up at a well-known chain of night pay forecourts, fill up at the island as usual, and go to “night pay” to profer either your own personal card, or the company card if you’re in the truck you’re driving…
As you pass your card under the “Pay Well”, there is a little camara resembling the one that looks downwards at the road ahead in your cab, looking down into the “Pay Well”. Maybe it is a more subtle camera, in what looks like a nearby “Pen” for example, or even what looks like a “Vaper” about a foot away from the pay well…
Congratulations! - Your card and BACK NUMBER have just been harvested, and a new cloned card can be made on 3-d printer to empty your account, but this time only on INTERNET and SWIPE transactions with that card. - the transactions where you are requested to put the 3-digit number on the back in, for “Authorization”… If your card is “Swipe” rather than “Chip and Pin” - then the PIN isn’t requested before the money gets taken out of your account, so the “Harvesters” - don’t need it in the first place.
If it is the fuel card proferred, then a massive database of “company fuel cards” is then built up, which can be dipped into en-mass by the organized criminals that run these schemes, with the “Company” not suspecting a thing, because the transactions put through are typically around the £40 mark, rather than suspiciously high amounts that would get anyone’s attention at company fuel card admin stage…
Congratulations! - You’re aiding and abetting money laundering on an industrial scale as an unsuspecting “Mule”.
Even your Haulage Yard are in on it, without realizing of course, as they helpfully write the PIN number (if any) on the fuel card - do they not■■?
Staff at the forecourt are probably NOT “In on it”, but if they ARE - then they might invite you to put “other stuff” on a fuel card transaction, which they nicely offer to “not itemize” at the billing point… That’s outright fraud, so don’t be tempted there folks, to stock up on road maps, latte coffees, choc bars, and emergency triangles…
Note that I don’t add the caveat here “Conspiracy Theory” btw…
The final part of the “Scam” common to all three of the above - is that “money isn’t taken straight away”…
Why not?
If you were even suspicious of the fact you may have been scammed - what is the first thing you’ll be doing?
Checking your next bank statement for one.
Nothing amiss, you quickly forget that anything untoward happened that other night…
Then, months later - a transaction for £39.44 goes out of your account for “Fuel”.
You don’t think anything of it, as where and when you fueled - is a distant memory by this point.
A month after that, a transaction for £29.99 goes out of your account for “Amazon”
Again, you don’t think anything of it - as you do buy things on amazon from time to time.
Three months later, a transaction for £25.00 on “Ebay” goes out…
Hold on a minute - You don’t have an Ebay account, let alone have not done any transactions AT ALL on EBay…
NOW you start to get suspicious, and you change your card and PIN straight away. This prevents further “Bleeds” of your cash out of your account, and IS the right thing to do when you finally realize you’re being “skimmed” every month in this way.
The bank won’t be refunding your money already lost though, and no criminal ever even gets a knock on the door by the police.
Fantastic racket - isn’t it?
Everything I’ve described above - is already endemic around this country, and beyond…
Oh dear someone has poked the bear.
Sent from my CPH2173 using Tapatalk
And for record Winseer it is a company called Experian not Experion.
Experian has been around for donkeys years as a credit reference agency.
Sent from my CPH2173 using Tapatalk
Ha ha, sorry simcor. I’m moving home on Friday and I might be a bit stressed.
Words can be taken the wrong way, something innocent may appear confrontational. That’s why most of the time I stay off forums.
cheersdrive:
Ha ha, sorry simcor. I’m moving home on Friday and I might be a bit stressed.Words can be taken the wrong way, something innocent may appear confrontational. That’s why most of the time I stay off forums.
Makes no odds to me pal. As I said I was confused as to what your complaint was about.
But I suggest everyone wears a tin foil hat from now on in this thread. As itl will go off topic very quickly and be some massive 99 page long conspiracy post now that you have poked the bear.
As mentioned your personal data may not even have been compromised.
If it is over 6 years they are unlikely to keep much other than your address and phone number and email, in reality they really should not keep anything over 6 years old if you have not worked for them in that time.
Sent from my CPH2173 using Tapatalk
If TBC have been hacked, are you sure the communication you got came from them and is genuine.
The different spellings of “Experian” - fit right in with what I’ve just told you, but of course - you’ll be more against listening to anything I’ve now warned you of, than being at least sensible in taking it into account when you go about your daily financial routines.
Weblinks in particular - are often slightly mis-spelled, especially banking or financial website ones!!
This isn’t about “Experian” or any random agency - it is about the data theft that OP mentions was from TBC…
Data Theft from large companies - tends to become a news scandal that closes the previously lucrative cash cow that it was prior to “getting made public”.
It is in the interests of the scammer therefore - that the company they stole the data from - keeps stumn about it.
Data Theft, I conclude - is the tip of the iceberg in that for every one company that soils it’s reputation by going public about “Data Theft”, there are 9 others that won’t even put a memo out, presenting a regular cash cow veritable FARM for that now criminal (imo) firm that goes onto aid and abet the Mules I mentioned above - in continuing their efforts, indefinitely.
And for reference to the OP.
Experian offers free basic accounts to anyone, if you want more info and more up to date info and extra services this is what they charge a fee for.
Nothing unusual in that as long as you have clicked a genuine link to Experian. Having. Said that I never click links even in genuine looking emails. I would always Google the site directly after checking the email has come from the email address it is supposed to have come from. Often if you click on the email address to show it, it will be random crap that has nothing to do with the person it is purported to be from.
