Skip to content

Credit agency scores a zero after blunder over twins

BY Rachel | 10 December, 2015 | no comments

WHEN Louise Geneen’s two-year fixed-rate mortgage was coming to an end, she was extremely surprised that her application for a new loan was turned down.

The university medical researcher had not missed any mortgage or credit card payments and assumed she had a pristine credit score.

She decided to investigate — and found that having a twin sister had caused serious complications with her credit record.

Louise, 32, was shocked to discover that all of her sister Jo’s private financial data, including her loans, bank accounts and mobile phone bills, had been muddled up with hers on Noddle, a free service owned by the credit reference agency Callcredit.

Louise could even see the joint accounts and mortgage that Jo shares with her boyfriend, discovering the exact amount of savings and debt her sister had.

After being alerted by her twin, Jo checked her own Noddle report and found the same thing: all Louise’s details were displayed clearly in front of her.

The sisters are not financially linked: they have never had a joint current account, shared a mortgage, taken out an insurance policy or the like, and do not live together. In fact, they live hundreds of miles apart. They share only a surname and, of course, a date of birth.

Louise, who researches long-term medical conditions, said: “This is a massive breach of the Data Protection Act. If I caused a data protection breach like this, I would be fired, or at least severely disciplined at work.”

Jo, a marketing director who lives in Earlsfield, southwest London, said: “Callcredit has given data to Louise that is not hers; it is my data and the data I share with my boyfriend.

“I spoke to Callcredit and they asked me if I was a twin before I said anything, as apparently this has happened before.”

The “twin trouble” issue has significant financial implications. As Louise has been unable to remortgage her flat, she is being forced to move to her lender’s standard variable interest rate, which is higher than her current mortgage deal: she will be paying about £400 more each month. She is in the process of trying to get a mortgage deal with another lender after NatWest turned her down.

The Information Commissioner’s Office (ICO), which with the Financial Conduct Authority regulates credit reference agencies, said: “This looks like a breach of the Data Protection Act. It doesn’t matter how closely related the customers are: if they haven’t given permission to share this information, then it is a breach. We would expect credit reference agencies to have systems in place to ensure they are able to distinguish between [twins].”

Was it the first time?

The twins have run into problems before with financial companies getting them mixed up. When Louise closed her accounts with a high-street bank a few years ago, it transferred all the funds out of Jo’s accounts with the same bank and gave Louise a large cheque for all of the money.

Jo said: “I was saving up for a house deposit, so it was a substantial amount of money. The bank apologised with two bottles of wine. Like the Callcredit error, this was supposedly done by just checking the date of birth and surname. Makes you worried about all the John Smiths born on the same day.”

Callcredit told The Sunday Times that it has a “very high success rate” of ensuring that correct information is placed on credit reports. However, the agency added: “Just occasionally, our data matching will fail to find the right home for a particular item (or items) of data, as has been the case on this occasion.”

Louise’s experience has raised concerns over how credit reference agencies handle sensitive data. The British Bankers’ Association said: “Serious mistakes of this kind should clearly not happen and can cause real anxiety for a customer. We hope the right steps are taken by the appropriate organisations in this case.”

Brian Murphy, head of lending at the broker Mortgage Advice Bureau, said: “Mistakes on credit reports can be frustrating, and even a small error can result in higher charges or being declined from taking a loan altogether. In this example, there is also a data protection issue: under no circumstances should credit reports show the details of other people that have no active financial link to you.”

How common are these errors?

The Financial Ombudsman Service receives about 70 calls a month from people complaining about their credit records. These range from incorrect information to the agencies taking too long to update their files. There are three credit agencies in the UK: Experian, Equifax and Callcredit.

Money published an article earlier this year about my experience with credit records (“I went into debt to prove I could afford a mortgage”, March 15). My husband, who has a twin brother, discovered that his brother’s credit cards were on his Noddle report. These were removed by Noddle after my husband complained. Luckily our chances of buying our first home together were not jeopardised.

However, credit agencies deny there is a “problem with twins”. James Jones, head of consumer affairs at Experian, said: “There is no reason to believe a shared surname and date of birth would increase the likelihood of information being misfiled on a third party’s credit report.”

Data breaches by credit reference agencies are rare, averaging about one every three months, according to the ICO.

The health sector suffers the most data breaches. Last week, a sexual health clinic in London leaked personal information about 780 patients in an online newsletter.

The ICO is also investigating how thousands of magazine subscribers with WH Smith received emails containing the details of other customers, including their names and addresses.

What happened with Jo and Louise?

After Money intervened, Callcredit removed the incorrect data and offered £250 compensation. Louise’s Noddle score then rose from 4/5 to 5/5.

Louise said: “The fact that these errors can happen so easily is concerning. The agencies need to up their security and filtering arrangements. My mortgage cost is going to rocket, and I just don’t trust financial companies any more.”

Greg Heath of the financial adviser Derbyshire Booth agreed that, in the Geneens’ case, data protection laws had been breached.

He added: “The agency has a duty to investigate and correct the entries. Credit agencies are being given too much influence in society today, as lenders treat their records as ‘facts’ when clearly they are not always correct.”

Louise also checked her records with Experian and Equifax. These were correct.

NatWest said it did not reject Louise’s application due to data from the credit agencies, adding that it also applies its own test in mortgage applications.

Can I claim compensation for a mistake?

The agencies all offer 30-day free trials, after which a monthly fee is charged. They also provide a one-off credit report for £2.

If you spot an error on your report, contact the agency and explain why it needs to be changed. By law, the agency has 28 days to tell you if it has removed the entry, amended it or taken no action.

If it does not update the report, you have a legal right to send a 200-word notice of correction — basically, a right of reply to explain a black mark in your credit history — which can be added to your file.

You can complain to the agency and ask for compensation if you feel you have lost out financially, or even because of the stress caused.

If you are not happy with the way the complaint is handled, you can take the matter to the ombudsman. If you believe a data breach has occurred, contact the ICO (ico.org.uk/concerns/handling/ or phone 0303 123 1113).

It is the ombudsman, rather than the ICO, that has the power to award compensation. The ombudsman can ask the company that has made the error to correct matters and to put the customer in the position they would have been in had the mistake not occurred.

“What we might do in that situation is ask the business that recorded the information [incorrectly] to write to the lender, saying the consumer was not at fault and asking them to look at the application again,” the ombudsman said.

“We might also ask them to pay some compensation.”