The Equifax Data Breach: What to Do

Share This Page

If you have a credit report, there’s a good chance that you’re one of the 143 million American consumers whose sensitive personal information was exposed in a data breach at Equifax, one of the nation’s three major credit reporting agencies.

Here are the facts, according to Equifax. The breach lasted from mid-May through July. The hackers accessed people’s names, Social Security numbers, birth dates, addresses and, in some instances, driver’s license numbers. They also stole credit card numbers for about 209,000 people and dispute documents with personal identifying information for about 182,000 people. And they grabbed personal information of people in the UK and Canada too.

There are steps to take to help protect your information from being misused. Visit Equifax’s website, (This link takes you away from our site. is not controlled by the FTC.)

  • Find out if your information was exposed. Click on the “Potential Impact” tab and enter your last name and the last six digits of your Social Security number. Your Social Security number is sensitive information, so make sure you’re on a secure computer and an encrypted network connection any time you enter it. The site will tell you if you’ve been affected by this breach.
  • Whether or not your information was exposed, U.S. consumers can get a year of free credit monitoring and other services. The site will give you a date when you can come back to enroll. Write down the date and come back to the site and click “Enroll” on that date. You have until January 31, 2018 to enroll.
  • You also can access frequently asked questions at the site.

Here are some other steps to take to help protect yourself after a data breach:

  • Check your credit reports from Equifax, Experian, and TransUnion — for free — by visiting Accounts or activity that you don’t recognize could indicate identity theft. Visit to find out what to do.
  • Consider placing a credit freeze on your files. A credit freeze makes it harder for someone to open a new account in your name. Keep in mind that a credit freeze won’t prevent a thief from making charges to your existing accounts.
  • Monitor your existing credit card and bank accounts closely for charges you don’t recognize.
  • If you decide against a credit freeze, consider placing a fraud alert on your files. A fraud alert warns creditors that you may be an identity theft victim and that they should verify that anyone seeking credit in your name really is you.
  • File your taxes early — as soon as you have the tax information you need, before a scammer can. Tax identity theft happens when someone uses your Social Security number to get a tax refund or a job. Respond right away to letters from the IRS.

Visit to learn more about protecting yourself after a data breach.

Note: This post was updated on October 5, 2017 to reflect that Equifax extended the enrollment period for free credit monitoring from November 21, 2017 to January 31, 2018.




social security administration is behind it all! they hired equifax to the tune of 11 million $ to ck on people to make sure that they werent getting ssi and anything they weren't entitled to from the govt! HOW STUPID!!!! the intelligent way to do this would have been to have citizens take some sort of test and apply for a full or part time job,like with the census, be trained, and paid a decent wage, providing tons of temporary jobs to american citizens till the job was done! IT would've provided needed jobs! not to mention experience that might lead to another job later on. The minute they outsource the corruption begins! taxpayers would have a vested interest in this and where their tax $ goes, instead of a for profit company that only has an interest in their bottom line for their higher ups and shareholders!!!!!

Why is trustedid requiring separate email accounts when some families share an account. Equifax does not require this for their service. Just curious.

Why do they ask for an SSN; they already have it? Everyone and their dog is warned not to give out their SSN, so why should one offer it up now? I am very conflicted about this whole everyone else.

Instead of trying to protect you, this is about selling you something. Sounds like a scam to me. Just monitor your credit report yourself. Federal law allows you to get a free copy of your credit report every 12 months from each of the credit reporting agencies: Experian, Equifax and Transunion. Since there are three of them, you can rotate your free inquiry between companies every 4 months. If you see something out of the ordinary, you file a report directly to the credit agency as well as the accounts affected. I use There are no gimmicks, but as we are all accustomed, there are pitches here and there. Good luck everyone.

Signed up for TrustedID Premier on 9/24 including supplying the most sensitive info possible. Never received email confirmation. Called back on 10/3 and was told that due to the volume, I should wait another couple of weeks... Still have not received anything from them. Called them back today and was told that all my information was 'dropped' and the I should go through the sign-up process again.

