The Equifax Data Breach: What to Do

Share this page

If you have a credit report, there’s a good chance that you’re one of the 143 million American consumers whose sensitive personal information was exposed in a data breach at Equifax, one of the nation’s three major credit reporting agencies.

Here are the facts, according to Equifax. The breach lasted from mid-May through July. The hackers accessed people’s names, Social Security numbers, birth dates, addresses and, in some instances, driver’s license numbers. They also stole credit card numbers for about 209,000 people and dispute documents with personal identifying information for about 182,000 people. And they grabbed personal information of people in the UK and Canada too.

There are steps to take to help protect your information from being misused. Visit Equifax’s website, www.equifaxsecurity2017.com. (This link takes you away from our site. Equifaxsecurity2017.com is not controlled by the FTC.)

  • Find out if your information was exposed. Click on the “Potential Impact” tab and enter your last name and the last six digits of your Social Security number. Your Social Security number is sensitive information, so make sure you’re on a secure computer and an encrypted network connection any time you enter it. The site will tell you if you’ve been affected by this breach.
  • Whether or not your information was exposed, U.S. consumers can get a year of free credit monitoring and other services. The site will give you a date when you can come back to enroll. Write down the date and come back to the site and click “Enroll” on that date. You have until January 31, 2018 to enroll.
  • You also can access frequently asked questions at the site.

Here are some other steps to take to help protect yourself after a data breach:

  • Check your credit reports from Equifax, Experian, and TransUnion — for free — by visiting annualcreditreport.com. Accounts or activity that you don’t recognize could indicate identity theft. Visit IdentityTheft.gov to find out what to do.
  • Consider placing a credit freeze on your files. A credit freeze makes it harder for someone to open a new account in your name. Keep in mind that a credit freeze won’t prevent a thief from making charges to your existing accounts.
  • Monitor your existing credit card and bank accounts closely for charges you don’t recognize.
  • If you decide against a credit freeze, consider placing a fraud alert on your files. A fraud alert warns creditors that you may be an identity theft victim and that they should verify that anyone seeking credit in your name really is you.
  • File your taxes early — as soon as you have the tax information you need, before a scammer can. Tax identity theft happens when someone uses your Social Security number to get a tax refund or a job. Respond right away to letters from the IRS.

Visit Identitytheft.gov/databreach to learn more about protecting yourself after a data breach.

Note: This post was updated on October 5, 2017 to reflect that Equifax extended the enrollment period for free credit monitoring from November 21, 2017 to January 31, 2018.

 

 

Comments

What they are NOT telling consumers is that if you enter your information into the Equifax Credit Monitoring program you WILL be charged a fee after the 12 months of monitoring!! And...you void ANY chance to sue Equifax if your information has been truly compromised and misused! This is a scam within that breach! Why do you need "this new" service to monitor your credit info, which is what "they" were suppose to be doing already, when they were breached?? Duh... I have NO doubt, Equifax is in on the breach...to boost up their stock which has been plummeting recently! This intrusion started back in late May and until NOW in September, consumers are being warned?? How convenient to appear that they want to come out looking like saviors...DO NOT fall for this! Once you type in your SS# and name at the website, you just screwed yourself royally! I have no doubt the scammers are looking for people with a flawless, top rate credit rating of 720 and up...the rest of the struggling population with low scores probably don't have anything to fear because Equifax already has you labeled with any score below 645, pinpointed as 'not credit worthy'!

Since the 3 Chief Executive Officers sold their shares of the company of Equifax before the release about the consumer information being hacked in their database, the FTC should hammer them. We as consumers that have had our info. compromised should have lifetime monitoring. That's okay I'll get with some others on this if my info. is ever severely compromised and launch a class action law suit. I hear that there are protections in place for them from class action law. I don't see how this is fair since they claim to protect information and also sell products to unknowing consumers thinking that they are protected. Equifax ought to be ashamed of themselves. Also the fact that their Officers in the company acted the way they did, should cause them to loose their ability to secure data in the future. The company should be disbanded and criminally prosecuted to the fullest extent of the law!

