The Equifax Data Breach: What to Do

Share this page

If you have a credit report, there’s a good chance that you’re one of the 143 million American consumers whose sensitive personal information was exposed in a data breach at Equifax, one of the nation’s three major credit reporting agencies.

Here are the facts, according to Equifax. The breach lasted from mid-May through July. The hackers accessed people’s names, Social Security numbers, birth dates, addresses and, in some instances, driver’s license numbers. They also stole credit card numbers for about 209,000 people and dispute documents with personal identifying information for about 182,000 people. And they grabbed personal information of people in the UK and Canada too.

There are steps to take to help protect your information from being misused. Visit Equifax’s website, www.equifaxsecurity2017.com. (This link takes you away from our site. Equifaxsecurity2017.com is not controlled by the FTC.)

  • Find out if your information was exposed. Click on the “Potential Impact” tab and enter your last name and the last six digits of your Social Security number. Your Social Security number is sensitive information, so make sure you’re on a secure computer and an encrypted network connection any time you enter it. The site will tell you if you’ve been affected by this breach.
  • Whether or not your information was exposed, U.S. consumers can get a year of free credit monitoring and other services. The site will give you a date when you can come back to enroll. Write down the date and come back to the site and click “Enroll” on that date. You have until January 31, 2018 to enroll.
  • You also can access frequently asked questions at the site.

Here are some other steps to take to help protect yourself after a data breach:

  • Check your credit reports from Equifax, Experian, and TransUnion — for free — by visiting annualcreditreport.com. Accounts or activity that you don’t recognize could indicate identity theft. Visit IdentityTheft.gov to find out what to do.
  • Consider placing a credit freeze on your files. A credit freeze makes it harder for someone to open a new account in your name. Keep in mind that a credit freeze won’t prevent a thief from making charges to your existing accounts.
  • Monitor your existing credit card and bank accounts closely for charges you don’t recognize.
  • If you decide against a credit freeze, consider placing a fraud alert on your files. A fraud alert warns creditors that you may be an identity theft victim and that they should verify that anyone seeking credit in your name really is you.
  • File your taxes early — as soon as you have the tax information you need, before a scammer can. Tax identity theft happens when someone uses your Social Security number to get a tax refund or a job. Respond right away to letters from the IRS.

Visit Identitytheft.gov/databreach to learn more about protecting yourself after a data breach.

Note: This post was updated on October 5, 2017 to reflect that Equifax extended the enrollment period for free credit monitoring from November 21, 2017 to January 31, 2018.

 

 

Comments

I was always told to never give out my ss# to anyone but I went to my trusted Amexpress site and saw it on there so I agreed. I gave my info and then gave it again when I called. I really hope this is safe.

This a bunch of crap. I,will not give you my SS Number. This is fraud and I don’t appreciate it. Take me off your email list and Amy other list. I,thought AT&T were safe.

Why did I just hear about this the end of November? It looks like everyone knew about it in September and October.

Hi, anyone can please provide me the common(similar) points of Equifax & Yahoo data breaches.

Equifax is handling this very poorly. (1) They send out the letter to consumers on an AT&T letterhead, (2) when you look to see the Whois ownership of the URL they send you to, it is not registered to Equifax. It is registered to another party. (3) When I called Equifax to make sure that the URL they referenced in the letter was legit, I spoke to a person whose first language is definitely not English. Are they really taking this seriously?

Got a letter from Equifax When i tried to call the number given I was told that it was incorrect + was given another. Called that, heard someone cough, said "Hello" a few times, hung up, called again + got someone who wanted info that I didn't feel comfortable giving at that point + told him so. Tried to get to the sight to compare phone numbers but the sight wasn't available on a number of tries until today.

I enrolled in Trusted ID Premier on 10/13/17. Contacted Equifax on 11/8, 11/17, 11/22, & 11/29. When I log in, it says there is a "credit lock status error". If Trusted ID Premier offer is their solution per FTC, then FTC needs to make sure it works!!

Why would a consumer that has had their credit breached through a callous, illegal and irresponsible corporation's behavior, be required to pay to release and refreeze credit with ANY of the three credit agencies? Seems as though the Corporation should be covering ANY costs to breached consumers, not only the guilty corporation's. The government that allows these corps to work needs to exercise legal proceedings against guilty corp and force them to provide adequate consumer protection going forward. Equifax broke the law. The protection offered is minimal and inadequate considering the scope of the breach and needs to be upgraded to ensure consumers are sufficiently protected going forward for an extended period of time.

