The Equifax Data Breach: What to Do

Share This Page

If you have a credit report, there’s a good chance that you’re one of the 143 million American consumers whose sensitive personal information was exposed in a data breach at Equifax, one of the nation’s three major credit reporting agencies.

Here are the facts, according to Equifax. The breach lasted from mid-May through July. The hackers accessed people’s names, Social Security numbers, birth dates, addresses and, in some instances, driver’s license numbers. They also stole credit card numbers for about 209,000 people and dispute documents with personal identifying information for about 182,000 people. And they grabbed personal information of people in the UK and Canada too.

There are steps to take to help protect your information from being misused. Visit Equifax’s website, www.equifaxsecurity2017.com. (This link takes you away from our site. Equifaxsecurity2017.com is not controlled by the FTC.)

  • Find out if your information was exposed. Click on the “Potential Impact” tab and enter your last name and the last six digits of your Social Security number. Your Social Security number is sensitive information, so make sure you’re on a secure computer and an encrypted network connection any time you enter it. The site will tell you if you’ve been affected by this breach.
  • Whether or not your information was exposed, U.S. consumers can get a year of free credit monitoring and other services. The site will give you a date when you can come back to enroll. Write down the date and come back to the site and click “Enroll” on that date. You have until January 31, 2018 to enroll.
  • You also can access frequently asked questions at the site.

Here are some other steps to take to help protect yourself after a data breach:

  • Check your credit reports from Equifax, Experian, and TransUnion — for free — by visiting annualcreditreport.com. Accounts or activity that you don’t recognize could indicate identity theft. Visit IdentityTheft.gov to find out what to do.
  • Consider placing a credit freeze on your files. A credit freeze makes it harder for someone to open a new account in your name. Keep in mind that a credit freeze won’t prevent a thief from making charges to your existing accounts.
  • Monitor your existing credit card and bank accounts closely for charges you don’t recognize.
  • If you decide against a credit freeze, consider placing a fraud alert on your files. A fraud alert warns creditors that you may be an identity theft victim and that they should verify that anyone seeking credit in your name really is you.
  • File your taxes early — as soon as you have the tax information you need, before a scammer can. Tax identity theft happens when someone uses your Social Security number to get a tax refund or a job. Respond right away to letters from the IRS.

Visit Identitytheft.gov/databreach to learn more about protecting yourself after a data breach.

Note: This post was updated on October 5, 2017 to reflect that Equifax extended the enrollment period for free credit monitoring from November 21, 2017 to January 31, 2018.

 

 

Comments

Cannot get past the robot images. They are unclear.

I just called the Equifax hotline to see if my credit card information was stolen. The first time I got a busy signal. The second time I got a lady who knew nothing, and could only parrot to go to the website. I told her I had and that my information "may have" been taken. She asked if I signed up yet for the protection. I told her my date is not until tomorrow. That was all she could do. No nuggets of information. No help. There is no way to provide feedback to Experian. This whole thing reeks of incompetence. I don't use Experian. How did my info exist there to be taken anyway?

One easy way to add security to the very vulnerable SSN system is to add 2-factor authentication such as phone (call or text response to confirm) for any changes, updates, queries, etc. We should have laws to protect us with such enforcement.

Your computer has viruses? It's not Microsoft's fault for having such a bad operating system. It's your fault for not having anti-virus.

Your medical bills are too high? It's not the healthcare industry's fault that their prices for care are too high. It's your fault for not having insurance to cover it.

Your identity got hacked? It's not the credit bureau's fault for being hacked. It's your fault for not buying identity theft protection.

COME ON! Let's put the responsibility here on the big companies, and fix the problems where they start, rather than trying to fix everything with insurance! This is ridiculous!!!!

do employers who give employees data to "the work number" have to report this cyber hack? This is more than credit report information, it is payroll information

I entered "Equifax" as last name with 123456 as last 6 digits of SSN in the "potential impact" and the result was ...YES with invitation to sign up for credit protection blah blah.
Out of fun I tried BINLADEN and it also gave you the same result.
Equifax is on really top of the problem!!

Everyone here has 2 Senators and a Congressman.
I suggest we quit dealing with Equifax, and instead write our 3 representatives in Washington, the FTC, and Attorney General Jeff Sessions (5 letters in total) and request that they require Equifax to provide credit monitoring and fraud alert for free for every "customer" affected by this malfeasance.

Continue wouldn'let me go

How about this? I enter my name and 6 numbers, tell them I'm not a robot, submit and then my virus program stops transmission and says that "This site may have caused damage to your computer"...

