Equifax, one of the largest credit reporting bureaus in the US, announced that they were hacked. The breach was discovered in July, and finally made public last night. It's looking like the hack will be of historic proportions, with upwards of 143 million consumer records exposed, including full names, birthdates, social security numbers, and all the other info criminals need to steal identities. https://www.washingtonpost.com/busi...2f7903bab0d_story.html?utm_term=.15a9b1320e40 You and anyone in your family with any potential for a credit history should check this site: https://www.equifaxsecurity2017.com/ If it tells you that you're not affected, you're lucky. If it gives you a date to enroll in 1 year of free credit monitoring, your data was exposed. Note that if you choose to enroll in this particular monitoring service, you will be agreeing to waive any right to legal action (individual or class) against Equifax. Best of luck to everyone who, like me, is discovering that their data was exposed.
So whats the difference between enrolling in a monitoring service, or just checking Credit Karma every week?
If you're just checking your credit score, you won't find out about bogus new accounts until your credit score starts dropping like a stone. If you are looking at credit history, you will likely catch a new account while it's young. Monitoring services send you automatic notices when something changes for good or ill.
Some Equifax execs are gonna be getting visits from the money cops very soon. Reading this morning that a few dumped a lot of stock just before they announced the breach.
143 Million of us, and a few hundred thousand with credit card info exposed as well. There needs to be stiffer penalties for companies not protecting data. Not just being embarrassed and offering to sell you more services... That credit monitoring service should be with a competitor, not a partner. TrustID and Equifax are tied at the hip.
Message I got was, "We believe that your information was not accessed. Would you like to enroll?" Well, no, your shit just got hacked. Why should I trust you?
A former colleague of mine, who is an IT security expert and is knowledgeable about this breach, says that the records were stored in plain text on a web server. The thieves apparently came in through a poorly designed partner portal.
My wife is pretty well informed on these matters... she works in the industry (not for equifax!) She postde this on the facetubes yesterday when a friend asked her for advice: You can freeze your credit, which can be a hassle to deal with if you try to open new accounts, but makes things safer. You can also put on a fraud alert. You can get a truly free, no credit card, monitoring at freecreditscore.com. Equifax doesn't have much of a presence in the South, by the way. Not all lenders report to all bureaus.
This happens A LOT. It's one reason why I have a job in Healthcare IT. Companies make really bad decisions, including operating IT on a shoestring budget and handcuffing them when it comes to infrastructure needs. If they were really storing the data on a web server like that, some heads need to roll. I just became aware of another WannaCry exploit at a university hospital because they were doing the same thing - older Windows box, no protections, storing data in clear text. Granted, data wasn't exposed with this - it is simply locked. But the potential for worse was there. I don't understand how anyone could continue to operate like that when it got so much press recently.
Equifax has enough of a presence that people who need to use credit or open new accounts to recover from hurricane damage may have serious difficulties. What a shitshow
Went to check and it says Imay have been impacted. When I went to enroll, it did the recapta thing to make sure I wasn't a bot. Here's what I was presented with. Oh how I wish the exit number would have been an odd number.
I worked in sales that had a lot of mid-market type accounts (local banks, doctors offices, etc), if you knew how cheap they try to run their security, or wont even consider upgrading from Norton Anti-Virus (yup, that was one companies idea of security, though not a bank or doctors office), you would not be surprised when stuff like this happens.
So I am supposed to go feed more information to a web site of the company who's website was breached to steal the information. Sounds entirely logical to me.
Looks like I am potentially affected, however due to the breach a couple years ago at the OPM, they are already have me enrolled in free credit monitoring. Yay me!
Unless I'm mistaken, whenever you apply for any type of credit, whether you like it or not, a helluva lot more information than your last name and some digits of your SSN will go to them.
Kinda my thoughts exactly.....and the website looks simple and cheeky.....maybe this whole situation is a hoax?