You are here

The Equifax Data Breach: What to Do

Share this page

If you have a credit report, there’s a good chance that you’re one of the 143 million American consumers whose sensitive personal information was exposed in a data breach at Equifax, one of the nation’s three major credit reporting agencies.

Here are the facts, according to Equifax. The breach lasted from mid-May through July. The hackers accessed people’s names, Social Security numbers, birth dates, addresses and, in some instances, driver’s license numbers. They also stole credit card numbers for about 209,000 people and dispute documents with personal identifying information for about 182,000 people. And they grabbed personal information of people in the UK and Canada too.

There are steps to take to help protect your information from being misused. Visit Equifax’s website, (This link takes you away from our site. is not controlled by the FTC.)

  • Find out if your information was exposed. Click on the “Potential Impact” tab and enter your last name and the last six digits of your Social Security number. Your Social Security number is sensitive information, so make sure you’re on a secure computer and an encrypted network connection any time you enter it. The site will tell you if you’ve been affected by this breach.
  • Whether or not your information was exposed, U.S. consumers can get a year of free credit monitoring and other services. The site will give you a date when you can come back to enroll. Write down the date and come back to the site and click “Enroll” on that date. You have until January 31, 2018 to enroll.
  • You also can access frequently asked questions at the site.

Here are some other steps to take to help protect yourself after a data breach:

  • Check your credit reports from Equifax, Experian, and TransUnion — for free — by visiting Accounts or activity that you don’t recognize could indicate identity theft. Visit to find out what to do.
  • Consider placing a credit freeze on your files. A credit freeze makes it harder for someone to open a new account in your name. Keep in mind that a credit freeze won’t prevent a thief from making charges to your existing accounts.
  • Monitor your existing credit card and bank accounts closely for charges you don’t recognize.
  • If you decide against a credit freeze, consider placing a fraud alert on your files. A fraud alert warns creditors that you may be an identity theft victim and that they should verify that anyone seeking credit in your name really is you.
  • File your taxes early — as soon as you have the tax information you need, before a scammer can. Tax identity theft happens when someone uses your Social Security number to get a tax refund or a job. Respond right away to letters from the IRS.

Visit to learn more about protecting yourself after a data breach.

Note: This post was updated on October 5, 2017 to reflect that Equifax extended the enrollment period for free credit monitoring from November 21, 2017 to January 31, 2018.




This is all irrelevant. 134 million social security numbers WITH names and addresses were stolen. I'm pretty sure that includes EVERYONE in the U.S. who has a credit report. Don't bother checking that site to see if you're on it because you definitely are. As of today creditors can no longer use social security numbers as verification during a loan process. Those days are over. A new day where some other additional forms of verification will begin. It will probably involve things like in person appearance showing ID, proof that you live at your address, and / or address verification where they physically mail you a letter with a code that you need to enter somewhere.

Absolutely agree. Hopefully the 'new day' comes soon.

I cannot get past the 'I'm not a robot" for hours! I called the number listed over and over and finally talked to a person who could not tell me if my data was compromised but she recommended that I get on the FTC website. WTH! That was useless!!

I accepted the Premier credit monitoring service offered by Equifax and didn't find out about the condition that states I waived the right to participate in any class-action lawsuit brought against them regarding this matter. What are my options now?

It is time for the attorney general to issue federal indictments right now for executives at Equifax who sold stock after the breach occurred and before it was reported along with indicting the company itself under federal Racketeering statutes -- they claim they didn't know, but I think the facts will prove otherwise. I demand an immediate felony criminal investigation of both the executives and company including but not limited to the immediate seizure of every single electronic device owed by said executives and the company that might hold evidence documenting that they're lying.

Credit monitoring is like closing the barn door after the horses have bolted out. Equifax should be offering a FREE credit FREEZE and free unlock (normally costs $10.00 per person to lock and unlock credit each occurrence). Credit monitoring does nothing. And all respective federal agencies (e.g SEC, FBI, FTC, etc) should be holding Equifax accountable, especially the senior executives that sold off their stocks prior to hack disclosure. That's a crime on top of the original hacking crime.

Enough is enough! These companies, government agents, high level execs who profit from selling stocks prior to disclosing their wrongdoing ALL belong in prison on death row! Data breaches seem to be shrugged off by companies and the government both! Equifax should be monitoring AND protecting people's data forever! Even after they are shut down for allowing this TREASON to happen to United States citizens!

I called the phone number posted for Equifax and eventually talked to a person who told me that it was a disgruntled employee who took a USB home, with the 143,000,000 records on it, but not to worry, he brought it back. He told me that all the Equifax people know this. I was then directed to the website and I found it confusing. Supposedly when you clicked on the "potential impact" button you would be told if you were one of the victims. But, instead of being told whether I was impacted I was given a date to enroll in their identity software. So, I called back and the fellow I talked to this time so me that the information I was given about a disgruntled employee wasn't true. Now, I ask you, does this install confidence? I agree with others that have stated they did not give permission to Equifax to collect personal data on them. Everyone should be given the ability to say yes or no to this company and the other credit reporting agencies too.

