The Equifax Data Breach: What to Do

Share This Page

If you have a credit report, there’s a good chance that you’re one of the 143 million American consumers whose sensitive personal information was exposed in a data breach at Equifax, one of the nation’s three major credit reporting agencies.

Here are the facts, according to Equifax. The breach lasted from mid-May through July. The hackers accessed people’s names, Social Security numbers, birth dates, addresses and, in some instances, driver’s license numbers. They also stole credit card numbers for about 209,000 people and dispute documents with personal identifying information for about 182,000 people. And they grabbed personal information of people in the UK and Canada too.

There are steps to take to help protect your information from being misused. Visit Equifax’s website, (This link takes you away from our site. is not controlled by the FTC.)

  • Find out if your information was exposed. Click on the “Potential Impact” tab and enter your last name and the last six digits of your Social Security number. Your Social Security number is sensitive information, so make sure you’re on a secure computer and an encrypted network connection any time you enter it. The site will tell you if you’ve been affected by this breach.
  • Whether or not your information was exposed, U.S. consumers can get a year of free credit monitoring and other services. The site will give you a date when you can come back to enroll. Write down the date and come back to the site and click “Enroll” on that date. You have until January 31, 2018 to enroll.
  • You also can access frequently asked questions at the site.

Here are some other steps to take to help protect yourself after a data breach:

  • Check your credit reports from Equifax, Experian, and TransUnion — for free — by visiting Accounts or activity that you don’t recognize could indicate identity theft. Visit to find out what to do.
  • Consider placing a credit freeze on your files. A credit freeze makes it harder for someone to open a new account in your name. Keep in mind that a credit freeze won’t prevent a thief from making charges to your existing accounts.
  • Monitor your existing credit card and bank accounts closely for charges you don’t recognize.
  • If you decide against a credit freeze, consider placing a fraud alert on your files. A fraud alert warns creditors that you may be an identity theft victim and that they should verify that anyone seeking credit in your name really is you.
  • File your taxes early — as soon as you have the tax information you need, before a scammer can. Tax identity theft happens when someone uses your Social Security number to get a tax refund or a job. Respond right away to letters from the IRS.

Visit to learn more about protecting yourself after a data breach.

Note: This post was updated on October 5, 2017 to reflect that Equifax extended the enrollment period for free credit monitoring from November 21, 2017 to January 31, 2018.




good stuff

The recent hacks of Equifax shows how vulnerable our data and sensitive our basic information is become. Hence the the need to be more conscious.

When I check whether I am impacted, I get the following error: The Amazon CloudFront distribution is configured to block access from your country. Typical Equifax.

regardless if they corrected that egregious stealth "opt out of class action lawsuit" when using their site to check your vulnerability, Aren't they required to notify the 145M potential victims? When can we expect to receive such notification? I have found no news story claiming such notifications are due to be sent out.

Equifax made money out of our data and payments, then, this should be their problem and responsibility not ours... if our government were as firm as it is with other easy issues. Who can enforce our rights?

I didn't get any notification.I went to the website I read in the papers.equifaxsecurity2017 and entered my s.s. number and it said I had been breached

So the Equifax system is down. It tells me to call an 1-877 number. When I do this, they tell me the system is down. So is Equifax just unplugging their system and that is their reset or what??

On September 15 I was registered with Equifax as a TrustedID Premier victim and immediately requested my 3 credit bureau reports. I have followed up with Equifax several times.but to date, I have not heard back from them. I can't get through to them. The violation took place 6 months ago. I don't believe they intend to do anything. I sure hope FTC is going to get on their backs and make sure they are not only held accountable but make sure they do what little they promised tod.

well today i just got a mail from equifax informing me that i've been compromised.

a scan of my driver's license that i uploaded online on their website was accessed.

thanks for the very helpful blog post! now i know what to do to combat this.

I don't understand is that why didn't they put the link in their Equfax website which everyone would go there looking for the immediate solution. It is not right that they don't even put this matter in an urgency manner. They should also send out letters for their Maybe Impact Customers. Why the District Attorney doesn't do anything about them?

This blog post some steps you may want to take to protect your information.

At this point I don’t trust Equifax to do right by me, ESPECIALLY if it’s free,

social security administration is behind it all! they hired equifax to the tune of 11 million $ to ck on people to make sure that they werent getting ssi and anything they weren't entitled to from the govt! HOW STUPID!!!! the intelligent way to do this would have been to have citizens take some sort of test and apply for a full or part time job,like with the census, be trained, and paid a decent wage, providing tons of temporary jobs to american citizens till the job was done! IT would've provided needed jobs! not to mention experience that might lead to another job later on. The minute they outsource the corruption begins! taxpayers would have a vested interest in this and where their tax $ goes, instead of a for profit company that only has an interest in their bottom line for their higher ups and shareholders!!!!!

