You are here

The Equifax Data Breach: What to Do

Share this page

If you have a credit report, there’s a good chance that you’re one of the 143 million American consumers whose sensitive personal information was exposed in a data breach at Equifax, one of the nation’s three major credit reporting agencies.

Here are the facts, according to Equifax. The breach lasted from mid-May through July. The hackers accessed people’s names, Social Security numbers, birth dates, addresses and, in some instances, driver’s license numbers. They also stole credit card numbers for about 209,000 people and dispute documents with personal identifying information for about 182,000 people. And they grabbed personal information of people in the UK and Canada too.

There are steps to take to help protect your information from being misused. Visit Equifax’s website, (This link takes you away from our site. is not controlled by the FTC.)

  • Find out if your information was exposed. Click on the “Potential Impact” tab and enter your last name and the last six digits of your Social Security number. Your Social Security number is sensitive information, so make sure you’re on a secure computer and an encrypted network connection any time you enter it. The site will tell you if you’ve been affected by this breach.
  • Whether or not your information was exposed, U.S. consumers can get a year of free credit monitoring and other services. The site will give you a date when you can come back to enroll. Write down the date and come back to the site and click “Enroll” on that date. You have until January 31, 2018 to enroll.
  • You also can access frequently asked questions at the site.

Here are some other steps to take to help protect yourself after a data breach:

  • Check your credit reports from Equifax, Experian, and TransUnion — for free — by visiting Accounts or activity that you don’t recognize could indicate identity theft. Visit to find out what to do.
  • Consider placing a credit freeze on your files. A credit freeze makes it harder for someone to open a new account in your name. Keep in mind that a credit freeze won’t prevent a thief from making charges to your existing accounts.
  • Monitor your existing credit card and bank accounts closely for charges you don’t recognize.
  • If you decide against a credit freeze, consider placing a fraud alert on your files. A fraud alert warns creditors that you may be an identity theft victim and that they should verify that anyone seeking credit in your name really is you.
  • File your taxes early — as soon as you have the tax information you need, before a scammer can. Tax identity theft happens when someone uses your Social Security number to get a tax refund or a job. Respond right away to letters from the IRS.

Visit to learn more about protecting yourself after a data breach.

Note: This post was updated on October 5, 2017 to reflect that Equifax extended the enrollment period for free credit monitoring from November 21, 2017 to January 31, 2018.




You have to type in your needed info. You can not copy and paste, you have to use keystrokes on the keyboard. If the birth date or any information pre-fills, thats no good. You have to type the information in.

I understand Equifax is providing a credit freeze at no charge for a short period of time. Individuals impacted will have to pay the other 2 for this issue caused by Equifax. In addition, depending on state, Equifax will charge you to release the freeze later when seeking credit. This seems to unjustly increase the Equifax revenue stream in the future due to the breach. Each state is different, but at the high end, this is $10 per release, etc. With 143 million individuals impacted, this is a significant amount of revenue all 3 credit reporting agencies will be obtaining. (Granted, not all 143 million will do this, and $10 is the max per agency). This will amount to millions.

Credit monitoring and freezes are inadequate. A criminal can still use your data to cause you immense pain and suffering. The only solution is new social security numbers and credit account numbers. Also need new Medicare ID numbers. Equifax should be responsible for all of it and for fixing any problems. Email your federal elected officials and lean on them hard!

Have now in over a week tried to get a credit freeze set up via Equifax. Their system does not work. They gave me a date the second time I tried, only to be sent back to their opening page on the date they gave me. I must have filled in the forms on their website five times or more. Lately I was promised an email which would enable me to register the credit freeze. Needless to say, no email have arrived.

An additional caution - the first 5 numbers of your social security number can be deduced from your date of birth and location. The last 4 digits are the'secure' part. Those are the ones you should be the most cautious to give out.

An additional caution - the first 5 numbers of your social security number can be deduced from your date of birth and location. The last 4 digits are the'secure' part. Those are the ones you should be the most cautious to give out.

"may have been impacted" What does that mean?

Equifax is not providing online credit reports through Equifax asked me to mail them a request and a dozen pieces of mail before they'd grant my request. FTC please make Equifax provide online credit reports!!! THEY are the reason we are in this mess; the least they can do is make the inquiry and identity protection process easier for the millions of people they harmed.

No, Equifax must contact all that are affected. They must make this right, not just sluff if off on the people they harmed by saying "your on your own... Oh, we will give you 1 free trial year to credit monitoring, but after that you have to pay..."

This wouldn't have been as huge a deal if the hackers hadn't gotten out SSNs. We need a federal public law enacted requiring the SSA to re-issue SSNs to all who request them. The law should then make it a civil offense for any company to require you to give them your SSN. The law additionally needs to require all credit agencies to replace all SSNs in their records by an account number of their own creation and obliterate all records of SSNs from their records. Further, said credit agencies must submit to mandatory spot-checking by the FTC (or other Federal agency) to verify said law has be n complied with.

