• filter:

Equifax hacked, 143 million consumers could be affected

  • Text Only
  • Search this Topic »
Voting History
rated:
Free credit monitoring for everyone!

https://www.cnbc.com/2017/09/07/credit-reporting-firm-equifax-sa...
CNBC said: Equifax Inc., which supplies credit information and other information services, said Thursday that a cybersecurity incident could have potentially affected 143 million consumers in the U.S. The U.S. Census Bureau said the U.S. population was about 324 million as of January 1, 2017, which means this affects a huge portion of the United States. Equifax said it discovered the breach on July 29. Leaked data includes names, birth dates, social security numbers, addresses and potentially drivers licenses. 209,000 U.S. credit card numbers were also obtained, in addition to "certain dispute documents with personal identifying information for approximately 182,000 U.S. consumers."

 

Member Summary
Most Recent Posts
One person yesterday on Reddit had problems with the usual web browsers and was finally successful with Opera.

JW10 (Sep. 20, 2017 @ 8:57a) |

To be fair I am using an XP computer so both browsers no longer update but Chrome usually seems to have more issues so I... (more)

sojourn4me (Sep. 20, 2017 @ 9:28a) |

Did you expect to receive a settlement if nothing happens to you?  It's like a tree falling in the woods...

Much hand wri... (more)

dcwilbur (Sep. 20, 2017 @ 9:35a) |

Staff Summary
Thanks for visiting FatWallet.com. Join for free to remove this ad.

rated:
The idea of getting free credit monitoring from the company who was just hacked reminds me of the following scene from "The Big Hit":

"-My phone is plugged into a Tracebuster.
Not only does this stop a trace on your call, -
- but it can also . . .
- Trace? - Trace who's tracing you.
What if they've got a Tracebuster?
-That's why I got this Tracebuster, Buster.
When they try to bust your trace, this will bust the Tracebuster -
- that's busting your . . .
- Trace. -"

rated:
Good thing they offer their free id theft and credit monitoring service.

/s

rated:
I wonder if we'll ever find out how much security could advance if the NSA were to prioritize protecting everyone instead of keeping everyone vulnerable to attack as they do now.

rated:
Link to Equifax's website discussing the breach:  http://www.equifaxsecurity2017.com/ 

rated:
I'm shocked, SHOCKED!, that outsourcing dev work to 3rd party would secure your infrastructure.

rated:
cr3s said:   I'm shocked, SHOCKED!, that outsourcing dev work to 3rd party would secure your infrastructure.

How do you know that outsourced dev work or 3rd party was the cause of the breach?

rated:
No database is secure. The internet as originally conceived is not secure. Offline is the only true secure way.

rated:
fedguy said:   No database is secure. The internet as originally conceived is not secure. Offline is the only true secure way.
Even offline there have been ways to steal air gapped PC's data. 

The real issue is that a number issued at birth and nearly impossible to change is used for so much. 

rated:
Wonder if this is why DW just got a new discover card...

rated:
I got this message:

Thank You Your enrollment date for TrustedID Premier is: 09/13/2017 Please be sure to mark your calendar as you will not receive additional reminders. On or after your enrollment date, please return to faq.trustedidpremier.com and click the link to continue through the enrollment process.For more information visit the FAQ page.  

Link:
https://trustedidpremier.com/eligibility/eligibility.html

rated:
LOOPHOLE said:   I got this message:

Thank You Your enrollment date for TrustedID Premier is: 09/13/2017 Please be sure to mark your calendar as you will not receive additional reminders. On or after your enrollment date, please return to faq.trustedidpremier.com and click the link to continue through the enrollment process.For more information visit the FAQ page.  

Link:
https://trustedidpremier.com/eligibility/eligibility.html

  Yea, got 9/11 an 9/13 for the accounts I manage for family.

Perhaps moreso important than the monitoring, by registering our name/social, the site said it'd notify us if we were part of the breached data

rated:
Question:    Does anyone think it is a good idea to place your own fraud alert on all 3 bureaus as a precaution against people opening new credit?  From Equifax's website: 
To determine if your personal information may have been impacted by this incident, please follow the below steps:

  1. Click on the below link, “Check Potential Impact,” and provide your last name and the last six digits of your Social Security number.
  2. Based on that information, you will receive a message indicating whether your personal information may have been impacted by this incident.
  3. Regardless of whether your information may have been impacted, we will provide you the option to enroll in TrustedID Premier. You will receive an enrollment date. You should return to this site and follow the “How do I enroll?” instructions below on or after that date to continue the enrollment and activation process. The enrollment period ends on Tuesday, November 21, 2017.