Why is trustedid requiring separate email accounts when some families share an account. Equifax does not require this for their service. Just curious.

Why do they ask for an SSN; they already have it? Everyone and their dog is warned not to give out their SSN, so why should one offer it up now? I am very conflicted about this whole everyone else.

Instead of trying to protect you, this is about selling you something. Sounds like a scam to me. Just monitor your credit report yourself. Federal law allows you to get a free copy of your credit report every 12 months from each of the credit reporting agencies: Experian, Equifax and Transunion. Since there are three of them, you can rotate your free inquiry between companies every 4 months. If you see something out of the ordinary, you file a report directly to the credit agency as well as the accounts affected. I use There are no gimmicks, but as we are all accustomed, there are pitches here and there. Good luck everyone.

Signed up for TrustedID Premier on 9/24 including supplying the most sensitive info possible. Never received email confirmation. Called back on 10/3 and was told that due to the volume, I should wait another couple of weeks... Still have not received anything from them. Called them back today and was told that all my information was 'dropped' and the I should go through the sign-up process again.

EQUIFAX SUCKS! The FTC should shut them down!

Yes, they should be accountable for LIFE. Our data should be protected at no cost to us not just a year free for some automatic software that costs nothing to run on a web server. Let me know when the class action if filed. I suspect they will get off with nothing.... Have to use this for case law, if they can get buy with this with no one being accountable why should I be responsible for any of my actions?

so you want me to go to equifax website and enter 6 numbers of my social security? are you idiots?this is why millions have their info stolen

Some informative comments above. Probably they need to set up some new PIN number system to control all the ID's stolen. They're not going to, unless they do biometrics, and that's asking for an eye ball gouging or a finger amputation by the criminals. If you get your biometrics stolen how can you change that, get new finger prints or a new eyeball? Repubs don't care to protect anybody but the very corporations that they have turned loose on us. The nature of a company, of free enterprise is to make as much money as possible in as short a time as possible. How is the FTC or any other regulatory agency going to control that when the "free market fundamentalists" insist on removing any regulation that stands in the way of their quick and tidy profits? And Trump, a billionaire, cares about working people? How is that even possible? He wouldn't know which end of a shovel is up, never worked a day in his life. Has no respect for anybody unless they've got more money than he, and then only until he can rip them off, so you can imagine what he thinks of the working people who are the backbone of any society. Since Reagan, voters have been suckered to vote against their own interests in favor of those who used to tout pro-gun, anti-gay social platforms and said getting big government off of the back of the people was their platform. Yeah, no big government, so how are we to stand up and fight against some multi-billion-dollar company if they've stomped on us? The old adage, "If you want to live like a republican, vote for a democrat," still holds. But Americans voted for this, and now they're going to see how smart their voting turned out. Welcome back Medieval Dark Ages 2.0.

They're just going to shut down, period. Who's the guy in charge of the EPA? Scott Pruitt, who sued the EPA 15 times as AG of OK. And who's the head of the DOE? Rick Perry from Texas who said DOE is one of the agencies he'd shut down if elected Pres, but he couldn't remember the name of the agency, "Oops", remember him? Now he, like Pruitt run the very same agencies. Think they're gone by now, huh? Why's the FTC still here? They're gonna shut it down, period.

I do NOT a cell phone and do not text. How can I go forward with the security process?

This entire incident has been handled very poorly by Equifax, and the FTC should step in and demand they do more to protect consumers in this case. I placed a credit freeze with them earlier in the year as my mail had been being taken. I just received a letter from Equifax dated Oct. 23 that my credit or debit card information used to place a credit freeze was accessed during the data breach. Really? It took them this long to send this letter regarding a breach announced on Sept. 7? Thank heavens my bank is more on top of it than Equifax. They called me a few weeks ago regarding some suspicious charges on my debit card and immediately canceled that card number. Equifax should take some lessons from them regarding timeliness and customer service.

has anyone talked to an actual person at any of these companies? everytime I try, I only get so far, and then nothing

Absolutely the worst company I have ever dealt with. Nothing on-line happens quickly. All of their waiting times are ridiculous and never accurate. Even confirmations never happen at all. Even worse, their reps are hard to understand and are rude and apparently are under the strain of high call volume. Good luck with dealing with them.