What happens after a year? My birthdate and social security number will stay the same for the rest of my life.

I do believe other action should taken on this.

Has anyone checked to see how much stock Equifax executives have in these credit protection companies, like LifeLock and others that advertise keeping your information safe? interesting thought, huh.

I tried to register including my wife, however neither of us are getting the so-called confirmation emails. Has this happened to anyone?

My posts aren't showing up, but I'll try again... A friend and I both registered last Wednesday, and some family members did a few days ago as well. None of us has received an email -- and I'm checking my spam folder constantly.

Yes, same for me, registered last Wednesday, still no email. I called the customer support number today and was told to just re-enroll and wait for the email again. When I tried to re-enroll, it just looped me back to the same page to enter my name and partial SSN over and over and over. When I called customer support back, I was told to wait two more days for the email and call back if I didn't receive it. I'm done with them, going to pursue through the Texas Attorney General.

I am very worried, I checked my/husband's ss numbers and was told we were affected. When I attempted to get to the screen to get their month of free protection, it asked for personal info, said we will email you soon after the info was entered, also said to "check spam" for the next steps, I am certain now that in my paranoia to get some protection for us, I now believe that I gave a spammer my info. They had a reCaptcha, but it only had the check box. I am certain it was the Equifax website. I am reading that people should have gotten a date to go back and apply, I was not given a date. Have I been scammed?

The thief(ves) could be inside the equifax.They took the Equifax database and sold customers'info to marketers for money. Can the government do anything about this breach?

In the same way i can get a new credit card number, we should change our social security systems to allow for new SSN's to be issued.
It's absurd that a breach like this will haunt us for the rest of our lives, when a change in SSN could fix this quickly.

fedup, aren't all the creditors that we trusted with our info also responsible for not being a good custodian of the info?

People are worried about class action lawsuits when they should be worried about their information. Class action suits only benefit lawyers and not consumers. We should be able to sue them individually and have Congress put them on a grill and into the pen!
And the only way to rectify is to have free credit freezes for life, if that helps.

It took me a while but the site said I may have been impacted by the breach. I was able to put an alert and a freeze on all 3: Equifax & Experian at no charge but Transunion charged $10 for the alert & another $10 for the freeze. I also sent a complaint to my State Attorney General per his request on the local news.

The bottom line is that The US Govt should declare this credit company weak and irresponsible. President Trump should tell them "YOU ARE FIRED". Who needs this credit company anyway. No us the consumers. They can keep their freaking score numbers. I don't need a freaking score. My credit rating is in the septic tank anyway. Just saying.

I have been trying for three days to get the free credit monitoring , all I get is a window saying be patience . This is BS . Be patience well may accounts are hacked!

Enrollment process is totally useless --- keeps defaulting to a page requesting last name and last six of social security number. Called help line and was referred to another phone number for "help in enrolling" but that phone number is constantly busy. Apparently Equifax doesn't want anybody to enroll.

Just went to Equifax website and everything went smoothly. I was told that I will receive an email shortly to complete the process. They worked out the bugs. Yea

i applied for 1 year data protection. So far, I have not received an email that will allow me for data protection. It was told within a week an email will be sent but nada. I might have lost again name address 6 digits of SSN for enrollment purposes. What acrap.

I followed all the instructions on the site to enroll for the "complimentary" protection. It's been a week and still have not received email confirmation for my enrollment. I've called several times and they act as if they can't hear me well or tell me to call back b/c their system acting up. So fake! We need answers not excuses.

They are probably going to continue blowing us off until people just give up. It is not like they are actually going to do anything even if we successfully complete the sign up for the complementary protection.

I am one of the people effected by the Equifax security breach. I completed the form online and was told I will receive an email. That was 7 days ago. Today I called them and got someone named Otis (no last name-said it was private!). He said I would get the email in 10 days and that it would have a confirmation number. When I asked what that confirmation number would do for me, he couldn't tell me. Finally he said it would monitor my credit report. I asked what "monitoring" meant and he couldn't tell me. He said they just know that if someone asks for my credit report, they know it isn't me. Then he said, they know because they would ask me for my SS#. When I pointed out that the hackers know my SS#, he said I was dumb and excitable. When I asked to talk to a supervisor, he said they didn't exist. Are these the type of people they are using in their call center? It's not my fault this breach happened, it's theirs. There is no email to write to them.

TrustedID is not working, even if you have your account set up. Mine is now fully set up and I just received an email indicting a credit alert from TrustedID regarding activity on my account, but their online site keeps crashing, so I cannot see or evaluate the nature of the alert. The solution offered by Equifax is becoming useless vapor and failing in its essential purpose.

Also, the TrustedID alert/fraud phone line identified in the e-mail gives me a BUSY SIGNAL!!

SSA should issue everyone who may be affected a new social security number (which can be linked to the old number in SSA's data base) BEFORE any ID theft actually occurs!