I entered the info to see if my data was impacted and was notified that it may have been. Then to "further protect my data" they need me to enter all my personal information? If they know I was impacted, don't they already have this??? Isn't that how you get a credit report, by entering exactly what was stolen? I think Equifax is taking advantage of people and don't really know if we were impacted. This is some kind of a misguided joke.

I think what is going to happen and when people are going to really find out if their info was stolen or not is during the upcoming tax season. File early before the hackers sell your info and get your taxes filed. Especially if you suspect you will get a refund. I think many people are going to be surprised next tax season when they find out a scammer already filed in their name and their refund is already been sent out.

The real kicker of all of this is that these credit reporting entities gather intel on us as consumers, but we never really "authorized" them to gather and maintain this information on us. To me, this is a sure sign that the custodial efforts of these entities should be scrutinized at a higher level. I would suggest our Congressional members investigate these types of issues more intently.

My info was definitely exposed and has been used to hack into everything I own starting the beginning of November. I didn’t know anything about this certain breech until I searched the Duke Energy Breech that happened in early Dec and seen the article under the Duke power article. I have been through 3 different phones cause every time I get a new one, it gets hacked! That’s because all the phones were through Verizon and on a service agreement which has all the information exposed through Equifax! So no matter if I changed phones or numbers or even email addresses, they were still able to hack into all of them including my desktop windows computer in which they installed a Trojan on it. They hacked my wi-if also! All my passwords on everything I have online were changed like my email, Apple ID, and even changed my Facebook password along with my trusted phone number that allows the owner to change the password if forgotten. I have had my credit cards used for about 800$ Has anyone else had this problem? Also has anyone heard anything about any lawsuits against Equifax? The offering of a free year of monitoring is no where sufficient enough for allowing info that you can’t change like social #, birthdate and your name unless you pay a lot of money to have it legally changed! Meaning people affected will be a target for identity theft for their entire life!

Security breaches are not the only problems at EQ. They do not correct errors in credit reports. I have a 20 year old mortgage that has been paid on time every month. It’s recorded correctly with both TU and EX, but EQ lists it as closed, with a zero balance, little other information except to say it was part of a bankruptcy. They also list as one of my negative factors ... insufficient information on mortgages. I’ve tried for a year to get them to correct this error, even sent them copies of my mortgage statements. The mortgage company assures me they have reported the same information to EQ as to the other two. EQ says it is the mortgage company’s fault because they have no power over how that information gets reported. This is not the only serious error on my EQ report that has gone uncorrected. Errors involving 15 other companies and, yes, EQ has said it’s all the other companies faults because they (EQ) have no control over the data reporting process.

Now this morning, I downloaded a copy of the EQ 3-bureau credit report. The FICO score for EQ matches the score I get when I check on myFico.com. However, there are substantial differences in the scores for the other two bureaus, to the tune of 37 and 42 points. I’m left wondering whether EQ is selling me a seriously defective product or if myFico is the culprit.

Many insurance companies use data supplied by Equifax to LexisNexis in order to "score" the risk you present as an insured. They compare your credit information against other people of similar information to "calculate" what level of risk you are for making a claim!! So now we have two whammies. Not only could I be paying higher insurance premiums based upon someone else's history I've been compared to, I could be paying higher insurance due to the security breach. Just the number of "consumer initiated inquires" by would-be identity thieves is enough to get a lower "insurance score" resulting in higher premiums. Might want to check your "score" and COMPLAIN to your state's Insurance Commissioner and representatives to start. The whole premise behind this "scoring" is seriously flawed and is now compounded by this security breach!

just trying to find out why my visa credit card is no longer valid, keeps getting declined. called visa, they have no idea, said to contact Experian?? I've never been late nor do I owe any moneys on the card. what is going on?????

It is an insult to the injury to have Equifax now demand that I pay $10 on my credit card to freeze my accounts with them.

My information was compromised. They tried to buy a car, a cell phone and amx and wells fargo credit cards so far, all online. So far they have not been approved and was treated as suspicious activity and reported. I entered my info here too and it did say I was compromised. I have to put a freeze on my credit and inform everyone they hit!

Thanks for the great information. You have done it very succinctly.

I wish it was possible to opt out of credit reporting all together! I don't use credit why is my information stored there. We need to take a page out of the EU General Data Protection Regulation.

Equifax and other credit bureaus stand to make money and are profitable AFTER a credit breach. They all sell their services AFTER a YEAR FREE of using them... This is currently in legislation and hopefully the laws will be rewritten to change this travesty..

its their fault, they know who was breached.. They should have notified all invoived.. Let the goverment start class action..

In Sept. 2017 I did as instructed to enroll with Equifax. I was told I would be notified by email to complete the process. I never heard any more.