Thanks, Uncle Sam, for being part of the problem.

Why is the FTC OK with consumers being required to inquire whether their information was included in "the breach"? Equifax should be required to notify all affected consumers. For that matter, why does the FTC perpetuate the farce of allowing credit reporting agencies to collect personally identifiable consumer information yet apparently does not require those agencies to implement safeguards against cyber intrusion? If the answer to that is that it is not possible to truly safeguard the data base the next question should be why the hell is collecting and storing that information allowed? That was a rhetorical question. In spite of all the "Harrumphing" for the cameras by Senators and Congressmen it is, after all, about money. Big money.

Too little, too late, now that information I NEVER PROVIDED TO ANY CREDIT REPORTING AGENCY circulates in cyberspace to close the proverbial barn door. Yet it falls to ME to contact this agency to ascertain if my information was "stolen"?

Curious if there will be any criminal indictments of Equifax honchos that very obviously benefited from this "data breach". Probably not. Congressional dog and pony show laughingly called "hearings" on this matter is already yet a fading memory. And on we go.

How did they get the right track and control my information in the first place? Then they control when and how I can view it. And when they mess up I suffer the consequence? This needs to be changed.

The sad part is that I was involved in this when my medical records were breached. They offered Equifax as a safety measure. Gee, thanks! Big help. Truth is, none of us are safe. Just buying gas at the pump with a card is a risk..

When I entered my personal information, it said that my information was breached. I was thinking the same thing as all of the comments regarding the credit company saying to everyone that their data was breached just to get them to sign up for the free year of credit monitoring then nick them a year later with an annual membership. Fortunately, I also have my parents SS#'s and after entering each of their information, their results came up that their information was NOT breached. The following day at work, I had my boss enter his information; his results also came back as NOT breached. All in all, I ended up signing up for the free year of monitoring. They didn't ask me for any payment info (lol - they are a credit reporting company); but at least I can make a decision in a year if I'd like to continue or cancel the service. Good Luck and Health to all.

Can't get Equifax to even email be back so I can confirm registration with them. And when I try to do so for my husband, it tells me the birthdate I'm entering is wrong. They have the wrong information. Have been trying for 3 years to get other bad info corrected on husbands report, including sending notarized documents proving it. Equifax is awful. I finally have had to get help from a lawyer.

I was always told to never give out my ss# to anyone but I went to my trusted Amexpress site and saw it on there so I agreed. I gave my info and then gave it again when I called. I really hope this is safe.

This a bunch of crap. I,will not give you my SS Number. This is fraud and I don’t appreciate it. Take me off your email list and Amy other list. I,thought AT&T were safe.

Why did I just hear about this the end of November? It looks like everyone knew about it in September and October.

Hi, anyone can please provide me the common(similar) points of Equifax & Yahoo data breaches.

Equifax is handling this very poorly. (1) They send out the letter to consumers on an AT&T letterhead, (2) when you look to see the Whois ownership of the URL they send you to, it is not registered to Equifax. It is registered to another party. (3) When I called Equifax to make sure that the URL they referenced in the letter was legit, I spoke to a person whose first language is definitely not English. Are they really taking this seriously?

Got a letter from Equifax When i tried to call the number given I was told that it was incorrect + was given another. Called that, heard someone cough, said "Hello" a few times, hung up, called again + got someone who wanted info that I didn't feel comfortable giving at that point + told him so. Tried to get to the sight to compare phone numbers but the sight wasn't available on a number of tries until today.

I enrolled in Trusted ID Premier on 10/13/17. Contacted Equifax on 11/8, 11/17, 11/22, & 11/29. When I log in, it says there is a "credit lock status error". If Trusted ID Premier offer is their solution per FTC, then FTC needs to make sure it works!!

Why would a consumer that has had their credit breached through a callous, illegal and irresponsible corporation's behavior, be required to pay to release and refreeze credit with ANY of the three credit agencies? Seems as though the Corporation should be covering ANY costs to breached consumers, not only the guilty corporation's. The government that allows these corps to work needs to exercise legal proceedings against guilty corp and force them to provide adequate consumer protection going forward. Equifax broke the law. The protection offered is minimal and inadequate considering the scope of the breach and needs to be upgraded to ensure consumers are sufficiently protected going forward for an extended period of time.

