The Equifax Data Breach: What to Do

Share This Page

If you have a credit report, there’s a good chance that you’re one of the 143 million American consumers whose sensitive personal information was exposed in a data breach at Equifax, one of the nation’s three major credit reporting agencies.

Here are the facts, according to Equifax. The breach lasted from mid-May through July. The hackers accessed people’s names, Social Security numbers, birth dates, addresses and, in some instances, driver’s license numbers. They also stole credit card numbers for about 209,000 people and dispute documents with personal identifying information for about 182,000 people. And they grabbed personal information of people in the UK and Canada too.

There are steps to take to help protect your information from being misused. Visit Equifax’s website, www.equifaxsecurity2017.com. (This link takes you away from our site. Equifaxsecurity2017.com is not controlled by the FTC.)

  • Find out if your information was exposed. Click on the “Potential Impact” tab and enter your last name and the last six digits of your Social Security number. Your Social Security number is sensitive information, so make sure you’re on a secure computer and an encrypted network connection any time you enter it. The site will tell you if you’ve been affected by this breach.
  • Whether or not your information was exposed, U.S. consumers can get a year of free credit monitoring and other services. The site will give you a date when you can come back to enroll. Write down the date and come back to the site and click “Enroll” on that date. You have until January 31, 2018 to enroll.
  • You also can access frequently asked questions at the site.

Here are some other steps to take to help protect yourself after a data breach:

  • Check your credit reports from Equifax, Experian, and TransUnion — for free — by visiting annualcreditreport.com. Accounts or activity that you don’t recognize could indicate identity theft. Visit IdentityTheft.gov to find out what to do.
  • Consider placing a credit freeze on your files. A credit freeze makes it harder for someone to open a new account in your name. Keep in mind that a credit freeze won’t prevent a thief from making charges to your existing accounts.
  • Monitor your existing credit card and bank accounts closely for charges you don’t recognize.
  • If you decide against a credit freeze, consider placing a fraud alert on your files. A fraud alert warns creditors that you may be an identity theft victim and that they should verify that anyone seeking credit in your name really is you.
  • File your taxes early — as soon as you have the tax information you need, before a scammer can. Tax identity theft happens when someone uses your Social Security number to get a tax refund or a job. Respond right away to letters from the IRS.

Visit Identitytheft.gov/databreach to learn more about protecting yourself after a data breach.

Note: This post was updated on October 5, 2017 to reflect that Equifax extended the enrollment period for free credit monitoring from November 21, 2017 to January 31, 2018.

 

 

Comments

So if identity information was taken in the Equifax breach but not used, the takers could not be charged for identity theft?

What could they be charged with?

A break in or hack is criminal.

Good test. I like the way you think!

It could be that the "123456/test" gave 'might be' because Equifax could not reconcile the number and name. Or it could be the site was designed to get as many as possible to sign up for their (cannot sue-->subsequently rescinded) product. But a friend of mine entered her info and it told her that her credit information was not compromised, which would suggest that maybe it is trying to validate the identities correctly.

Classic, I figured that! You can NEVER trust a big company! It's almost like they gain something from having you sign up for the service. I AM NOT INTERESTED IN THE "FREE" service!!!!!!!!!!!!! They just need to be a better custodian of everyone's personal information!!!!

Why do they have access to my personal information anyway? Who gives them the right to dig into my financial history? I didn't even know these agencies existed!

Your bank does. No one could get a loan without them, since it's how banks know you're trustworthy. FDIC insured ones anyway, which is a bit ironic.

This is something I worry about. Is this simply a ploy to make sure the hackers have access to all vital information to enable them to hack us? Equifax was just hacked, what have they done to correct the problem? Is it just going to happen again?

I hate living in Trumps America, I'm afraid all the time!

Teri, I not only hate living in Trumps America, I don't want to live in America because of hom with all his destruction. Too many articles some say to freeze, some say not to. Paying cash or money orders are great but then you can't shop with Amazon.

Shop online with prepaid cards and gift cards :)

The thing is, if you're keeping that cash in a bank account, that can be accessed by someone with your leaked info. All they have to do is get an id. Then they ARE you. They could withdraw all of your money.

We are living in Trump-Time. Say what you want;Do what you want; Do whatever you need to in order to line your pockets and gain more power. Be smart, take care of your business and PRAY! If something smells ROTTEN, that is because it is. Equifax is rotten!!

Nonsense! Please, just stop the nonsense. We are all sick and tired of EVERYTHING in our lives becoming a political frenzy. Get a life and stop making the rest of us nuts with your nonsense!

Thanks! bogus test and it has been breached, why are they still in business!

Because of "Too big to be allowed to fail"... something we in the US really, really need to fix... by chopping up those corporations and banks.

Did any of you stop to consider that either a hostile nation or a single malicious hacker may have come to realize that by undermining credit confidence they can bring down the world's greatest nation with a simple key stroke? This is what worries me most about this whole issue.

The common business as usual cop-out "may have been" is always very reassuring. The people in charge of our lives are the bosses-the rest us us are just their tools

Trying to get more infornation. I received a letter from AT&T saying my information nay have been exposed.

I believe the language was not retracted but Equifax now allows us to send them a letter stating that we still maintain our right to sue.

