The Equifax Data Breach: What to Do

Share This Page

If you have a credit report, there’s a good chance that you’re one of the 143 million American consumers whose sensitive personal information was exposed in a data breach at Equifax, one of the nation’s three major credit reporting agencies.

Here are the facts, according to Equifax. The breach lasted from mid-May through July. The hackers accessed people’s names, Social Security numbers, birth dates, addresses and, in some instances, driver’s license numbers. They also stole credit card numbers for about 209,000 people and dispute documents with personal identifying information for about 182,000 people. And they grabbed personal information of people in the UK and Canada too.

There are steps to take to help protect your information from being misused. Visit Equifax’s website, www.equifaxsecurity2017.com. (This link takes you away from our site. Equifaxsecurity2017.com is not controlled by the FTC.)

  • Find out if your information was exposed. Click on the “Potential Impact” tab and enter your last name and the last six digits of your Social Security number. Your Social Security number is sensitive information, so make sure you’re on a secure computer and an encrypted network connection any time you enter it. The site will tell you if you’ve been affected by this breach.
  • Whether or not your information was exposed, U.S. consumers can get a year of free credit monitoring and other services. The site will give you a date when you can come back to enroll. Write down the date and come back to the site and click “Enroll” on that date. You have until January 31, 2018 to enroll.
  • You also can access frequently asked questions at the site.

Here are some other steps to take to help protect yourself after a data breach:

  • Check your credit reports from Equifax, Experian, and TransUnion — for free — by visiting annualcreditreport.com. Accounts or activity that you don’t recognize could indicate identity theft. Visit IdentityTheft.gov to find out what to do.
  • Consider placing a credit freeze on your files. A credit freeze makes it harder for someone to open a new account in your name. Keep in mind that a credit freeze won’t prevent a thief from making charges to your existing accounts.
  • Monitor your existing credit card and bank accounts closely for charges you don’t recognize.
  • If you decide against a credit freeze, consider placing a fraud alert on your files. A fraud alert warns creditors that you may be an identity theft victim and that they should verify that anyone seeking credit in your name really is you.
  • File your taxes early — as soon as you have the tax information you need, before a scammer can. Tax identity theft happens when someone uses your Social Security number to get a tax refund or a job. Respond right away to letters from the IRS.

Visit Identitytheft.gov/databreach to learn more about protecting yourself after a data breach.

Note: This post was updated on October 5, 2017 to reflect that Equifax extended the enrollment period for free credit monitoring from November 21, 2017 to January 31, 2018.

 

 

Comments

Checked the Equifax link and it said I was impacted. Have been trying since Sept. 13th to enroll in their credit monitoring with no success. I have checked my spam and junk mail folders and nothing there. Have tried calling Equifax and after many, many redials was put on hold for over an hour and a half and finally gave up.

I got this when I checked for potential impact: "Based on the information provided, we believe that your personal information was not impacted by this incident."
Do I need to do anything further? Can I trust their data protection offer?

Your website, email contact, phone contact are all horrible! One is sent from one email to another, to another phone number to another website and there is never a human being to talk to!!! It is absolutely the WORST customer service. I just spent over two hours to finally get a person!!!!!

Just who authorized these three Credit Companies to gather my financial information to put in their computer? I certainly did not. So, does this constitute stealing my intangible assets by these three credit companies? If so, they are liable for all my losses if they ALLOW hackers to steal my personal information from their computers. Also, I like to see a LAW enacted to prevent any company to take my personal information without my specific written permission. That surely will put these credit companies out of business and NO HACKERS will be able to hack in to steal 143 million accounts from them any more.

'Just so you know, the "free" credit monitoring they are offering is a joke. The process is lengthy, convoluted, and designed to get the consumer to give up before completing the process. Waited on the e-mail, filled out all the stuff on the website, FAIL, you must call this number, call number, spend 15min provideing same info entered in website, then they want me to tell them what DAY I opened I obtained a credit card that was cancelled and closed yrs ago!!! Oh you can't remember? well we can't enroll you so sorry! It's a big public relations scam, "Well we offered free monitoring but they didn't want it"......total scam!!!

