You are here

The Equifax Data Breach: What to Do

Share this page

If you have a credit report, there’s a good chance that you’re one of the 143 million American consumers whose sensitive personal information was exposed in a data breach at Equifax, one of the nation’s three major credit reporting agencies.

Here are the facts, according to Equifax. The breach lasted from mid-May through July. The hackers accessed people’s names, Social Security numbers, birth dates, addresses and, in some instances, driver’s license numbers. They also stole credit card numbers for about 209,000 people and dispute documents with personal identifying information for about 182,000 people. And they grabbed personal information of people in the UK and Canada too.

There are steps to take to help protect your information from being misused. Visit Equifax’s website, (This link takes you away from our site. is not controlled by the FTC.)

  • Find out if your information was exposed. Click on the “Potential Impact” tab and enter your last name and the last six digits of your Social Security number. Your Social Security number is sensitive information, so make sure you’re on a secure computer and an encrypted network connection any time you enter it. The site will tell you if you’ve been affected by this breach.
  • Whether or not your information was exposed, U.S. consumers can get a year of free credit monitoring and other services. The site will give you a date when you can come back to enroll. Write down the date and come back to the site and click “Enroll” on that date. You have until January 31, 2018 to enroll.
  • You also can access frequently asked questions at the site.

Here are some other steps to take to help protect yourself after a data breach:

  • Check your credit reports from Equifax, Experian, and TransUnion — for free — by visiting Accounts or activity that you don’t recognize could indicate identity theft. Visit to find out what to do.
  • Consider placing a credit freeze on your files. A credit freeze makes it harder for someone to open a new account in your name. Keep in mind that a credit freeze won’t prevent a thief from making charges to your existing accounts.
  • Monitor your existing credit card and bank accounts closely for charges you don’t recognize.
  • If you decide against a credit freeze, consider placing a fraud alert on your files. A fraud alert warns creditors that you may be an identity theft victim and that they should verify that anyone seeking credit in your name really is you.
  • File your taxes early — as soon as you have the tax information you need, before a scammer can. Tax identity theft happens when someone uses your Social Security number to get a tax refund or a job. Respond right away to letters from the IRS.

Visit to learn more about protecting yourself after a data breach.

Note: This post was updated on October 5, 2017 to reflect that Equifax extended the enrollment period for free credit monitoring from November 21, 2017 to January 31, 2018.




After enrolling (or attempting to) I was sent an email from Equifax to complete the enrollment process which asked 4 multiple choice questions concerning our credit history. They referenced loans we never made- so the enrollment process failed. I cannot enroll. I finally got an email address (the phone bank could not help) and received an automated message and nothing else. We are very concerned!

I did answer the 4 questions for my credit history and was told I activated my credit monitoring service.

I wouldn't completely worry about that, it could be concerning but it also could be a screw up on their end. When i turned 18 and tried to access equifax for the first time to monitor student loans they had some security questions about loans i never applied for from when i was 13. Safe to say my log in and enrollment failed back then because i selected this wasnt me or n/a. After calling the numbers turns out they put wrong security questions on my account as i had not accessed it previously or some stupid answer along those lines

E Graham, If I remember correctly, the request for a free copy of your credit report includes 3 verification questions with 4 multiple choice answers each. At least one of the options is something unrelated for every question is usually unrelated (so if someone picks that, they know it's not you). If all 4 answers to a question are unrelated, then it's possible someone has already used your info (unrelated to this summer's data breach). Somewhere there are instructions on how to fax or snail mail a request saying their system suggests you are "a victim of identity theft so please send me a free report". It worked well for my mom a year ago, we found some bad reports and Equifax eliminated the problems right away, and gave us documentation to send to the other two credit reporting agencies.

When that happened to me someone else's loan at my credit union was posted to my account. But it could also mean that someone used your identity to get a loan.

What I see Equifax needs to pay for anything that needs to be done to protect our cards or anything else that has to do with their issue I'm stolen IDs social securities whatever if not I can see big lawsuits pick them up call my bank tomorrow make sure and and the credit card company everybody be sure and you check your credit anything that has to do with Equifax I guess using them for nothing wasn't the best idea my question is how in the hell did it happen somebody dropped the ball big time

Not to mention, how can they prove it was you who entered the SSN and last name and not someone with the exposed data doing it without your knowledge?

A friend entered for a name a gobble-de-goop of random letters and a last 6 SS number of 123456 and found it was part of the data breach.

Yes I just entered the last name BUNNY and entered 213598
and guess what bunny is part of the breach!! LOL something isnt right here!!!!!

Funny you say that, someone named "Supercalifragilisticexpialidocious" has also had their information compromised.