I entered the info to see if my data was impacted and was notified that it may have been. Then to "further protect my data" they need me to enter all my personal information? If they know I was impacted, don't they already have this??? Isn't that how you get a credit report, by entering exactly what was stolen? I think Equifax is taking advantage of people and don't really know if we were impacted. This is some kind of a misguided joke.

I think what is going to happen and when people are going to really find out if their info was stolen or not is during the upcoming tax season. File early before the hackers sell your info and get your taxes filed. Especially if you suspect you will get a refund. I think many people are going to be surprised next tax season when they find out a scammer already filed in their name and their refund is already been sent out.

The real kicker of all of this is that these credit reporting entities gather intel on us as consumers, but we never really "authorized" them to gather and maintain this information on us. To me, this is a sure sign that the custodial efforts of these entities should be scrutinized at a higher level. I would suggest our Congressional members investigate these types of issues more intently.

My info was definitely exposed and has been used to hack into everything I own starting the beginning of November. I didn’t know anything about this certain breech until I searched the Duke Energy Breech that happened in early Dec and seen the article under the Duke power article. I have been through 3 different phones cause every time I get a new one, it gets hacked! That’s because all the phones were through Verizon and on a service agreement which has all the information exposed through Equifax! So no matter if I changed phones or numbers or even email addresses, they were still able to hack into all of them including my desktop windows computer in which they installed a Trojan on it. They hacked my wi-if also! All my passwords on everything I have online were changed like my email, Apple ID, and even changed my Facebook password along with my trusted phone number that allows the owner to change the password if forgotten. I have had my credit cards used for about 800$ Has anyone else had this problem? Also has anyone heard anything about any lawsuits against Equifax? The offering of a free year of monitoring is no where sufficient enough for allowing info that you can’t change like social #, birthdate and your name unless you pay a lot of money to have it legally changed! Meaning people affected will be a target for identity theft for their entire life!

Security breaches are not the only problems at EQ. They do not correct errors in credit reports. I have a 20 year old mortgage that has been paid on time every month. It’s recorded correctly with both TU and EX, but EQ lists it as closed, with a zero balance, little other information except to say it was part of a bankruptcy. They also list as one of my negative factors ... insufficient information on mortgages. I’ve tried for a year to get them to correct this error, even sent them copies of my mortgage statements. The mortgage company assures me they have reported the same information to EQ as to the other two. EQ says it is the mortgage company’s fault because they have no power over how that information gets reported. This is not the only serious error on my EQ report that has gone uncorrected. Errors involving 15 other companies and, yes, EQ has said it’s all the other companies faults because they (EQ) have no control over the data reporting process.

Now this morning, I downloaded a copy of the EQ 3-bureau credit report. The FICO score for EQ matches the score I get when I check on However, there are substantial differences in the scores for the other two bureaus, to the tune of 37 and 42 points. I’m left wondering whether EQ is selling me a seriously defective product or if myFico is the culprit.

Many insurance companies use data supplied by Equifax to LexisNexis in order to "score" the risk you present as an insured. They compare your credit information against other people of similar information to "calculate" what level of risk you are for making a claim!! So now we have two whammies. Not only could I be paying higher insurance premiums based upon someone else's history I've been compared to, I could be paying higher insurance due to the security breach. Just the number of "consumer initiated inquires" by would-be identity thieves is enough to get a lower "insurance score" resulting in higher premiums. Might want to check your "score" and COMPLAIN to your state's Insurance Commissioner and representatives to start. The whole premise behind this "scoring" is seriously flawed and is now compounded by this security breach!

just trying to find out why my visa credit card is no longer valid, keeps getting declined. called visa, they have no idea, said to contact Experian?? I've never been late nor do I owe any moneys on the card. what is going on?????

It is an insult to the injury to have Equifax now demand that I pay $10 on my credit card to freeze my accounts with them.

My information was compromised. They tried to buy a car, a cell phone and amx and wells fargo credit cards so far, all online. So far they have not been approved and was treated as suspicious activity and reported. I entered my info here too and it did say I was compromised. I have to put a freeze on my credit and inform everyone they hit!

Thanks for the great information. You have done it very succinctly.

I wish it was possible to opt out of credit reporting all together! I don't use credit why is my information stored there. We need to take a page out of the EU General Data Protection Regulation.

Equifax and other credit bureaus stand to make money and are profitable AFTER a credit breach. They all sell their services AFTER a YEAR FREE of using them... This is currently in legislation and hopefully the laws will be rewritten to change this travesty..


Leave a Comment

Comment Policy