So, let me get this straight, as others have clearly pointed out Equifax has our personal information and that information has potentially been acquired by nefarious hackers through a security breach. Equifax's wonderful "solution" to this problem is to offer those some, potentially compromised consumers a free one-year enrollment in their identity-theft protection. Which, after the one-year period, would involved an on-going charge. As has been pointed out by many, this is completely wrong. But, what bothers me even more is that their incompetence and lack of care will potentially cause us harm. They possess our personal information and have been careless in their stewardship and now it is OUR responsibility to take all the actions that the FTC and Equifax are outlining. OUR responsibility? Forgive me, if I harm or potentially harm another, it would seem that the responsibility lies with me. Why, in this situation, do they not bear the responsibility to make it right? I have to freeze my accounts? I have to continuously check my credit reports? I have to subscribe to their service? I have to pay fees to unfreeze credit and to continue their service? All of the responsibility for their incompetence is placed in our laps. Why are they not PAYING us for their lack of care, lack of security, and negligence? Yes, FTC-spokesperson, I understand that ultimately I am responsible for my identity and, yes, I understand that in applying for credit - (unfortunately, a very necessary EVIL in the modern world) - I have "given permission" for their credit reporting agencies to "possess" my information. But, still, I am to responsible for their incompetence? They are still MY possessions - not theirs! THEY HAVE DONE THE DAMAGE, not me! And so I ask you, should not THEY bear the complete burden to make it right? I am OUTRAGED!

As far as I'm concerned, Equifax should extend credit monitoring (FOR FREE) for life for those affected. Social security numbers & driver license numbers last a life time.

I don't feel comfortable in giving them the last 6 digits of my social security number when asking if I have been compromised. Normally giving 4 is not safe and they want 6???

resolution are going to have to be the GOP lawmakers the lovers of big business ..who will have no interest in protecting American workers....they will do nothing against Equifax..but we can do something about them...vote them out....

we should all file our ownlawsuits if we do a class action we would get pennies butif we all hire our own law firm we would get paid, it sucks that our personal info is in the hands of some criminals than EQUIFAX want t play games on the world wide web with fake websites tricking us to once again input our info for no results to be found on their website... im just saying

I tried entering my info and all I got was some kind of error message stating they couldn't verify anything. Which is typical!

Information collection companies should be held accountable for peoples' information under HIPAA rules and regulations!

For one, there is NO reason for these companies to exist. The people on this planet did very well without them for centuries. They are nothing but frauds and tyrants. They don't care about you or your information. They don't care if THEY put the WRONG information on YOUR account or put YOUR information on someone ELSES account! This is THEIR job to keep this stuff organized, correct, and SAFE, not YOUR job!

And now they want you to PAY them money to keep YOUR information SAFE, when this is supposed to be their #1 job!?!

This seems to be a HUGE scam to me, in order for them to make BILLIONS more off of people by charging them for "security"!!!! Nobody, and I mean NOBODY should have to pay for security, when this is part of THEIR job!!!!!

And they didn't catch anything for TWO months? That seems EXTREMELY fishy to me!!! I was in retail for many years, and I've seen all sorts of scams out there, and THIS REEKS OF A SCAM!!!

ANY company that holds your private information should be bound by EXTREMELY strict laws, like HIPAA!!! Their #1 duty is to protect that information, and make sure THEY accurately have the CORRECT information in your account! Otherwise they are FRAUDS and SCAM artists!

If they have your SS number, there isn't much of anything you can do anyway. And the SS wont let you change your SS number, without you starting "all over again", so you loose any possible benefits you would get from SS when you retire or get hurt.

It just all reeks to highly of a massive scam to me!

So AGAIN Equifax DID NOT DO they homework! When I went to sign up for their "TrustedId Premier Product" since our credit info may have been compromised...my husband's SSN went through but mine wouldn't because I was using the same email. SOOOOOO, I called. OHHHH, we'd have to set up a new email. REALLLLLLY?? you haven't inconvenienced people enough that now you expect them to have to set up new emails to have to monitor in order to monitor their credit?? SO irritating! And what are the consequences for Equifax??? My time is valuable and I don't want to have to have another email to worry about. So stupid and AGAIN irresponsible on Equifax's part. The credit monitoring company is a third party - but Equifax should have looked into this and made it as simple as possible for the people who were affected. Such losers.

