You are here

The Equifax Data Breach: What to Do

Share this page

If you have a credit report, there’s a good chance that you’re one of the 143 million American consumers whose sensitive personal information was exposed in a data breach at Equifax, one of the nation’s three major credit reporting agencies.

Here are the facts, according to Equifax. The breach lasted from mid-May through July. The hackers accessed people’s names, Social Security numbers, birth dates, addresses and, in some instances, driver’s license numbers. They also stole credit card numbers for about 209,000 people and dispute documents with personal identifying information for about 182,000 people. And they grabbed personal information of people in the UK and Canada too.

There are steps to take to help protect your information from being misused. Visit Equifax’s website, www.equifaxsecurity2017.com. (This link takes you away from our site. Equifaxsecurity2017.com is not controlled by the FTC.)

  • Find out if your information was exposed. Click on the “Potential Impact” tab and enter your last name and the last six digits of your Social Security number. Your Social Security number is sensitive information, so make sure you’re on a secure computer and an encrypted network connection any time you enter it. The site will tell you if you’ve been affected by this breach.
  • Whether or not your information was exposed, U.S. consumers can get a year of free credit monitoring and other services. The site will give you a date when you can come back to enroll. Write down the date and come back to the site and click “Enroll” on that date. You have until January 31, 2018 to enroll.
  • You also can access frequently asked questions at the site.

Here are some other steps to take to help protect yourself after a data breach:

  • Check your credit reports from Equifax, Experian, and TransUnion — for free — by visiting annualcreditreport.com. Accounts or activity that you don’t recognize could indicate identity theft. Visit IdentityTheft.gov to find out what to do.
  • Consider placing a credit freeze on your files. A credit freeze makes it harder for someone to open a new account in your name. Keep in mind that a credit freeze won’t prevent a thief from making charges to your existing accounts.
  • Monitor your existing credit card and bank accounts closely for charges you don’t recognize.
  • If you decide against a credit freeze, consider placing a fraud alert on your files. A fraud alert warns creditors that you may be an identity theft victim and that they should verify that anyone seeking credit in your name really is you.
  • File your taxes early — as soon as you have the tax information you need, before a scammer can. Tax identity theft happens when someone uses your Social Security number to get a tax refund or a job. Respond right away to letters from the IRS.

Visit Identitytheft.gov/databreach to learn more about protecting yourself after a data breach.

Note: This post was updated on October 5, 2017 to reflect that Equifax extended the enrollment period for free credit monitoring from November 21, 2017 to January 31, 2018.

 

 

Comments

Same here, as well as family issues. These agencies are supposed to protect us, not make us clean up their messes!

Don't use the Equifax website!!! They have buried a consent to arbitration agreement deep in the TOS that excludes yourself from class action lawsuits or bringing your own suit. Also, write your corrupt senator and tell him to give back the money he got paid to help consumers get screwed by arbitration agreements.

scum bag executives sold stock before announcement. low life

This is not right. The crooks took enough information to open accounts in 2 years, 5 years, 20 years. One year of free monitoring in exchange for zero liability for Equifax? What does that do for consumers???? FTC please require these guys to monitor these accounts FOR LIFE AT THEIR COST. Maybe then they will use real security.

so- equifax caused the problem- lost or gave up data on 143 million people. to put a fraud alert, etc on your file they want $10. so, if all 143 million do this, they make a billion and a half dollars! nice! they should do this for free since they caused the problem. can't the FTC order them to do this ?

The FTC didn't wait 2-3 months. Equifax waited until after their internal investigation completed to send out the notice.

One year worth of credit monitoring is not enough. Most hacked information is not used for years. Equifax should provide at least five years worth of monitor to ensure people are covered and protected. This sounds like a class action lawsuit to me.

How do I protect my credit

Do NOT send people to that site. Equifax hid the TOS at the bottom and it includes an arbitration clause that denies peoples right to class action. You are helping them sweep under the rug the largest breach of US identifying records POSSIBLE which they let happen by lax security.

I would say DO NOT get a credit report from Equifax, as they demonstrated that they can't keep anyone's information secure. No company should have sensitive data accessible to the Internet.

Go in toget copies of credit and Equifax is closed for maintance.

With all of this info that was confiscated - I no longer have "my" LIFE....I have to be concerned that my bank savings, 401K, retirement fund and medical information has been stolen...Does it really pay to use technical devices that can ruin someone who WORKS for a living rather than these low life's that have nothing better to do than HACK all day

You should blame the company which has been hacked. Hackers, actually, works for a living. It is just what they have done... And the proper term is crackers rather than hackers. If your company would have invested its profits in IT security you would not be here. It.is.not.your.fault.

Yes, I know that my "Social Security number is sensitive information, so make sure you’re on a secure computer and an encrypted network connection any time you enter it", why didn't Equifax???

The FTC should recommend where to sign up for a law suit. And to mirror what Equifax did to us, it should be the biggest in the USA's history.

If you accept the year of credit protection from Equifax, you are agreeing to waive your right to sue Equifax for the breach. Consider your options before using their services, as they appear to be focusing first on protecting themselves.

I am very unhappy that Equifax executives sold their stock days after discovery of the breach, and before the people affected were notified. I hope that they are prosecuted for insider trading. It's my understanding, also, that you charge fees for credit freezes and also for temporarily lifting them. Not cool.

Just how many Equifax "big wigs" sold their stock BEFORE the announcement of this breach??

It's just incredible that all Equifax is now offering is a freaking MONITORING service and absolutely NO PROTECTION against what the hackers could do to us peons!!

This went on for 2 and a half months and it took you that long to figure it out?! I really feel secure now - NOT!