Received a letter from my Credit Union -stating that because of the Equifax data breach -i qualify for a free credit monitoring service. i attempted to enroll -and provide all kinds of personal information-at the end they wanted to charge me $39.95 per month - SO BOGUS!! These companies should be prosecuted.

So I now receive a letter wanting me to sign up for Eqifax protect when they have already failed me. They only want us to do this to waive rights against claiming off them. Why should I trust them with even more information. I'll wait for the claims to start and then get my compensation.

The FTC should check the connection between Equifax and Navy Federal Credit Union. Might shock you,

Equifax negligently lost all of my credit information and wants to pretend it wasn't their fault. They are responsible and should make us all whole as long as the executives have a dime to their name. Congress you need to take action and quickly to prosecute these bums!

I think that every company offering credit should stop using Equifax. Every company providing customer data to Equifax should stop supplying data. That would eliminate the Equifax problem. The incompetence of the bozos managing Equifax is unforgivable. The supervision of the IT security staff is unforgivable. 145 million Americans deserve that Equifax disappears as a warning the the other two.

Equifax is a criminal. If Equifax were to be a person, they would be in jail. But our consumer PROTECTION agencies like FTC, CFPB or another agency won't do anything about it. In fact, new cfpb director, who probably lives on industry's money, just ordered to stop investigating Equifax. What they may not realize is that their own and their family and friends personal information is also compromised as part of this breach. They are allowing Equifax to get away with stupid one year free credit monitoring service, which ended Jan 31st 2018. Equifax is still in business after compromising lives of hundreds of million people. Sad!!

If you think Equifax's offer to give one year of free credit monitoring/alerts/freeze service is great way for people to prevent fraud, think again! For hundreds of millions who had their ssn and most personal information stolen from Equifax, his information is valid as long as we live. Fraudsters are not limited to using your personal information just in the first year. SSN and personal information could be sold or used by whoever stole it, anytime, even 10 years from now. Using your stolen information, fraudsters can defraud you 5, 10, or 20 years from now.

Equifax and other credit bureaus (and other credit monitoring companies) will be laughing all the way to the bank for years to come. Because, this Equifax-caused breach has created a massive future market for their monitoring services, as people had to perpetually watch and control their credit files during all their life time. So, one-year free monitoring is just an eye wash! After that they will make more money out of your fear.

Any American with a social security number is a potential target, whether or not you've got open credit.

Can FTC or law makers take real action to protect American people in such case? Credit bureaus need to be regulated to prevent such case from happening again, and Equifax needs to pay for its mistake!

NOBODY, absolutely no one should be trusted with so much information. Why is Equifax still allowed to be in business? I won’t even access their site for future credit report inquiries. They cannot be trusted, plain and simple.

I think this company should pay for every person to get a new 12 digit SS number. Software implementation and delivery. This new number should be alpha numeric not just numeric.

Equifax refuses to submit free copy of annual credit report when client refuses to place copy of ID in mail. They need to be shut down.

Most people can't see the reality of the situation with these credit bureaus but the truth is it's more than an attempt to categorize us they're doing it if they don't see fit according to their scoring system for you to have a nice house in a nice neighborhood it doesn't matter how hard you work or how reliable you are and if your landlord's jump up and down screaming this guy's reliable it doesn't matter you will not be able to answer that house through purchase or rentle according to a credit report proven Beyond A Reasonable Doubt but they are driving you to the trailer parks and apartment complexes and sometimes homeless and by no means is there report a true reading of a man's credibility after all they will not accept reports from your landlord even if you paid $1,000 a month for 10 years it counts not to them further exposing their true agenda to control and categorize every aspect of your life putting you exactly where they want you regardless of your true credibility and worth any business that you do locally and your community cannot be reported to the credit bureau they will not give you points for it because they don't care about your true credibility they only care if you're a good slave to them and utilize their sister companies and pay their bogus fees which they are stealing from you and if you do that they might let you have a house mortgage that you will die before you can pay because of their interest rates and mortgage scams that we're all aware of now there truly a virus on Mother Earth and the antibodies on its way because karma cannot be escaped for No One and eventually every dog has his day their day is on its way as we refuse to be enslaved God created us to be free and the founding fathers of America I'll probably rolling over in their graves to see if encapsulated this way when blood was spilled for a free country stand up and shout America or it's your own fault when your grandchildren and children are totally enslaved one day

Has anyone noticed that it's okay to overcharge the hell out of a person with poor credit to charge them more for insurance to charge them or interest for any kind of loan how is this Justice in some instances they tell you you don't have enough open active accounts to have a good credit score and then they penalize you by lowering your score if you open one these people are evil twisted filthy White Collar criminals

I just found out someone has a mortgage in my name and when I went to Equifax to 'TRY' to find out what and who... I couldn't get in. IT only said for me to call a number they had on their website... A MESS and I'm mad as hell!!!