Last we read the "legalize" on this "credit watch" many is signing up for? You may be signing away (compromising your legal rights) to sue if anything happens. Criminals have your SSA # for life. They offer one year of limited protection. How is that compensation?

They frozen my account why?

I just applied for the TrustedID free credit monitoring and at the end of the form it asked for cell phone number to verify identity. As soon as I hit continue I received a text. I was expecting a pin number that I would need to enter, instead I received a text from a local phone number. "im william. May ask you name is?" I did not respond, but call the number listed for Equifax-TrustedID. I was told this was not in response to the cell number being put in the form, but I disagree. I do not text and rarely receive them. And it occurred immediately after hitting continue. I told the person I spoke with that if it was not from them, then someone has hacked into the form. He said not to worry it was probably a coincidence. I disagreed again and he said he would talk to his manager about it, but I really doubt he will. Has anyone else had this happen? It makes me even more concerned about this whole problem and my vulnerability.

Why are these comments not in chronological order?

I don't trust any of these things. Experian had commercials that you could go to their site to find out if your information was on the black web. All it came back with was my email address. To find out more, I had to pay. Now I'm getting, very obvious hacking emails that have the word Experian in them Contacted Experian but got no response.

thank you for this information

According to the equinox site my info was compromised. Signed up for their monitoring service. Now I am receiving texts and emails suggesting suspicious activity on my credit report which could be a scam too. ALL Equifax execs should be in jail, govt should seize company assets because there will be. HUGE class action suit down the road.

If equifax is at fault which they are. Then why do need to pay a fee to freeze my account ? The government should make Equifax pay the fee . They are getting away scot free. The person who is responsible for this should be held accountable. There should be a class action lawsuit for this one. START A PETITION AND MAKE eQUIFAX PAY

Equifax is charging $14.95 a month for their "Gold" credit report with three agencies" watch. Make sure that you are not activating that service.

I had my identity stolen by the 3 themselves a few years ago. Don't trust any of them. Took me 2 years to to get my records straight after they mixed me up with another person with my first name only aNd one number difference in our SS numbers. Had a hard time getting them to understand that I wasn't two people even tho the ss numbers were different. I had excellent credit aNd the other lady had bad credit. I was denied credit and had to get a friend at the bank to get my report for me so I could find out what was going on. I ordered my report aNd they sent me my reports along with hers and all of her info. Was afraid to let her know cause I didn't want her to go online aNd get my info. I still get calls from her creditors every now aNd then but they all finally got most of the info straight. Be careful of the agencies themselves.

I'm a victim of ID theft, I can't tell you all the pain I have gone through for the past 7 months. Today, I received another letter from Capital one regarding my "credit card application", of course, I never applied. this would be the 2nd time the same bank sent me such notifications even I have previously reported them about ID theft and asked them to stop process all the credit card applications. they told me they have stopped. but now it comes again. Why can they set up a national database for all the Stolen SSN, if a ID theft victim reports SSN as stolen, all the credit card agencies & banks should be alerted when the thieves use the victim's SSN to apply new card. the victim can have a special pin number to verify his/her true identity.

Did you file an identity theft report at IdentityTheft.gov?

IdentityTheft.gov is the federal government website where you can report ID theft, create a report to law enforcement, and get the letters you need to send to creditors, banks and credit reporting agencies. You can create an an account and recovery plan to track progress.

Me too. Terrible system, always feel like a sitting duck.

We as people need to stand up an fight for are rights we the people trusting the so called we on that grown status we know what we are doing an with out are consent are whole life story personal information is out there and at any given moment people will mill an wait to attack are trust funds etc and we all need to sue equifax we are worth billions we all like there minions we need to stand up look up history when we had gold an silver an wat came they borrowed from are ancestors so reality we have secret funds hidden in the secret societies lets stand up people

Equifax has lost all my credit information for the past 5 years. Their customer service reps and the managers I have spoken to have all said all my creditors need to report my information to them. I explained to them they have been, and I have proof with old credit reports. They keep telling me there is nothing they can do. This is insane. I have been trying to fix this for the last 2 weeks. This has put me in such a bad situation.

ihave been part of the data breach

No date was given for me at all. Once I clicked on the sign up button & filled out all of the info, the "Continue" button was not active and "frozen".....?