They are offering credit monitoring for one year? this is a lifetime compromise of all of our information !!!!!

Credit Report Freeze cost $10 for each credit bureau and I am assuming $10 for every time you either unfreeze or temporary unfreeze the credit bureau report for whichever bureau, we should be getting it for free for several years because you don't know when they might use your information. I have had to change my credit card numbers several times over the last couple of years do to fraudulent charging on my cards. Also, if you pull your credit reports more, then your credit score drops because of it.

What are we suppose to do? Be financially ruined by thieves and the in ability for credit bureaus to safe guard our information.

The reason I was exposed to all of this to begin with is because 5 years ago someone from the FTC suggested I sign up for the Equifax Complete service after someone opened a credit card account in my name. After paying Equifax over $1000 over the past 5 years they now want me to (what?) continue paying for the service that exposed my info in the first place? I got through to someone who told me to cancel my paid account and sign up again for the free account. Which will do what? The whole thing is infuriating.

They should provide unlimited monitoring, identity theft protection, and remove the restriction that signs away your right pursue this in the court system. They have had tremendous influence and control of consumers information which they have made huge profits from selling to lenders and even consumers. They have been allowed to put negative information in a file without validating or confirming the information. The consumer must initiate a tedious dispute process to get the false information removed that should not have been there in the first place. They have now been allowed to protect themselves and profit for their errors while and leaving the victims to fend for themselves when it was too late to prevent their info being used illegally.

Whatever. So I take care of my bills, on time every time. My identity is now in the pockets of criminals for ever and ever. FOR-EV-ER. What can I do about it? Pay the very people who lost my identity to the criminals in the first place. In summary, we're all screwed. But what chaps my hide is this, if 143,000,000 people's ID'S were stolen by criminals and a mere 2% lock then unlock their credit at say $10 that's a nice equifax profit of over $57,000,000. Ho-hum

I have to laugh about the people afraid about missing out on the class action suit. Think about it. 143 million people affected. Let's say they lose $10 billion in the suit. That adds up to $70 per person affected. Not even enough to go out for a good dinner.

Jack squat.

Equifax was useless. I used their online tool and it said that my information "may have been impacted" - nothing definitive. When I called the number provided, I still received nothing definitive and they simply redirected me to the online web tool. The help line is a third-party contractor who could not even provide a phone number for Equifax. I insisted on being informed as to whether or no my information had been compromised and they said they had no resource to provide that information, so the entire exercise was pointless. I then attempted to run an online free Equifax credit report and although it started the process, the webpage became unresponsive and then there was a message from the "annualcreditreport" provider that it could not provide an online credit report and that I would instead have to submit a paper request ( they provided a PDF.) What a grand waste of time.

Let me know when the class action gets going...

Equifax needs to be closed down by FTC for the protection of all 143 million consumers that they abused. It will make the other two remaining entities that hold our information value what they are holding and make sure that they don't get put out of business too. that is about the only thing that a corporation understands. Their precious bottom line, to hell with consequences for the little consumer. Pinch their wallet and they will take us serious. Nothing else really matters to them. Outragous!!!!

I can't even check to see if I've been impacted... it says the website has been configured improperly and it can't be trusted!!! WTH???

The people of Equifax are bullys of the worst sort.
I believe that an Equifax employee sold access to the credit files, perhaps one or all of those who sold their stock.
"The Federal Trade Commission (FTC) is the nation’s consumer protection agency. The FTC works to prevent fraudulent, deceptive and unfair business practices in the marketplace."
Let us see some serious action from the FTC!
Who is preparing a class action suit?

So just to be clear. If we are among the roughly 50% of Americans effected by this data breech, it is suggested that we collectively pay the offending party (equifax) $1,430,000,000 to check to see if we were victims of their incompetence and subsequent fraud (in covering up said data breach for several months).

And it is also suggested that we enroll in their 'free' protection service, which includes a release of liability waiver that the company says they will ignore this one time (for the 'incident, but not for any future fraud or malfeasance associated with the incident)...