  


 

rated:
What a bunch of crap. First of all, asking for the last six digits of SSN is not far from asking for the whole thing. For those of us who have been around awhile, there are only a small number of possible first three digits.

But having gone through equifax.com to navigate to the link, I was more comfortable entering the requested data. But despite being told that I would learn whether I was affected, it just told me to get in line to wait a week to sign up for the protections they are offering. Good thing my credit is frozen.

rated:
publicpersona said:   What a bunch of crap. First of all, asking for the last six digits of SSN is not far from asking for the whole thing. For those of us who have been around awhile, there are only a small number of possible first three digits.

But having gone through equifax.com to navigate to the link, I was more comfortable entering the requested data. But despite being told that I would learn whether I was affected, it just told me to get in line to wait a week to sign up for the protections they are offering. Good thing my credit is frozen.

  
Same here as to not being told whether I was affected.

The breaches took place from May through June and it's taken this long to find out about it. I wonder if this would have had anything to do with several of us having our Fidelity VISA compromised around that time.

rated:
While the website claims that by entering your last name and last 6 digits of SSN you shall be notified if your information is at risk, I did not get any risk-OR-no risk message. Just a notice asking me to return to that page on another day to sign up for their monitoring service.

Now I am wondering if that's because they want to not publicly take responsibility, or because they are signing up people for one free year of monitoring, and hoping people will stay on as paying customers.

rated:
"The company has found no evidence of unauthorized activity on Equifax’s core consumer or commercial credit reporting databases. ...The information accessed primarily includes names, Social Security numbers, birth dates, addresses and, in some instances, driver’s license numbers."

Well, I am sure glad they kept their proprietary core credit reporting data secure. As far as customer SSN, DOB, blah, blah, blah... get over it. Good thing they helped write the law that only requires them to provide credit monitoring in case of a breach.

rated:
Equifax execs dump their stock after they learn of the security breach but before it's made public.

Three Equifax Managers Sold Stock... 

rated:
I got an at risk message after entering the info and will be signed up for monitoring

rated:
UncaMikey said:   Equifax execs dump their stock after they learn of the security breach but before it's made public.

Three Equifax Managers Sold Stock...

I doubt the execs will pay for this.
  Time for the SEC to make a scapegoat about of some peon who's going to get blamed.

rated:
itaos said:   I got an at risk message after entering the info and will be signed up for monitoring
  Thanks for the data point.
What date did they give you (I suppose there is a queuing system of sorts, and they should prioritize those who are at risk).

rated:
itaos said:   I got an at risk message after entering the info and will be signed up for monitoring
  Could you share what the "at risk message" says? 

rated:
Stubtify said:   The idea of getting free credit monitoring from the company who was just hacked reminds me of the following scene from "The Big Hit":

"-My phone is plugged into a Tracebuster.
Not only does this stop a trace on your call, -
- but it can also . . .
- Trace? - Trace who's tracing you.
What if they've got a Tracebuster?
-That's why I got this Tracebuster, Buster.
When they try to bust your trace, this will bust the Tracebuster -
- that's busting your . . .
- Trace. -"

My head hurts after reading this.

rated:
UncaMikey said:   Equifax execs dump their stock after they learn of the security breach but before it's made public.

Three Equifax Managers Sold Stock...

 
Here's how they get out of that:

'Sure, I was XXXX in charge of YYYY (fill in position that WOULD know about this), and sure we discovered it a month ago, but I never knew about the breach when I sold my stock.'

We'll all roll our eyes, and they'll walk away with 1.8 million with no punishment because 'they didn't know'.

rated:
harish7631 said:   
itaos said:   I got an at risk message after entering the info and will be signed up for monitoring
  Could you share what the "at risk message" says? 

  
It was a generic one-liner that said they believed my information was at risk. No dates given, just to be patient as they send out emails for monitoring which may take a few days.

rated:
This is what happens when companies outsource everything, especially I/T.

rated:
Anything to do besides lock down credit reports, Chexsystems?
Not that it matters because I got caught in the OPM hack a few years ago. I have to say it was a bit more reassuring to have the Chinese government have my data than random hackers.

rated:
You get a different message if they DON'T believe your information was compromised (basically, it says that you were not impacted). If you were impacted, there is no message, just the enrollment date. Found this out as my info seems to have been compromised, my wife's was not.

rated:
Please Freeze your credit!

rated:
On positive side of things, Everything that needs to be hacked has been hacked.

rated:
forbin4040 said:   
UncaMikey said:   Equifax execs dump their stock after they learn of the security breach but before it's made public.

Three Equifax Managers Sold Stock...

I doubt the execs will pay for this.
  Time for the SEC to make a scapegoat about of some peon who's going to get blamed.