Can we trust this process on this page? I don't think so. I don't know how we can even trust our credit history into the future with the other two reporting agencies! This whole entire system of credit reporting is compromised. How in the world do we go forward in trusting credit information from any of them? It seems we are at the crossroads of an impending overhaul. Perhaps I should start keeping my money under a mattress and disregard giving any agency the authority to tell me how worthy I am of anything!!! The greed of those execs! Totally disgusted.

this is NOT a good situation!! You work hard for years and years to have excellent credit and it can be ruined with this breach!!
I agree vehemently that Equifax should do something.... and the FTC should police it....

Don't bother calling the number either. Total waste of time. The lady just directed me back to the website that was not working.

Please notice the http address at the top of the page where you check to see if you are impacted... it is a http address for checking to see if you are eligible for their ID service. They didn't even bother to change the http address to something like 'http:// determine impactstatus. com' . They just rerouted all of America to their service knowing you'll be screwed in a year if you don't pay to renew.

Probably hacked by a credit monitoring service just to convince you to pay their ridiculous monthly monitoring fee.....

What happens after a year? I mean, it's widely known they're only covering you for a year so all those persons with your information just have to wait for that period of time to pass. And then what? We're liable to pay because Equifax messed up? Will there be further protections provided after that time?

I just attempted to place a fraud alert with Equifax and couldn't. I followed all the prompts in the automated system, and when I was all finished, the system told me to notify them by mail. They said to include a copy of my social security card, a copy of a bill showing my address and to enlarge any items with small print. The list of items required was lengthy. Clearly, they did not want to place the alert.

When signing up for their protection, they want your social security number. I don't like giving that out, especially over the internet. That isn't safe either is it?

Seems odd to me they want you to enter all your personal info to register for their free monitoring. You'd think they have that on file. Lord knows the hackers have it on file.

Or maybe I'm just DaZeD aNd CoNfUzEd?
.

This is BS. I entered smith 224567 and it said I may have been compromised. Try it. On the 3rd false name I got "may have" been compromised. I tried it again later with the same name and number and it said I was not compromised. BS

I have not bothered trying to go to the Equifax site knowing any response would be crap. It seems to me the only solution is to force our representatives to do what is necessary. The only real way to "force" them is by our vote. We need to let them know that we will not stand for their usual "FAVOR" big business or the usual "DO NOTHING".
I have read numerous good ideas and we do need to either call our Congressmen and Senators or email them with our expectations.
The first thing I think should be done is for Equifax to notify each individual affected and tell them exactly what was stolen.
Next, Equifax should pay to have credit monitoring from the other two agencies and their site for free. They should be required to pay for a credit freeze/remove as requested, and /or placing a Fraud Alert on an account if requested. Of course , these provisions would be for life as the data can't be changed. They should be made to pay "ALL" costs associated with any fraudulent use of the information stolen and what ever is needed to clean up that use.
To me, those items would be a good start and when you contact your "Reps" please mention those item along with what ever else you feel should be stated.
We all know Republicans favor "Big Business" over us peons, but the Democrats are not that far behind which makes punishment unlikely. However, with the number of people involved in this "BREACH" and the "TRUST" we put in the Government to protect us in matters like this, if we stick together in the warning of the power of the "VOTE", we become a very, very "BIG Business".
I think there are a few things that would be a good start, like a fine of hundreds of dollars for each day Equifax failed to notify each individual that their information was stolen and exactly what that information was. So say $500.00 for 21\2 months and over half the US population--My mind boggled! That should put the Gov't in the black.{It will help anyway}.
Have whichever Gov't Agency[S] apply and give them real power to enforce and fine and then have the agency"{S} oversee the rebuilding the security at Equifax and having said agency hire hackers to ensure the system is as safe as it can bee. All of that paid for by Equifax, including the wages of any Gov't personnel and hackers hired by the gov't.
They should be closely monitored by the appropriate agency for as long as it takes for said agency to trust Equifax to follow the rules and guidelines set forth by the agency. Then continued "UNANNOUNCED" spot checks with the ability to levy huge fines for dropping the ball when the overseers left.
OK, this is long enough, but you get the heart of the matter. Sticking together in our desire to see some real punishment and huge fines for the sloppy guarding of our information that was taken and used without our permission in the first place. Also that it should be the responsibility of the people that lost that information to now step up and take responsibility and instead of trying to make money from us for their errors, they need to be providing what protection is available for free.

was my data breached

Maybe the Russians were behind this hack.

Social Security and Medicare are in jeopardy as well and that may be the most lasting damage to the system. Dispute resolution for identity theft here may well take citizens long months or years.