EQUIFAX SUCKS! The FTC should shut them down!

Yes, they should be accountable for LIFE. Our data should be protected at no cost to us not just a year free for some automatic software that costs nothing to run on a web server. Let me know when the class action if filed. I suspect they will get off with nothing.... Have to use this for case law, if they can get buy with this with no one being accountable why should I be responsible for any of my actions?

so you want me to go to equifax website and enter 6 numbers of my social security? are you idiots?this is why millions have their info stolen

Some informative comments above. Probably they need to set up some new PIN number system to control all the ID's stolen. They're not going to, unless they do biometrics, and that's asking for an eye ball gouging or a finger amputation by the criminals. If you get your biometrics stolen how can you change that, get new finger prints or a new eyeball? Repubs don't care to protect anybody but the very corporations that they have turned loose on us. The nature of a company, of free enterprise is to make as much money as possible in as short a time as possible. How is the FTC or any other regulatory agency going to control that when the "free market fundamentalists" insist on removing any regulation that stands in the way of their quick and tidy profits? And Trump, a billionaire, cares about working people? How is that even possible? He wouldn't know which end of a shovel is up, never worked a day in his life. Has no respect for anybody unless they've got more money than he, and then only until he can rip them off, so you can imagine what he thinks of the working people who are the backbone of any society. Since Reagan, voters have been suckered to vote against their own interests in favor of those who used to tout pro-gun, anti-gay social platforms and said getting big government off of the back of the people was their platform. Yeah, no big government, so how are we to stand up and fight against some multi-billion-dollar company if they've stomped on us? The old adage, "If you want to live like a republican, vote for a democrat," still holds. But Americans voted for this, and now they're going to see how smart their voting turned out. Welcome back Medieval Dark Ages 2.0.

They're just going to shut down, period. Who's the guy in charge of the EPA? Scott Pruitt, who sued the EPA 15 times as AG of OK. And who's the head of the DOE? Rick Perry from Texas who said DOE is one of the agencies he'd shut down if elected Pres, but he couldn't remember the name of the agency, "Oops", remember him? Now he, like Pruitt run the very same agencies. Think they're gone by now, huh? Why's the FTC still here? They're gonna shut it down, period.

I do NOT a cell phone and do not text. How can I go forward with the security process?

This entire incident has been handled very poorly by Equifax, and the FTC should step in and demand they do more to protect consumers in this case. I placed a credit freeze with them earlier in the year as my mail had been being taken. I just received a letter from Equifax dated Oct. 23 that my credit or debit card information used to place a credit freeze was accessed during the data breach. Really? It took them this long to send this letter regarding a breach announced on Sept. 7? Thank heavens my bank is more on top of it than Equifax. They called me a few weeks ago regarding some suspicious charges on my debit card and immediately canceled that card number. Equifax should take some lessons from them regarding timeliness and customer service.

has anyone talked to an actual person at any of these companies? everytime I try, I only get so far, and then nothing

Absolutely the worst company I have ever dealt with. Nothing on-line happens quickly. All of their waiting times are ridiculous and never accurate. Even confirmations never happen at all. Even worse, their reps are hard to understand and are rude and apparently are under the strain of high call volume. Good luck with dealing with them.

Thanks, Uncle Sam, for being part of the problem.

Why is the FTC OK with consumers being required to inquire whether their information was included in "the breach"? Equifax should be required to notify all affected consumers. For that matter, why does the FTC perpetuate the farce of allowing credit reporting agencies to collect personally identifiable consumer information yet apparently does not require those agencies to implement safeguards against cyber intrusion? If the answer to that is that it is not possible to truly safeguard the data base the next question should be why the hell is collecting and storing that information allowed? That was a rhetorical question. In spite of all the "Harrumphing" for the cameras by Senators and Congressmen it is, after all, about money. Big money.

Too little, too late, now that information I NEVER PROVIDED TO ANY CREDIT REPORTING AGENCY circulates in cyberspace to close the proverbial barn door. Yet it falls to ME to contact this agency to ascertain if my information was "stolen"?