Thank you! I need laughter with all the stress and anxiety of the heck!

My wife and son both entered their info and were not part of the breech where my info indicated it was.

If someone stole your credit why would they turn around and sign you up for credit protection?

So they have control over the account and can cancel it, and you aren't the one being notified when they go through with using your stolen information to completely ruin your life? Think outside the box, and understand that you're not capable of thinking of every possible variation that can/will happen.

So true!

That is not true.

and why would anybody want a company that has just (months ago) proven it can't look after peoples data, to then keep an eye on their security for a 2nd time?

They are probably the safest of the 3 now.

They've had at least three major breaches within the last 10 years... what makes you think they're suddenly safer?

Wow I wasn't aware of other breaches before. And I've been disputing information that's on my report that doesn't belong to me and they have the nerve to give me a hard time knowing that people's information had been stolen. Where are the laws that protects us from them? They definitely aren't included in the FCRA!

I agree, they are very likely the safest now.. A data breach can happen to the best of them, even those crossing their T's and dotting their I's in regards to security.

Wrong. Don't give your information to a company a second time that just had a breach of millions of records. You think a company this big can plug holes that quickly and competently? Plus that site is not even on the domain.

Unfortunately that's not an option. Any credit lender, bank, utility company that pulls credit, also provides your information to the three credit bureaus. What sucks most about this breach is you don't have any control over them having your info. Unless you stash cash in your mattress and live under a rock, adulting requires you to have a credit report with them.

Well, they DO already have all of your personal information. So what's the harm in giving it to them again? That ship sailed already.

I believe it is not the second time but the third time.

Exactly! I went back to sign up on the specified date and was asked for my full SS number along with other critical info. Why on Earth would I give them that after that they've done!!!!!!!

You are also giving them your info on another website entirely. Not their original website. Who knows if their new, quick set up website is even as secure as their main one? I read an article about some bigwig at Equifax who actually posted a spoof site of where you go to check for the breach-just to teach Equifax how easy it is for Hackers to spoof/breach their website. He made & tweeted the site "securityequifax2017 .com" instead of equifaxsecurity2017. com, and said he got over 20,000 hits of people going to the wrong page.

On their website it indicates that signing up does not bar legal action. That language was removed from the agreement for this incident only. I had read articles about that and hesitating signing up, but apparently consumer backlash forced removal of the arbitration language. Hope this helps


that's not true anymore - they changed it.

I was told the part saying you can't sue was taken out of the fine print when I called. But when I asked what do I do about the charges that already happened because of this breach I got I Dont Know!

I heard this on the news too

They changed that.

Don't enroll in Equifax. Why on earth would anyone enroll in their credit monitoring program when it was their data that was hacked in the first place. Pay for a reputable Identity Protection insurance service. That is the best way to add some protection. Don't trust the credit reporting agencies to protect your data.

Some lawyers have got them to change the wording so you can now. As soon an possible I will be joining a class action lawsuit ASAP. This was negligent and beyond irresponsible

Dear Julia,
I'd join a class action. I got $9.50 from an action against Wells Fargo for cheating mortgage customers. It's worth it just to stand up.

So you can't sue them if you were impacted by the breach and subsequently had ID theft? Does this go into effect if you have them freeze your credit?

How many million could sue? Enjoy your $20 bucks!

I was thinking the same thing. With the amount of breaches and people wanting to sue, we'd be LUCKY to get even $20 bucks.

No ,you will not have to opt out of class action lawsuits

The attorney general of Arkansas said that's no longer true. You can sue.

You are absolutely correct, liars!

I know I found that out to lste. I've never been back to the site but, do u have any other suggestions? Need to get out of that you know!!?

Equifax using legal disclaimers buried in language; so as to avoid class action complaints.
This company is not the consumer's friend.
Congress needs to revisit Equifax and all credit reporting agencies- as their pattern is to accept errors in favor of their clients- WHICH ARE NOT CONSUMERS!

I wouldn't register with them as they are offering the service free for year 1 and from year 2 onwards there is a monthly fee of $19.95 as per information I received. It is important that we know that if we take their free service, we wouldn't be able to join any Class Action suite against them. Also worth to note that the hackers may not use the data say on immediate basis with the intent that is a common perception.

I understand that they dropped the clause about waiving the right to future suits.

Correct. They dropped that clause and their website clarifies this now.

Took me awhile too. Interesting thing-I registered myself and then hours later did my husband. He was given a date two days before mine. Not sure how they come up with the date.

Am I In the Equifax Data Breach, plus date of enrollment

How do I get back to that page to enroll?


Leave a Comment