The worst part about that is that to use SSA or VA websites you need to have your information verified by...Equifax.

Why does the federal government rely on an incompetent company and the answer to fix the problem is to go back to said incompetent company?

Even worse, the federal govt's online sites with Social Security and the Veteran's Administration all require you to "verify identity" using Equifax.

Then the federal government pushes out this Equifax website nonsense.

The fed should themselves be addressing this critical problem with critical information as the incompetent company has caused enough problems.

Gee I'm looking at my SS card and it says "to be used for social security and tax purposes NOT FOR IDENTIFICATION" thanks Mr Politician for voiding my protection!!!!

What an absolute disgrace. Still have yet to receive any response or email from Equifax after enrolling in their TrustedID service. We enrolled almost a week ago and have contacted them as well and still get the same run around. Like many people we'll be filing a complaint with our State Attorney General's office.

I went to the Equifax website @ I typed in my last name and the last 6 digits of my Social Security number. The result indicated I was affected by the Equifax data breach and to sign up my personal information for TrustedID. Next I returned to type in my family’s last name and last 6 digits of their Social Security numbers. The results indicated all were affected by the Equifax data breach and to sign up their personal information for TrustedID, Again I returned to type in make-believe last names and make-believe Social Security numbers. The results indicated all were affected by the Equifax data breach and to sign up their personal information for TrustedID, The conclusion is Equifax TrustedID does not do a real data search on real people’s names & their Social Security numbers. Even bogus names & bogus Social Security numbers give the same results that everyone affected were affected. Do not trust Equifax.

Equifax is either continuing to demonstrate their complete incompetence or they are just outright scamming the public. Three steps are required to obtain the Trusted ID (ha ha ha isn't that name ironic?) I finally received notice that “It is time to take the final steps in enrolling in your free product, TrustedID Premier, by verifying your identity. To do this, you’ll need to answer some questions about yourself. Successfully completing this step will conclude your enrollment process and activate your product.” When you use the link provided with this email, it restarts the whole process. This is after waiting more than a week for the email. I guess we're on our own.

That sight......www. equifaxsecurity2017. com is just trying to get your money..........DON'T USE IT!

After creating an account login and answering the questions to activate TrustedID Premier, I received this message:

"Enrollment Error: We are unable to activate you online. Please contact Customer Service at 1.877.394.7074."

I called the number at about 8:00 pm Mountain Time; was on hold for 15 minutes; and then spoke with a representative for 5 minutes answering identity confirmation questions, e.g., "How much is your monthly car payment?"

The rep instructed me to wait 15 minutes and then click the activation link in the email again. I did that, logged in to my TrustedID account, and received a message saying my TrustedID enrollment was "processing", which is what the rep said it would say.

This is ALL unbelievable! We are stuck to terms we never agreed to, creditors who sale our personal info as if it were theirs, slaves to a credit system that makes the poor pay more, the rich pay less (if anything at all!)and bound by a system that limits our rights when we are victimized, but hand down the gauntlet when we late one payment. Does any of this sound fair? Just? American?

This whole concept seems absurd to me. The three credit reporting agencies collect personal, private data on individuals and now, in order to help ensure the data is kept private, we will need to pay $10. Then, when we apply for credit, we will need to pay an additional $10 to unfreeze it, then another $10 to refreeze it.
I think I'll open a credit reporting agency.

Went to sign up for free Trusted ID Premier. All OK until they required a cell number for a text message ---
"We will attempt to verify your identity by a one-time passcode sent via text to your mobile phone number. Standard text message and data rates apply."

I have never sent or received a text message and have no way to do so. They offer no alternative (e.g., email) means of verifying or sending passcode.

I just like to know where to go to sue Equifax, it is what all consumers affected should do.

I won't enter my SS No on their site or any site. I will continue to closely monitor all my accts like I always do. Be diligent people! Don't rely on these crooks!

I do not want to enter my information into a site that is known for allowing a breach to occur. Do you think they have actually fixed everything already? Furthermore, the comments indicating their site does not work properly indicate they don't have good programming practices. Yet we are told to enter our info to find out if we are at risk. No, they need to fix this without getting more information. Notify those at risk, rather than asking everyone to give them more info.

If may husband and I have had credit together for over 50 years, do we need to freeze credit in both names?

You and your husband might have joint accounts for credit cards or your mortgage, but you have individual social security numbers, birthdays, names, identities and credit reports.


You each have a personal credit report in your name that includes information about where you have lived, accounts you have had, how you have paid your bills, and whether you’ve been sued or have filed for bankruptcy.

If a thief gets your personal information, or your husband's, and you don't have a freeze on the credit report, the thief could open new accounts in that name. Read more about Credit Freezes.

I can not sign up for the free credit monitoring because of the requirement that I have a cell phone, which I do not, to text a one time passcode. I only have a land line so I cannot receive text messages. How am I supposed to sign up for this? Why can't they use my email address. This is crazy.


Leave a Comment