You can report identity theft at IdentityTheft.gov. You can report that your information was mis-used to get a mortage and create a Report to law enforcement. You can create a personal recovery plan and use pre-filled letters and forms to correct problems.

For example, you can use the Report and sample letters that are on IdentityTheft.gov to notify a company about the identity theft and that a new account has been opened in your name.

I have clicked the "I am not a robot" got a green check mark in the "I am not a robot" and it makes me do it over and over again. I read some of the comments and looked for a date and nothing. How am I suppose the check to see if i was impacted and I can't get passed this screen?

That "Am I Impacted" button on the linked https:// www. equifaxsecurity2017. com/ site goes to a form that takes my last name and last 6 digits of SSN and does nothing. After submitting, the page and form don't change at all besides the captcha being unchecked.

It doesn't work.

This is very confusing and does not give me confidence in its security. gina

Closed down Jan. 2018

They are no longer responsible for the breach they created - that is why the site does not work.

Here is one for you: We were encouraged from financial advisor to invest in a credit monitoring plan through one of the top 3 trusted companies. We wasted money over a year with Equ.ifax for constant monitoring and reporting. It was not until after we stopped our membership services that our identity and information was compromised.

Why is it that when I tried to submit my comment the first time I got a message that the FTC.gov site is down for maintenance? I entered punctuation in the company name I referenced and the comment was submitted but a message of CAPTCHA reuse attack suspected.

I implemented the credit freeze. However, I just opened a Lowes account AND increased my credit limit to $7000. My accounts weren't frozen. The only notification that I received was from my Discover card. Sent me a text that there was a new account showing up on my credit report. THE CREDIT FREEZE IS USELESS!!!! Basically, I just gave my information to 1 more company that will "get hacked" and compromise my information!!!!

My credit to some my cause confusion because I entered the work force early and have purchased many properties while in my 30’s. Now in my 40’s I have become even more suspicious of credit reporting agencies. They have all the power, like a genie and we, the consumers who need their opinion for a bank/ins/etc., seemingly have none. Don’t you think it would have been wise or even fair for Equifax themselves to place a note on everyone’s credit report who has been affected by their actions?? FTC- don’t you think it’s fair and just? We place our trust in these companies because we have to, not because we want to. We need to! They have broken that trust by their own actions as well ruined people’s credibility. I received notification from a gastroenterologist whom I hadn’t seen yet regarding my info being stolen via Equifax?!? That insane!! I hadn’t been there yet! Luckily they notified me and then Equifax sent me a letter months later. Am I responsible for notifying credit agencies and any lenders I deal with about my credit. YES! Shouldn’t the big wigs that make the decision whether I buy a home, car, or cell phone be responsible for their actions, instead of the letter of “What I can do”? What can they do? Agreed-they should pay the consequences and “they” should do what they are responsible for and that is all of our data??? FTC, c’mon

I was notified that I was probably hacked. 3 times I have been on their web site to get signed up. 3 times I have been told (via the site)that my password/code is in my email. 3 times nothing there or in spam. No recourse. I am sending a complaint to my Senators and Representative. This is bogus.

Equifax is a joke. Did what I was told when they finally informed everyone of the breach (long after it originally happened) and was told that I was not affected. Then the other day in the mail, I receive a letter stating that on March 1, 2018 as a result of ongoing analysis of data stolen in last year's cybersecurity incident (September 7, 2017), Equifax announced it had confirmed the identities of approximately 2.4 million U.S. consumers whose partial information was impacted by the incident. So, for 7 months the 2.4 million that were not previously identified as part of the impacted population were affected!!! So, it was recommended that I go on annualcreditreport.com to monitor my credit reports....well when I tried to do this I had no problem getting my online credit report from the other two credit bureaus....but when trying to get my Equifax report, I get a message that states I cannot get my credit report online. I have to fill out a mail request form. I cannot get my own credit report online to ensure that I am not a victim....but some hacker can!!! I cannot believe this company is still allowed to handle our confidential information! The government needs to take this breach more seriously, because this is our livelihood!!

when is there going to be legislation and a class action law suit to punish experian. They provided me with an unusable pin. When I call them, they give me crap and tell me to write them. I WANT TO SUE THEM SO BAD.

Pages

Leave a Comment