And, as it's safe to assume (based on previous governmental interactions with the financial sector in this country) that this one internet article will be extent of our governments' response to this situation, how exactly is the average, working class, non-millionaire who doesn't have a lawyer in retainer expected to piece their hard won credit score back together after all of this.

It would be nice to hear something besides 'oh, just file a report and spend the next 20 years trying to get any fraudulent accounts expunged... good luck with that...'

I realize that, being a working class non-millionaire, I am not the sort of person my government cares about. But it wouldbe nice to see some sort of return on the 30% of my income that is confiscated every year.

Not able to get through to either the phone number or the web page for checking to see if any of my informstion was stolen.

FTC oversees the credit bureaus yet can't impose large fines or stricter regulations on how they use/secure our most sensitive financial information.

It seems that equifax sold our information to the Russions in may
Got paid a lot of money & now in September claims that it 'd been hacked . The government should step up & do something about it, at least put them out of business and make them liable for all the scam.

I "locked" my credit at all three agencies some time ago. Yes, it cost my husband and I about $30 each to do so, but in the long run, it was worth it. Lock up your credit and pare down to 2 credit cards.
No, I don't long for the "good ole days"- I thoroughly enjoy technology, but like everything else, it has a cost.

Thank you for this article

Does anyone know why the equifaxsecurity/2017.com website ISN'T secured?

The only ones who can hold Equifax accountable are congress. And congress is too busy trying to shut down the Consumer Financial Protection Bureau to worry about the American public who elected them. The only way to do anything serious about this financial catastrophe is to call your elected congressional representative and yell long and loud. If enough people do this there will be change. I expect this blog site will be shut down shortly to prevent the American public from sharing information and promoting action to fix this huge threat to our financial security. You can also do a little deeper research and find out which congressmen took donations from the credit reporting companies.

This incident is perfectly illustrative of why so many Americans have lost faith in America and have turned to hate-spewing d.j.'s, charismatic con artists, and flim-flam preachers for leadership, instead of to elected statesmen and women.

Having three major credit reporting companies concentrates the risk on those. Each one of them should be split up in a multitude of smaller, independent companies to increase difficulties for hackers and therefore reduce the risk to breach data of a large fraction of the population. Further, they should not be allowed to collect data of more than perhaps 10% of the population. If they complain their growth and greed is unfairly capped, the answer is they should have been smarter earlier: negligence should not be rewarded.

Read the very fine print in any Equifax offer. If you agree to anything, you may also be opting out of a class action suit.

Maybe Congress can do something useful, or else the Donald. All people with a credit file at any of the 3 should have a fraud alert put on for the next 7 years. All at the expense of Equifax. And backdate the fraud alert to April 2017. Equifax's remedy is totally inadequate. If Arthur Anderson can be run out of business for their ineptitude, there is no reason for Equifax's existence beyond Dec 2017! And sign me up for the class action suit in every state.

Equifax is using date and time of freeze request for pins - 0908141415! This company is rogue and should be shut down. Why are they allowed to have our data?????

Imagine having to pay these Equifax crooks not to reveal your data after they have already allowed it to be released to other crooks through their neglect because congress has made sure the credit reporting agencies are not accountable. We consumers have become a pack of sheep waiting to be fleeced.

As instructed by equifaxsecurity2017, I entered my whole SS# as advised, and now wonder if that was wise. I also haven't received any email from them, as promised to complete the process of enrolling in monitoring, even in the Spam section. Have I made it worse?