Contact consumer financial protection bureau and file your complaint

I'm getting really sick of these companies being so lackadaisical with people's private information and then responding, "OOPS.. Sorry.. I guess YOU should monitor your credit more closely now.."

WE THE PEOPLE SHOULD SUE THEM INTO NON-EXISTENCE

Whose to say medical info wasn't included in the breach. I know many people who take loans for medical costs. That would add HIPAA breach to the mess!

Wow!! We get a year of 'credit monitoring' FREE from a company that just exposed ALL our credit and personal info !!! LOL!!

The disclaimer at the website sates that if you take the credit monitoring for the year free, you can't sue equifax. What a bunch of nice guys.They screw up, give you a freebie and say you ca't be part of a class action suit.

If the SSN can be used in perpetuity, then Equifax should be bound to provide credit monitoring services for free in perpetuity.

It seems the website is too popular--access has proved elusive for me.

If all 143 million people affected pay the $10 dollar credit freeze fee Equifax will make 1.43 billion dollars. As will the other two companies. Lock them up now!

NOTE - do NOT do the theft protection part of Equifax-just use the portal to check if your info has been compromised BECAUSE - they forcing you to give up your right to join a class action against the company if you want their credit protection product.

Doesn't it seem that Equifax has the responsibility to put a credit freeze on everyone's file for the remainder of they're lives? And also pay the fees to remove the freeze when asked to?

HOW ARE WE SUPPOSED TO TRUST HELP FROM A PLACE THAT HAS BEEN BREACHED AND THEN WAITED 3 MONTHS TO ANNOUNCE IT TO THE GENERAL PUBLIC.?

Questions for FTC: Can hacked data be used to create a fraudulent MySocial Security Account? How can this be monitored and prevented? Can FTC do anything do to prevent theft of social security money transfers by the crooks?

I look forward to joining the class action that is brought against Equifax over this. I personally don't care if I get a penny or a dollar -- but I certainly will enjoy watching the lawsuit make credit reporting less profitable at Equifax! I feel like chip on a dirty poker table, while a bunch of fat cats sit around betting on my value. Sad state of affairs.

Sure was a convenient happenstance for the executives of Equifax to be able to sell their stock after the data breach and BEFORE it was announced to the public. This insider trading definitely must be investigated by the SEC.

When clicking on website it just spins and does nothing

US Government partnering with big business screwing over the little guy through malicious negligence. I bet they saved thousands by using cut rate security measures.

It appears as though utilizing the website as advised causes one to agree to an arbitration clause. This is an extremely cynical attempt to evade lawsuits. Hopefully the govt. will see through the scheme. The FTC and others may be leading concerned citizens to lose their rights in court.

I immediately put a freeze on all 3 credit agencies. I called the number that was given on the website and it was someone I couldn't hardly understand. That concerned me because why can't an American answer at the Equifax agency? I just hung up after not being able to understand their "accent". Something just isn't sitting right with me with that link. Is it legit? I have researched and researched and it seems to be..... Anyone else call and get what seemed to be a foreigner?!?

When I click the equifax link I get a spinner and it never resolves. In fact it is still there as I type this. You should fix that.

And when I failed to provide a username I was redirected to a different page. That is really dumb. Who do you hire for webdev?

I don't see why I should be forced to pay $10 to place a credit freeze to Equifax when they are the ones responsible for allowing the breach. The government needs to force the company to pay for credit freeze for all three credit monitoring. companies

any random number entered for ss, says you may be affected, is THIS a scam?

Where's the "potential Impact" tab? Nice web site!

Our Government has failed us again. The Governments prime responsibility is it's citizens security. I interpret that as physical and financial security. I never did business directly with any of these reporting agencies but the banking and financial industries have provided them all of my data. That's just wrong.

This is ridiculous. Why does it always take so long, 3-4 months, to hear about these hugh companies being hacked. And the executives who sold their Equifax stock should be investigated to the fullest. We just hear about it and they sold stock the day after it happened. Wrong ...

Why would I give the company that allowed itself to be hacked, my name and last six of my SSN to check if I've been hacked?

Equifax already HAS all of our information. They should automatically give everyone FREE lifetime credit monitoring AND protection without having to "apply". They profit from our information already (and obviously don't protect it)!

The Equifax site does not tell you directly whether you've been hacked or not it just says you may have been.... Nice out government is looking out for us..... Should of told us dinner...No wonder no one trusts you guys...If it was you guys you'd know right away.... Being as nice as I am I'm not going to even tell you what I think of you people...Karma sucks

HOW ARE THEY STILL OPERATING! WE THE PEOPLE DEMAND A LAWSUIT IMMEDIATELY. SHUT THEM DOWN!

How do we know that Equifax didn't contract an external hacker to do this. Their executives sold early and can buy back in when prices are rock bottom. They also get a huge number of people to sign up for the free year of security service with a likelihood that a large number will remain as paying customers after. Like someone said, the hackers could sit on this for years. Equifax should provide at minimum a basic free security coverage package for life of those impacted.

Why are people not allowed to opt out of these agencies collecting a huge amount of personal financial information on us? This should be illegal. It probably would be if I did this as a private citizen. Equifax, TransUnion, and Experian are not government agencies nor are they closely regulated. I realize that opting out would affect my ability to obtain credit, but I don't care. I don't want these companies with outdated computer systems to stockpile my personal information. Not to mention the fact that they are very very lax in verifying this information.

I think Equifax should have to pay for our credit freeze/unfreezes with all 3 credit bureaus since the breach was their fault and they have never expressly asked for my permission to keep my SSN on their data servers.

Pages

Leave a Comment