Note: even SSA and Medicare refer to us on their sites as "consumers" in the same manner as Equifax referring to us as "customers". We are not either! We are citizens, supposedly, and better fight to regain that formerly honorable status.

The Credit Bureaus are criminal enterprises that should be shut down immediately. I tried to obtain my "free" credit report, and two of the three would not let me get the report guaranteed to me by law due to "system issues." I then attempted to place a freeze on my credit to protect me and my family from the criminal breech perpetrated by the negligence of Equifax. Guess what - two of the three either wanted me to send documents and information in writing (delaying the freeze by days to weeks), or their systems were "unavailable." On top of that, there is no way to actually reach a human for assistance. That is absolutely criminal, considering how much sensitive data they have about Americans, and how exposed many of us are right now. We need to shut them down.

The "Potential Impact" tab that Equifax has on their site is a joke. Enter any made up last name and any 6 numbers and it will always say the same thing "Based on the information provided, we believe that your personal information was not impacted by this incident."

My credit has been frozen for years. Did these hackers also retrieve the information needed such as password, pin, user name that I have to use to lift the freeze temporarily?

Click on the “Potential Impact” tab. Where is the tab?

i already have transunions monitoring because IBM 'lost'files with my personal data. Equifax was the one that let a bill collector put a bad debt on my report when all he had in common with me was the the name 'smith', different ssn, different address, different first and middle names. just smith, and they ruined my credit for months. cyber security is important, but the federal government isn't doing much becuase admitting there is cyber security problems is apparently admitting russia helped trump win. i guess on the good side, i no longer have any money to worry about.

Equifax should not ask us to enter our personnel information to be monitored. They should monitor all accounts that are in question because it was there mistake not ours

It's time to switch what identifying information is used with so many people being compromised. I'm ready for an eye scan or something like that. Too many people being affected for years to come with social security numbers, etc.

This is a crap link. It's not accurate. They are not searching a database for your information and whether or not it was breached. I used a fake name and numbers (123456), it said the same thing as when I typed in my last name and digits. They are just trying to trap you into something.

We SHOULD be concerned that buying ID protection from the same credit agencies that can't secure our personal data is contradictory. All three have a vested interest in this issue because they will earned hundreds of millions of $$ from the monthly fees for these locking and freezing and monitoring services. Nearly all of what these packages offer we can acquire ourselves, but there's a huge convenience of having it done for us, which is what we are supposedly paying for, along with insurance for losses due to fraud. If you're looking for a personal ID security blanket, the only way to dodge the conflicts of interest shared by Equifax, Experian and Transunion and still get the convenience of a one-stop service provider is to go third party. It's no coincidence that Symantec (SYMC, owner of Lifelock) is up 13+% since 9/5.

I checked Equifax site & was told I may have been impacted. Tried to enroll in the Trusteer but never got email with link. I also tried putting a credit freeze only account but got a msg that they were unable to service request. Try agto the large volume of customers.
I called their Call Center and was told to wait an hr to get the email due
to large volume.

DOES ANYONE KNOW HOW I JOIN ANY OF THE CLASS ACTION LAWSUITS BEING FILED?? I'VE GOOGLED BUT IT DOESN'T EXACTLY SAY. AM I ONLY BOUND TO MY STATE FOR A LAWSUIT OR IS IT FEDERAL?

Equifax should be forced to close up shop. My husband and I have had credit freezes for at all 3 credit reporting agencies for approx 3 years. We were involved in the Target breach and a Blue Cross breach and now this Equifax breach pops up. The credit freezes get expensive if you live in a state that allows the "Big 3" to charge you for signing up for the credit freeze. You are charged individually (not by household) at each agency. Then you must pay individually
To remove the freezes each time you are attempting to finance something. Each agency assigns you a password that you must use each time you visit their website and attempt to access your information. Beware the consequences if you lose your password or it just simply will not work. Two years ago we were buying a small tractor. My husband's Equifax password would not work. He had to send a letter requesting a new password with copies of his drivers license, Social Security card, and 2 pieces of mail with his name and address on it (credit card bill, utility bill). We even included a copy of his passport. He received a letter denying his request stating the request was done incorrectly. We went through the process again and received a letter stating they had no record of us living at the address we provided-10 years at the address at that time and everything that was sent to them had the address on it. We had bought a couple of vehicles since moving there, so there is no way Equifax did not have information that we lived there unless they had not updated our files in over 10 years He never received a new password. I bought the tractor. Equifax is incompetent and should no longer be permitted to operate. If everyone would band together and make a commitment to call the Congressional switchboard once a day indefinitely to demand that Congress take action on the issue of these data breaches and impose stiff penalties it will work. If people will start calling and asking other people to call it will overwhelm the system . The number is toll free , so call and leave messages for your senator and ongressman/woman demanding the gov take action on this issue. Start this grassroots movement and watch it grow. This issue is important to all of us.