I am outraged by the data breach of Equifax and potential impact upon citizen consumers. In the United States of America, electronic personal data is far too accessable to business interests (often without an individual's knowledge) and vulnerable to criminal acts due to insufficient protections of the data. The Equifax event is my last straw. I demand that government start being serious about siding with private citizens rather than business interests regarding this matter, whether it be banking, credit cards, credit companies, phone telemarketers, spam emailers, etc. Did not Equifax realize that they are a fricking DATA GOLDMINE FOR CRIMINALS? Did Equifax naively think a picket fence would keep intruders at bay? Was Equifax too profit driven to invest in adequate data security? That Equifax did not have the most rigorous protections in place deserves FEDERAL PENALTIES that will make them a lesson to all enterprises that gather or retain the data of private citizens. Imagine the potential time to resolve and the financial damage each citizen caught up in this fiasco may incur. Equifax should be out of business, like yesterday. Hell, Equifax does not even provide an email mechanism to tell them how I feel. Shouldn't that be a business requirement in the case of data breaches, so they can be held directly accountable by the people their incompetence affected? Then, their initial response was to try and PROFIT from the affected customers by having them sign up for "free" protection (note that the protection is for one year, and must be ACTIVELY cancelled by the sucker, er, consumer, or otherwise pay for future service). Remember the Coumbia Records membership racket? Or how about Wells Fargo's chronic unethical practices? Are your penalities sufficient to stop them yet? And one more thing....who authorized such companies (Equifax, TransUnion, etc.) to gather and retain personal information without express consent of the consumer? Citizens have a right to PRIVACY, and the right to be informed if any business utilizes personal data, and how that data is used. Going forward, perhaps business should be required to pay customers for access to data, and be fully liable for any expense incurred, including the time spent by the consumer and attorney fees associated with resolving issues caused by companies like Equifax.

Don't bother calling the number on the response site. The staff at the call center have nothing to say other than go to the website. Absolute waste of time. They don't have any idea or access to tell you what of your info might have been compromised, and the Equifax number they give is just the automated system to order a credit report, no way to reach an actual Equifax rep. Considering that Equifax sat on this info for 6 weeks, this is just brain dead preparation on their part. @FTC - are you guys doing anything to protect the real victims here?

Do we use current credit and/or debit cards or will these companies be issuing new ones, within a few days, to 143 million people?

As if the the FTC and equifax aren't in this together in some way shape or form. In the the meantime two percent of a hundred and fifty three million will buy credit monitoring at ten dollars to free and ten to unfreeze equals fifty to sixty million dollars of brand new revenue.

IF THE GOVERNMENT IS GOING TO TAKE AWAY MY SAY AS TO WHO CAN ACCESS MY MOST PERSONAL INFO AND WHAT THEY DO WITH IT THEN THEY NEED TO DO WHAT THEY ARE PAID TO DO. THEY CLEARLY FAILED. THE ENTIRE SYSTEM IS A DISASTER YET OUR ENTIRE LIVES ARE BASED ON THIS INFO THAT IS NO MORE SECURE THAN 100 BILL LEFT ON A SIDEWALK. THIS IS DISCRACEFUL AND I'M FED UP WITH THE INCOMPETENCE!

Why does Equifax keep people's sensitive information in the first place? Can't they destroy that information when it's been used?

For free. Set up a 90 day fraud alert. Easy: call just one of the credit bureaus, llisren to how to do this while on that same call. Done in 5 minutes. The new fraud alert will be communicated to the other bureaus, again for free. What this prevents: no one can open a credit line in your name unless you verbally authorize it - requires a call to you to authenticate.

Checking to inquire about my EQUIFAX ACCOUNT.

Folks,

Time to write to your congressman to put pressure on top lawyers to put Equifax Execs in Jail. Unless and Until grossly negligent company executives start to understand the consequence of their negligence, the same disaster will repeat itself!

Folks,

Time to write to your congressman to put pressure on top lawyers to put Equifax Execs in Jail. Unless and Until grossly negligent company executives start to understand the consequence of their negligence, the same disaster will repeat itself!

No one EVER asks for the last 6 digits of your social security number! There are WAY too many red flags here, but that was the biggest in my book. I will NEVER give that much information, especially to an agency that was already security compromised. How dumb do they think we are?