This company should not be in business anymore, period. And should take all financial responsibility for everyone who got effected by this breach.

"If you are a victim of identity theft and have created an Identity Theft Report, you may want to place an extended fraud alert or a credit freeze on your credit file". Since EQUIFAX is unable or unwilling to divulge whose information was put at risk, it would seem in the public's best interest for the FTC/Congress to mandate that the "Extended Fraud Alert" be amended to allow all consumers to put this 7 year option on their credit files. It is free and doesn't require constant fees be paid to the reporting agencies, of which ONE of them is RESPONSIBLE for this in the first place! Pls advise if this is even being considered? We should not have to continue to pay for their (Equifax, et al) negligence.

Do not sign up free for 1 year with Equifax! There’s a disclosure when you signing for free monitoring that says “you are agreeing that you will not sue us if you sign up for this free monitoring if there’s group lawsuits! Which there are in 15 states!

Ok, so what do we do for the long term?, I like how the media is avoiding mentioning anything about the permanent damage that has been done to millions of americans, once your Social Security number and other personal information is out there, you are permanently screwed, sure, everyone is always vulnerable to indentity theft, but now that half of the country's information is out there, its way easier for thiefs to get you for everything you have and ruin your life, its only a matter of time, its a lottery you don't want to win.

Why is it always blamed on the President when things don't go according to plan. The Equifax breach could possibly have been done by the government but it is still the companies responsibility to protect your information, not the President. The question here is what is going to happen to Equifax for selling stock and letting the American people down.

we don't know if we will be given the truth or not because they don't want to be liable
who can we trust

I received a mail to continue the enrollment in their protection system, but whenever I have tried to complete the enrollment, it is not possible because I get an error message:

'System Unavailable - We are unable to process your request at this time. Please try again soon.'

So I assume that will be never.

This is awful and sad that nothing is private or safe!!

If there is no privacy and we have no choice in who has access to our private information, what are we to do in the case of these security breaches that keep happening?

This blog post lists some steps you can take to protect your information. You can start by checking your credit reports.

I was told I had 3 months of free service. Not so they are charging me 19.95 a month. I cancelled it on my credit card last month and they charged me again in sept and October. Hopefully I got it stopped this time.

THE FTC SITE SAYS, "Visit Equifax’s website, www.equifaxsecurity2017.com. (This link takes you away from our site. Equifaxsecurity2017.com is not controlled by the FTC.)

Find out if your information was exposed. Click on the “Potential Impact” tab and enter your last name and the last six digits of your Social Security number. "

THERE IS NO POTENTIAL IMPACT TAB ON THE EQUIFAXSECURITY SITE

Equifax changed the words on its site since we wrote the blog. You can click on the phrase "Am I impacted?"

Well they down right lied tome. Said I was not impacted but my AMEX card was used in Tokyo to charge over $300.00 and I've never used that card online so it had to come from them. So even tho they said NO - - THEY LIED!!!!

There is no longer a "potential impact" Tab???????

Equifax changed the words on its site since we wrote the blog. You can click on the phrase "Am I impacted?"

good stuff

The recent hacks of Equifax shows how vulnerable our data and sensitive our basic information is become. Hence the the need to be more conscious.

When I check whether I am impacted, I get the following error: The Amazon CloudFront distribution is configured to block access from your country. Typical Equifax.

regardless if they corrected that egregious stealth "opt out of class action lawsuit" when using their site to check your vulnerability, Aren't they required to notify the 145M potential victims? When can we expect to receive such notification? I have found no news story claiming such notifications are due to be sent out.

Equifax made money out of our data and payments, then, this should be their problem and responsibility not ours... if our government were as firm as it is with other easy issues. Who can enforce our rights?

Pages

Leave a Comment

Comment Policy