Sent from my CPH2173 using Tapatalk
simcor:
cheersdrive:
Ha ha, sorry simcor. I’m moving home on Friday and I might be a bit stressed.Words can be taken the wrong way, something innocent may appear confrontational. That’s why most of the time I stay off forums.
Makes no odds to me pal. As I said I was confused as to what your complaint was about.
But I suggest everyone wears a tin foil hat from now on in this thread. As itl will go off topic very quickly and be some massive 99 page long conspiracy post now that you have poked the bear.
As mentioned your personal data may not even have been compromised.
If it is over 6 years they are unlikely to keep much other than your address and phone number and email, in reality they really should not keep anything over 6 years old if you have not worked for them in that time.
Sent from my CPH2173 using Tapatalk
The original company might discard personal data after 6 years, but once stolen - it is out there FOREVER.
It then becomes the individual’s task to render such data “out of date” by, for example - moving house.
Easier to achieve, is getting your bank cards cancelled, and re-issued requesting CHIP AND PIN replacements, rather than these “touch” technology things, that have now made an endemic crime into a pandemic one…
As it stands, if you drop your “touch” card on the street, someone picking it up can go straight to a self-checkout at a supermarket, get their photo taken at the unmanned checkout, and make off with around £30 of shopping - with no action taken, even if you wore a sign around your neck for the camera saying “I’m looting a random bank account here!”
The strength of these criminal gangs - is that the police take no action. even if you present them with evidence of a crime, ongoing crimes, and clear mugshots of the actual criminals… They’d be more likely to arrest you for “taking a picture without consent”, or “racism” if the perp happens to be non-white, or “nationalist racist ■■■■” if the perp IS white, but happens to be “Foreign”…
Winseer:
The different spellings of “Experian” - fit right in with what I’ve just told you, but of course - you’ll be more against listening to anything I’ve now warned you of, than being at least sensible in taking it into account when you go about your daily financial routines.Weblinks in particular - are often slightly mis-spelled, especially banking or financial website ones!!
This isn’t about “Experian” or any random agency - it is about the data theft that OP mentions was from TBC…
Data Theft from large companies - tends to become a news scandal that closes the previously lucrative cash cow that it was prior to “getting made public”.
It is in the interests of the scammer therefore - that the company they stole the data from - keeps stumn about it.Data Theft, I conclude - is the tip of the iceberg in that for every one company that soils it’s reputation by going public about “Data Theft”, there are 9 others that won’t even put a memo out, presenting a regular cash cow veritable FARM for that now criminal (imo) firm that goes onto aid and abet the Mules I mentioned above - in continuing their efforts, indefinitely.
Winseer I can assure you I know more about computers, Domain’s and websites and hacking of details than you probably do.
I am fully aware of everything you mentioned.
I keep my data as safe as is humanly possible, I check my credit reports regularly. I check my bank account regularly. I use lastpass password manager on my devices. I set up all accounts even useless ones with complex and secure passwords (as is possible) and never use the same password twice.
But even I had a fraudulent payment for apple.ie on my bank account and am very careful about who sees or has access to my card even in shops. My new bank card details are all on the back of the card which is also a new step banks are taking to combat information theft. And I did get a refund from my bank immediately when I raised this payment with them, I had never purchased an apple product from apple or at the time of owning this card or account had ever used it in Ireland.
I use Google pay as much as possible these days, as that just like Apple pay uses a virtual card number so the actual card number used is not linked to you.
So yes some of us are plenty savvy enough to know what goes on, how it goes on, steps to take to mitigate risk etc.
But thanks anyway.
Sent from my CPH2173 using Tapatalk
Winseer:
simcor:
cheersdrive:
Ha ha, sorry simcor. I’m moving home on Friday and I might be a bit stressed.Words can be taken the wrong way, something innocent may appear confrontational. That’s why most of the time I stay off forums.
Makes no odds to me pal. As I said I was confused as to what your complaint was about.
But I suggest everyone wears a tin foil hat from now on in this thread. As itl will go off topic very quickly and be some massive 99 page long conspiracy post now that you have poked the bear.
As mentioned your personal data may not even have been compromised.
If it is over 6 years they are unlikely to keep much other than your address and phone number and email, in reality they really should not keep anything over 6 years old if you have not worked for them in that time.
Sent from my CPH2173 using Tapatalk
The original company might discard personal data after 6 years, but once stolen - it is out there FOREVER.
It then becomes the individual’s task to render such data “out of date” by, for example - moving house.
Easier to achieve, is getting your bank cards cancelled, and re-issued requesting CHIP AND PIN replacements, rather than these “touch” technology things, that have now made an endemic crime into a pandemic one…
As it stands, if you drop your “touch” card on the street, someone picking it up can go straight to a self-checkout at a supermarket, get their photo taken at the unmanned checkout, and make off with around £30 of shopping - with no action taken, even if you wore a sign around your neck for the camera saying “I’m looting a random bank account here!”The strength of these criminal gangs - is that the police take no action. even if you present them with evidence of a crime, ongoing crimes, and clear mugshots of the actual criminals… They’d be more likely to arrest you for “taking a picture without consent”, or “racism” if the perp happens to be non-white, or “nationalist racist ■■■■” if the perp IS white, but happens to be “Foreign”…
Oh god here we go. Contactless is a bad dangerous thing. And then we go to random racism, and criminalisation.
Have you ever heard of RFID blocking wallets?
I use contactless all the time and have an RFID blocking wallet. But again as I said I much prefer to use Google pay on my phone as it offers extra protection.
Sent from my CPH2173 using Tapatalk