In mid-May, 2017, I attempted to make a purchase with my credit card. It was declined. When I got home, I checked my transaction summary for the card on-line. Someone had charged approximately $1200 worth of services and travel to my card. Due to the Office of Personnel Management breach a couple of years ago, I have credit monitoring services. I was notified of a several accounts being opened. I had also received letters in the mail from 3 different credit company's requesting my response if I was still interested in their credit services. None of which I had contacted. All of this in May. At this point, I placed a fraud alert on my credit report. Now, I'm looking at a credit freeze. The credit monitoring service has offered very little in the way of help. I found just as much/more online. I was the one who alerted them to the fraudulent accounts. I was the one who contacted the companies offering credit. I was the one who filled out the fraud documents for one of the credit services in order to prove I wasn't the one who opened the account. And I was the one who had the fraud alert put on my credit report. Oh, they did suggest I contact the Social Security Office regarding my social security number being used fraudulently. The Social Security office all but laughed at me and said the don't change a social security number unless it's a life or death situation.

After you establish that Equifax has no clue as to who has or has not been affected, contact your Rep/Senator and watch them join in protecting these scumbags. Prison garb for all of them.

Lock these scumbags up

They should all be in prison!!!!!!!!!!!!!!!

This is a total outraged. I hope they are fined, and prosecuted, and end up paying monetary damages to all affected, for being such idiots!!!

While I realize that the problem here is with Equifax, I believe that the FTC bears some responsibility in that as far as I know Equifax and the numerous other companies where there have been security breaches have faced no penalties or sanctions of any kind for not protecting our private information. They just make the announcement and everything continues as usual. If each company where a security breach occurs was fined or had to pay money to each individual whose private information was acquired by thieves, I am sure they would quickly find a way to keep our information more secure. As it is now they have no incentive to beef up their systems to make them more secure. The FTC is clearly not doing its job in this matter. I intend to write to my senators and congress person and urge them to hold the FTC accountable for their lack of action in such cases. And I would urge the rest of you to do the same. Otherwise, nothing will happen.

It's about time that we stop the American nonesense approach where all an American company has to do after a breach is say "Oopie," offer some credit monitoring, and then it is all fine. Remember the Target data breach? Me neither....

We should adopt the European approach where the focus is upfront on securing information. That is dictated in a very specific way. Where is our GDPR? Instead, corporate America knows that it is cheaper to clean up the mess than to prevent it in the first place to the detriment of the consumer and the FTC is complicit in this.

DONT TRUST the credit freeze from any of the sites cause your info goes

This about cuts it. I am fed up with our inane techno-worship. We are being brainwashed to believe that technology will solve all our problems when, in fact, it has made life more complicated, difficult, and hazardous. Now, anyone in the world can victimize us, and we haven't a clue who the assailant is. Even if we did, we couldn't reach him. Thank you, technology, for mass victimization of innocent people. I'd rather face someone with a gun, trying to rob me. At least, I know who my assailant is, and he can get no more than I carry in my wallet. Wake up, people!

Do not enroll in any eqifax credit protection program. READ THE FINE PRINT!! You will not be allowed to sue them in the future should something arise from this that you would want to!

Nothing is going to happen to Equifax, not in the capacity it should (being put out of business, huge fines, prison for all who sold sold stock before revealing the breech, etc).

What is monitoring going to do? Nothing...remember the commercials...bank robbery, security guy response to question "arent you going to do anything?" He says no cuz all he does is monitor the bank and then whispers theres a bank robbery happening. They will just monitor it and nothing more.

Equifax gets a 0 rating in all operations of business. Their score in my opinion is at an all time low, can no longer be trusted with the having the power of overseeing the nations most valuable asset (credit). Shut them down. Plain and simple. I do not trust them to have any kind of access to my personal credit file. I fire them for not doing the one job they had...protect our files. I don't want them handling my business. They don't deserve a second chance. All those who have been breeched should have the option of having a new social security number issued. It would be the fair and right thing to do.

My personal information "may" have been impacted. I am okay with that. With Equifax and TransUnion a credit freeze was not possible at this time. Probably overwhelmed. I would imagine they are doing all they can at this time.

Pages

Leave a Comment