Just saw on TV that those "Executives" of Equifax, who sold their stock before the breach was announced, "claimed" they sold the stock before the breach was discovered. Anyone who believes that should buy my Beach Front Property in Arizona. It has 150 miles of beautiful sandy beaches. If these guys don't get some jail time for fraud, we will all know who the Justice System in this country truly protects. Tarring and Feathering would be too good for these scumbags. Their own system tells you your Social Security number is entered into a Safe system. Is that the joke of the century?

This is ridiculous! Cannot even get to the info--tit keeps reverting back to first page! Not only does their security stink but so does the process to find out if my info has been breached!! Thanks Equifax!!

Citizens are being taken for granted! Law suit!!!

They should be shut down. The banks should compensate us that used them for making our personal loans.

In 1948 Diner's Club appeared. Prior to then, people saved money to buy things, and went without those things they could not afford.Meals in restaurants were thus a rariety; ordinary folks held such occasions as special. Loans required down payments and collateral.We created the notion of "credit" when we aspired to live beyond our means, and to embrace instant gratification as an entitlement; even a right of citizenship. Our orgy of irresponsibility ( as the blind and easy pursuit of any vice always will) led us to cede the definition, and management, of our "credit-worthiness" to contractors;in our laziness we imbued them with access to information that our leisure pursuits gave us scant time, nor interest, in controlling ourselves.We built this system ourselves, out of whining self-interest. With the benefit of hindsight are we now able to admit it?

Is it safe to type in my last name and last 6 digits of my Sam to check of i am affected?

This whole situation is a complete outrage. These companies collect our data without our permission, handle it irresponsibly, and then WE have to PAY THEM to "protect" ourselves. Shame on them and the FTC.

Does anyone else get blocked when trying to go to
My security identifies it as a phishing attempt and blocks the page.

Before signing on to this "free" Trustedid monitoring service understand that the breach was through this TrustedId site. This service charges about $20 per month for this so called service. The irony is that the 209,000 peoples credit card numbers were from the people who signed up for this fraud monitoring service. Why would anyone give these incompetent idiots more personal information and sign up for this useless service. With the number of people impacted and the costs associated with contacting all people that were impacted and reaching a settlement, Equifax will be insolvent.

Hi all. I'm considering doing an initial 90 day fraud alert due to being told I "may" have been affected due to this breach but I read somewhere it might affect looking for work? I am in the process of looking for a job. Would it reject my applications if I do this? Thank you.

Blow off - make equifax auto enroll everyone

when you put this information in the credit bureau to
Freeze your accounts do you have to do it both for
husband and wife???????

Class-action lawsuit. Anyone want in?

Unfortunately, the equifaxsecurity2017 website does NOT allow you to "find out if your information was exposed" (as Equifax claims and the FTC repeats).

Private security experts have tested that site with both real and fake names and SSNs, and there is no difference in the response. All you will get is them telling you to sign up for their credit monitoring service, no matter whether your data was hacked or not.

I agree with most of the posters' comments...specifically, why isn't Equifax notifying potentially impacted persons? Also, I do not feel comfortable providing the last 6 of my SS#. How am I to feel warm and fuzzy leaving this information when YOU HAVE ALREADY BEEN HACKED? NO THANKS. NOTIFY ME!
Where was YOUR security when it was needed? I will monitor my credit report elsewhere.

When I went onto Equifax to freeze my credit, they charged me $10.00 for the 'service!' At 143,000,000 times $10.00, they are making a Ton of money from their own malfeasance. I am spitting mad about this, but I can't do anything about it! And I have to put freezes on all three credit bureaus! Where is the consumer protection in this event that is affecting half of the country?!?

The law states if you place a fraud alert with one credit bureau, they are required to notify the other 2 credits bureaus. Not sure what I do or don't believe anymore - but that's what it states.

It's ridiculous that it took 3 months to be informed of this breech. I can not believe that there have been no ramifications for equifax for allowing this to happen.They are asking for people to send more information to their hacked systems while also making sure the consumer gives up their right to peruse a class action lawsuit for this whole situation. Ridiculous.

One year is NOT enough identity protection for a data breach! They owe us more coverage than a year!

According to multiple news reports I have seen today, if you go to equifax, enter the last 6 digits of your social and your last name, you waive your right to join a class action case against equifax. If correct, it is inexcusable that the ftc would provide that guidance above.

not only do i have to worry about my bank stealing from me (wellsfargo), now i have to worry about my identity for the rest of my life.

hey FTC can i just get a new SSN please?

Is the Fox (Equifax) guarding the hen house? Could this be a way to get a lot of customers for their security program? Its free for a year but it probably has a fee there after. Wow, great way to create fear and doubt about your accounts. Announce a breach! Now I have to pay the people watching my accounts, extortion money for the rest of time not to let anyone get my information.