  But...but...according to Equifax the CFO, and 2 others as well as their families did not know about it.

SEC filings show that three Equifax executives – Chief Financial Officer John Gamble Jr., workforce solutions president Rodolfo Ploder and U.S. information solutions president Joseph Loughran – sold nearly $2 million in shares in the company days after the cyberattack was discovered. It was unclear whether their share sales had anything to do with the breach.  
Equifax said in a statement that the three executives sold a "small percentage" of their shares on Tuesday, August 1, and Wednesday, August 2, adding they "had no knowledge that an intrusion had occurred at the time they sold their shares."


OOOOOOOOOOOOOOOOOOOOOOKKKKKKKKKAY!!!!!   

rated:
Went to their website and clicked their link to the dedicated website for checking name and SS# and got:

"This site is blocked due to a phishing threat.
Sorry, www.equifaxsecurity2017.com has been blocked by your network administrator."

Anybody else getting this?

rated:
msrazzle said:   Went to their website and clicked their link to the dedicated website for checking name and SS# and got:

"This site is blocked due to a phishing threat.
Sorry, www.equifaxsecurity2017.com has been blocked by your network administrator."

Anybody else getting this?

  I am getting the same message through openDNS

rated:
wife, parents, and brother in law all affected....basically everyone is affected...

rated:
I'm guessing that freezing and unfreezing credit still costs money, and Equifax ain't reimbursing that.

Whereas, somewhere in the fine print, they'll probably insert that by signing up for their monitoring we waive rights...

rated:
What do you think the BEST (free or paid) thing to do now? Do you think TrustedID Premier is the right shield? Or, are there any other (potentially better) measure? I used annual credit report few months ago. Is there any other way to get all 3 credit reports for free now? Also, how to monitor the fraud use of SSN and DL?

Thanks.

rated:
Maybe that could be the start for a push to de-couple the SSN from everything and have separate numbers for medical info, voters registration, credit worthiness, individual tax, etc

rated:
This wrecking ball was coming. These for profit companies should not play with entire consumer data in their hands. Distribute the data among different companies and make it impossible to pull data from these companies without a consumer consent.
I think credit monitoring adds another level of deceit. As of now, I don't trust anything shelled out by these companies. Just wait few more months and TransUnion will come out crying with equally bad news. We are royally screwed!

rated:
bandyopa said:   What do you think the BEST (free or paid) thing to do now? Do you think TrustedID Premier is the right shield? Or, are there any other (potentially better) measure? I used annual credit report few months ago. Is there any other way to get all 3 credit reports for free now? Also, how to monitor the fraud use of SSN and DL?

Thanks.

Be careful of the details of signing up for enhanced fraud protection on your credit reports. Freezing your credit reports is far and away the best thing to do, since you can turn that on and off yourself at will. When some of these extra fraud alert services are in place, it may mean jumping through a lot of hoops every time you apply for a credit card (which is annoying if you are in a FatWallet state of mind about rewards cards), and in that case the credit card issuer assumes you are up to no good, won't explain why you are being challenged, and there doesn't appear to be a way to turn it off temporarily.

CreditKarma.com is a good way to monitor your credit score/activity/report, and it updates once a week. Some credit cards do it now too, but only update once a month or two, which is not useful. Credit Sesame and Quizzle offer similar services, but I like Credit Karma the best.

Discover card has a free service that will search for your SSN, etc. on known lists, which I think is better than searching for yourself (since that gives your SSN to the search engine people). I don't know if that service requires your being one of their cardholders or not; I do know their service to give you your credit score does not require being a customer.

Pull your credit report from each of Equifax, Experian, and TransUnion once a year via annualcreditreport.com, staggering so you get one report every four months.

Watch your transactions frequently .. I do it almost every day.

Skipping 212 Messages...
rated:
sojourn4me said:   
Whats really sad is the class action started wont even compensate people decently if unless they have their credit hijacked and have expenses to show and costs associated with it

Did you expect to receive a settlement if nothing happens to you?  It's like a tree falling in the woods...

Much hand wringing over all this.  Sign up for credit monitoring and get on with your life.  

  • Quick Reply:  Have something quick to contribute? Just reply below and you're done! hide Quick Reply
     
    Click here for full-featured reply.


Disclaimer: By providing links to other sites, FatWallet.com does not guarantee, approve or endorse the information or products available at these sites, nor does a link indicate any association with or endorsement by the linked site to FatWallet.com.

Thanks for visiting FatWallet.com. Join for free to remove this ad.

While FatWallet makes every effort to post correct information, offers are subject to change without notice.
Some exclusions may apply based upon merchant policies.
© 1999-2017