FYI to other people contemplating a credit freeze. Today after submitting the form on Transunion's website for $10 which worked; I tried placing one on Experian's site (even though $11.01 while WA's legal fee supposed to be $10 max). Experian would not process my freeze requet even though I just done my annual free report through them about aweek before Equifax disclosure.

Rejection said I have to mail a copy of my DL, utility bill, and SS# so of course will use certified which costs about $8 and means standing in line. Then have to hope mail not lost/stolen.

I tried calling; after 45 minute wait she transferred me; gave up after hour total. Then called state of WA's department regulating finance... waste of time too.

This can be fixed by immediately making it mandatory that anyone wanting to issue credit must receive written permission by the individual by writing to the address of record supplied by the credit gathering entity. Mail will be forwarded by post office if person has moved. Doing otherwise would be a cause for a law suit.

I've never contacted or used Equifax, nor any other agency. How could they possibly have my personal info?

Isn't it great that Equifax waits 2 months to disclose this breach while their CEO's are dumping their stock.

I have a concern. I checked, saw that my information may have been impacted and decided to enroll in TrustedID Premier. (I decided to do this because I'm confident that I'll still have recourse if I have problems with this particular breach.) I've read on this site and also on the Equifax pages that I would be given a date to return to enroll. My concern is that I was able to enroll immediately. I contacted Equifax and asked about this and they told me not to worry and that I am ahead of the curve. This whole thing makes me nervous and suspicious. I wonder if if this is another layer of the back. Does anyone have any thoughts or input?

You must see the deliberate intent of lapse data and the profits of credit monitoring at the prime rate of $19.95 per month one year after their breach. This is so convoluted. You FTC folks need to make them pay for an entof credit monitoring for all 145 million people they violated.

In order to freeze my credit report in California I need a police report ID - otherwise I need to pay. Does anyone know how to get the police (or FBI) report ID for that Equifax filed the data breach? Did they file a police report?

This Equifax recommendation isn't found on their "Equifax major breach" as reported from the FTC.
Here's Equifax's advisory,
"Find out if your information was exposed. Click on the “Potential Impact” tab and enter your last name and the last six digits of your Social Security number. Your Social Security number is sensitive information, so make sure you’re on a secure computer and an encrypted network connection any time you enter it. The site will tell you if you’ve been affected by this breach."
Equifax show how to do this impossible task!

Do both husband and wife need to put these freezes on their accounts or can one do it and the other is protected since joint credit accounts? Don't want to go through the process twice if don't need to.

You and your wife each have individual credit reports. Each person's report shows their name, social security number, accounts, history of paying bills, whether they've been sued and other information. Your credit report includes much more information than your joint credit cards.

Your credit report is a history of all the loans and credit you've taken as an adult, and your wife's report shows her history.

If you put a credit freeze on your credit file, it will be harder for someone to open a new account in your name. It won't stop a thief from making charges to accounts you already have. If your wife puts a credit freeze on her credit file, it will make it harder for anyone to open new accounts in her name.

So, like everyone, I'm concerned about the data breach at Equifax. I've done freezes at Equifax and Experian. I finally got partially through the Trans Union maze until I read the "terms of service agreement ". I'm no attorney but it sounds like you forfeit the right to legal recourse if they screw up. We need better protection. Congress and FTC need to look after consumers better. This cronyism between Congress and these scumbags has to stop.

Just a thought, but if your data was compromised and you took the recommended steps wouldn't it be some what point less. For example if some one potentially has your SSN, address, drivers license number, and etc. They could easily remove any security measures or road blocks you put in their path, such as putting a security freeze on your credit.

Why aren't any of hollywood people crying foul? Are they not subject to this breach of security information? Everyone has social security numbers and most have credit card and bank account information. Something is not the way it appears to be.

use your banks to do the vigilance of tracking your accounts. They charge a smaller fee. Next freeze your accounts so all 3 can loose money. If half the population does this, well they will crumble, sell more of their stock and put out more BS to try and get us Sheeple back.

OK dont freeze your accounts a pay them the fee. Lets all put our heads together and figure a way to have them freeze our accounts for free. Let "our voice" be heard.

Pages

Leave a Comment

Comment Policy