It says I MAY have been compromised. What do they mean, was I or was I not hacked? Is EVERYONE receiving the same message that they "MAY" have been compromised? Is this to CONVINCE everyone to "ENROLL" in their program? It appears to be some sort of SUBSCRIPTION to their monitoring service, which will CHARGE YOU after 1 YR. WTF? They are not being transparent about this at all. It took them this long to reveal the breach. Really, Equifax? Nice timing with the hurricanes and all. Trying to stay under the radar with the hurricanes being the front page news instead, right Equifax? EQUIFAX needs to be DISSOLVED as a corporation -- All EQUIFAX operations should be CEASED at once -- All EQUIFAX assets should be LIQUEFIED AND SOLD AND THE PROCEEDS EQUALLY DISPERSED AMONG THE VICTIMS, ASAP.

I'm going back to pencil on paper and cash only. I don't want nor do I need these a$$wipes handling any information of mine, EVER. Get outta my life!

I went on the Equifax website and found out that my information was hacked. I panicked and clicked on the button for the credit monitoring before reading blogs about the arbitration clause. Thank you, Bridgette Smith-FTC for clarifying that it pertains to the monitoring service and not a future case actionlaw suit.

The FTC is promulgating us using Equifax's website and if we do, we lose our right to sue Equifax. NO thank you, class action will surely be coming soon.

Equifax site says my information is probably compromised. So now I have to freeze my credit at all 3 agencies on my own dime, and unfreeze them, again on my own dime, when I need to get a loan / move / buy a car etc?? Apparently it's only free to do once my identity is stolen for real, and I have a police report proving it. How is this fair / just / make any common sense?

Did Russia or China do the hacking? I'd like to know.

The three execs need to go be fined and sent to jail for insider trading. One year of credit monitoring is an insult, it should be offered for life for 143 million that are affected. We did NOT ask you to retain or keep our information. I don't care what the reason is for the breach, a web application. Whatever it may be, Equifax has failed. Even if it ceased to exist isn't enough for the irreparable damage that's done.

Let's boycott any company who still insists on using them. If no one uses them, they'll go under. Companies who still use their service will no longer have my business. If a company, i.e. Car dealer, credit union, mortgage co. is going to run all my info thru this irresponsible company yet again, they'll have to find new customers. I'm gone.

I agree. We (consumers) can beat them if we stick together.

What is with this... NOw they have a "Cyber Security" company coming in! One would think that from the start up of Equifax and the other 2, that they would have the Best ... top notch Cyber Security experts in the world ! DUH ! Where is this going? Are we, in the future, having to pay for our ultimate privacy .. our income ... our family history etc. etc. ... I smell a skunk in the house !

Why would I want to give Equifax any additional information since they obviously can't protect the info they already have? Guess it doesn't matter anyway since this isn't the first and won't be the last time my info has been compromised and most likely won't be the last. My spouse was the victim of full-blown identity theft (most likely through a hospital or doctor) years ago. it made our lives miserable. We were always super careful with our info. Shredded like crazy, checked accounts regularly, etc. JM is right. It's not IF your info will be breached, it's WHEN. kathologist is also correct. Check your accounts constantly. By the way, FTC, there is no such thing as a "safe computer" or "secure encrypted network connection." I'm writing my Congressman to complain. Probably won't do any good. I'm just tired of all these agencies who have my info and can't protect it. I'm spending way too much time trying to do their job. In the end, though, we are to blame. We are the ones who allowed computer technology to control our lives.

This is beyond comprehension. I agree will all the complaints registered and am only commenting to be counted. If the FTC does not intervene, then we might as well be living in the dark ages of lords and serfs.

Equifax could and should automatically enroll all 143 million victims of their incompetence in "LIFE LOCK PLUS" and pay for the service.

I asked for $350.00 in damages and 10 times any costs related to the breach in security
that causes me damages. I also contacted Attorney General Eric T. Schneiderman and i suggest you all do the same. He will help us

Use cash, children! And remember you can't take it with you when you die.

How can Equifax automatically renew the watch program service if you havent given them a mwans of payment? Sure they gave all my CC acciunt numbersm so whuch one do they charge? I`m apparently one of the 143 million, so im cancelling all my CCs abd getting nw ones. Will Efax be able to randomely pick one of those cards and charge me? Something seems od to me about this autorenew thing?

Do I need to sign up for credit monitoring with the other 2 credit agencies? Will it be free with the other 2?

Is this equifax credit monitoring the same as a "fraud alert" program?

Are we considered "victims of identify theft" so that we can get free monitoring with the other 2 agencies?

How ironic is it that the Equfax site noted in this article isn't really secure. I get this using Firefox:

Your connection is not secure

The owner of has configured their website improperly. To protect your information from being stolen, Firefox has not connected to this website.


Leave a Comment