The arbitration clause doesn't apply to the cybersecurity incident. Equifax already came out and stated publicly that you are not waiving your right to sue. People who aren't lawyers misread the terms of service and created an uproar

Not exactly. They came out and gave a carefully worded statement that it wasn't related to the data breach. You're still enrolling in their free tools. Some lawyers still think the language is controlling. It's a gray area at best.

The NY, MS, OR, and other Attorney Generals seen to disagree with you on that one.

You are incorrect. The NY Attorney General was the principal figure in convincing Equifax to remove the binding arbitration language from the Terms of Service. What portions of the contract I can find, they incorporate document by reference but do not provide them, it does include an Entirety Clause, which basically means that only the contract itself can be used to interpret the agreement, or put simply, the FAQs, public statements by the CEO or anyone else are essentially legally irrelevant.

So now I'm really confused. I got the wording "may have been impacted" when I put last name and last 6 digits. I didn't go any further on the website, just "X" out. Should I be worried? My credit is in the toilet any ways so I don't know how it could get any worse. What can happen with this breach?

I also put my information in and it stated I may be impacted. I continued on the web because I just filed bk in July and got a car as well and my email keeps telling me my fico is changing.... I have done anything since. So this could be for REAL

All, Ican say is if the scamners can find the money the goverment has taken from me over the years, may I have some too please!

So let me get this straight, Equifax somehow got my personal data, failed to store it, it got hacked, and now I have to pay for monitoring service? Does anyone else see a problem here. I want the heads of all the top execs at Equifax. NOW!

NO they are offering the service for free for anyone who's information may have been compromised.

Equifax is offering their TrustedID Premier service free for only 1 year.
So, what happens after that? What if the perpetrators decide to hold the information for over a year and try to use it when the free TrustedID Premier service has expired? I should not have to pay for ongoing service like that because a company, with whom I am not a paying customer, has collected personal financial information about me and did not take the necessary steps, such as encryption, to guard that information appropriately!

Free credit monitoring for a year. Yeah. But isn't my name, dare of birth and social security number the same forever ??

There is one robot for customer service, and his name is Bud, and Bud's circuits went on overload so, try calling your Congressman for answers. I did and I was told I would get a call back. I think they also use Bud.

No they are offering a one-year trial and then you have to pay after that. They should be required to give us the service for the rest of our lives, not just a one year trial.

Why would anyone want to use their service any way? They just proved how well they protect you. It's like someone fixing to kill you and you offer them the weapon to kill you with. I think I will pass on their security. They should pay for the security company of your choice to monitor you, not themselves.

maybe this is all a business scam to eventually scare people into paying for theft protection

you left something out Rick ... 3 Equinox execs sold stock before the announcement was made to the public...Equifax claims these senior executives did not know there was a data breach...they may not have known, but the perception is really really really bad.

What a joke! Their system was hacked & the whole database was open for over a month & the senior execs didn't know. Give me a break>

Latest news says they were lobbying congress to get little or n to penalty for their lax service. That's why they didn't tell us right away -
The whole company should be shut down- and the top 3 guys who sold ahead of time- to jail for acting on insider information

So the big three execs sold their stock when the price was up and they didn't know about the breach yea right. No gone public about breach stock went down did they make a killing. Inside information if yiu ask me

The senior executives sold their stock three days before going public. If you believe that I have 100 million dollars in a foreign account that I'll split with you.

I'm with you. I never gave them permission to have my info. I've never even heard of Equifax, until now. How is this legal??

Sarah--any time you apply for a loan (car, house, etc), or a credit card or fill out an application to rent, etc, the bank, credit union, company, landlord etc checks your credit on at least 1, likely all 3 of the credit bureaus. Doesn't matter if you've heard of them or not. When you apply for any of the above, you agree to have your credit checked (if you don't agree to that you don't get the loan/apt. house...) and what that means is all of the info you provide for the application goes into the 3 credit bureau's database. It's all quite legal.

I did agree to have my credit checked, I DID NOT agree to allow Equifax to collect my data. Should I be allowed to opt out of participating with specific credit companies (Equifax in this situation) that have demonstrated incompetence in protecting critical confidential financial information?

This was set up to happen decades ago. They were collecting this information well before the Internet was a thing. They just did a very poor job of planning for such a problem. Plus Republicans wanted to soften the regulations allowing it to be easier to be hacked.

when did this become political??

Proof, please. TIA.

I've been asking the same question for 20 years.

When you apply for credit of any kind your information is cleared through Equifax (or the other two major companies, Experian or Transunion). You give that permission tacitly as a condition of applying for the credit.

Even better, Rick, they not only got our info, they are SELLING it to companies who request a credit report on us. What right do they have to own our personal information? I don't remember signing away any rights to my own information.

Even worse I think :( Don't they also sell it to marketers? Cannot say for sure but that's what I've heard.

Every Company is doing it. Republican Congress just gave permission to the big Corps: Verizon, Comcast, AT&T, etc. That they can gather your information & sell it without any benefit to us. Poor babies don't make enough money. This just further erodes our Privacy. We all are just a commodity. Take the time to call or write your Representatives & complain. We are not a commodity.

Pages

Leave a Comment

Comment Policy