Curious if there will be any criminal indictments of Equifax honchos that very obviously benefited from this "data breach". Probably not. Congressional dog and pony show laughingly called "hearings" on this matter is already yet a fading memory. And on we go.

How did they get the right track and control my information in the first place? Then they control when and how I can view it. And when they mess up I suffer the consequence? This needs to be changed.

The sad part is that I was involved in this when my medical records were breached. They offered Equifax as a safety measure. Gee, thanks! Big help. Truth is, none of us are safe. Just buying gas at the pump with a card is a risk..

When I entered my personal information, it said that my information was breached. I was thinking the same thing as all of the comments regarding the credit company saying to everyone that their data was breached just to get them to sign up for the free year of credit monitoring then nick them a year later with an annual membership. Fortunately, I also have my parents SS#'s and after entering each of their information, their results came up that their information was NOT breached. The following day at work, I had my boss enter his information; his results also came back as NOT breached. All in all, I ended up signing up for the free year of monitoring. They didn't ask me for any payment info (lol - they are a credit reporting company); but at least I can make a decision in a year if I'd like to continue or cancel the service. Good Luck and Health to all.

Can't get Equifax to even email be back so I can confirm registration with them. And when I try to do so for my husband, it tells me the birthdate I'm entering is wrong. They have the wrong information. Have been trying for 3 years to get other bad info corrected on husbands report, including sending notarized documents proving it. Equifax is awful. I finally have had to get help from a lawyer.

I was always told to never give out my ss# to anyone but I went to my trusted Amexpress site and saw it on there so I agreed. I gave my info and then gave it again when I called. I really hope this is safe.

This a bunch of crap. I,will not give you my SS Number. This is fraud and I don’t appreciate it. Take me off your email list and Amy other list. I,thought AT&T were safe.

Why did I just hear about this the end of November? It looks like everyone knew about it in September and October.

Hi, anyone can please provide me the common(similar) points of Equifax & Yahoo data breaches.

Equifax is handling this very poorly. (1) They send out the letter to consumers on an AT&T letterhead, (2) when you look to see the Whois ownership of the URL they send you to, it is not registered to Equifax. It is registered to another party. (3) When I called Equifax to make sure that the URL they referenced in the letter was legit, I spoke to a person whose first language is definitely not English. Are they really taking this seriously?

Got a letter from Equifax When i tried to call the number given I was told that it was incorrect + was given another. Called that, heard someone cough, said "Hello" a few times, hung up, called again + got someone who wanted info that I didn't feel comfortable giving at that point + told him so. Tried to get to the sight to compare phone numbers but the sight wasn't available on a number of tries until today.

I enrolled in Trusted ID Premier on 10/13/17. Contacted Equifax on 11/8, 11/17, 11/22, & 11/29. When I log in, it says there is a "credit lock status error". If Trusted ID Premier offer is their solution per FTC, then FTC needs to make sure it works!!

Why would a consumer that has had their credit breached through a callous, illegal and irresponsible corporation's behavior, be required to pay to release and refreeze credit with ANY of the three credit agencies? Seems as though the Corporation should be covering ANY costs to breached consumers, not only the guilty corporation's. The government that allows these corps to work needs to exercise legal proceedings against guilty corp and force them to provide adequate consumer protection going forward. Equifax broke the law. The protection offered is minimal and inadequate considering the scope of the breach and needs to be upgraded to ensure consumers are sufficiently protected going forward for an extended period of time.

I entered the info to see if my data was impacted and was notified that it may have been. Then to "further protect my data" they need me to enter all my personal information? If they know I was impacted, don't they already have this??? Isn't that how you get a credit report, by entering exactly what was stolen? I think Equifax is taking advantage of people and don't really know if we were impacted. This is some kind of a misguided joke.

I think what is going to happen and when people are going to really find out if their info was stolen or not is during the upcoming tax season. File early before the hackers sell your info and get your taxes filed. Especially if you suspect you will get a refund. I think many people are going to be surprised next tax season when they find out a scammer already filed in their name and their refund is already been sent out.


Leave a Comment

Comment Policy