The Equifax Data Breach: What to Do

Share This Page

If you have a credit report, there’s a good chance that you’re one of the 143 million American consumers whose sensitive personal information was exposed in a data breach at Equifax, one of the nation’s three major credit reporting agencies.

Here are the facts, according to Equifax. The breach lasted from mid-May through July. The hackers accessed people’s names, Social Security numbers, birth dates, addresses and, in some instances, driver’s license numbers. They also stole credit card numbers for about 209,000 people and dispute documents with personal identifying information for about 182,000 people. And they grabbed personal information of people in the UK and Canada too.

There are steps to take to help protect your information from being misused. Visit Equifax’s website, www.equifaxsecurity2017.com. (This link takes you away from our site. Equifaxsecurity2017.com is not controlled by the FTC.)

  • Find out if your information was exposed. Click on the “Potential Impact” tab and enter your last name and the last six digits of your Social Security number. Your Social Security number is sensitive information, so make sure you’re on a secure computer and an encrypted network connection any time you enter it. The site will tell you if you’ve been affected by this breach.
  • Whether or not your information was exposed, U.S. consumers can get a year of free credit monitoring and other services. The site will give you a date when you can come back to enroll. Write down the date and come back to the site and click “Enroll” on that date. You have until January 31, 2018 to enroll.
  • You also can access frequently asked questions at the site.

Here are some other steps to take to help protect yourself after a data breach:

  • Check your credit reports from Equifax, Experian, and TransUnion — for free — by visiting annualcreditreport.com. Accounts or activity that you don’t recognize could indicate identity theft. Visit IdentityTheft.gov to find out what to do.
  • Consider placing a credit freeze on your files. A credit freeze makes it harder for someone to open a new account in your name. Keep in mind that a credit freeze won’t prevent a thief from making charges to your existing accounts.
  • Monitor your existing credit card and bank accounts closely for charges you don’t recognize.
  • If you decide against a credit freeze, consider placing a fraud alert on your files. A fraud alert warns creditors that you may be an identity theft victim and that they should verify that anyone seeking credit in your name really is you.
  • File your taxes early — as soon as you have the tax information you need, before a scammer can. Tax identity theft happens when someone uses your Social Security number to get a tax refund or a job. Respond right away to letters from the IRS.

Visit Identitytheft.gov/databreach to learn more about protecting yourself after a data breach.

Note: This post was updated on October 5, 2017 to reflect that Equifax extended the enrollment period for free credit monitoring from November 21, 2017 to January 31, 2018.

 

 

Comments

I agree with you.For over 5 months they knew they had a credit breach.

And, when you sign up for the free credit monitoring, you have to check a effectively indemnifying equifax? No thank you. Would rather be a party to the class action suit against them.

And it's also peculiar timing that executives at this company sold off shares of their stock before this story broke.

Surprized that this web site doesnt address the class action law suit. Why in the world would one sign up for the free credit monitoring???? You indeed waive your right! I will sue!

Not only that, you waive your rights to participate in any class action lawsuit

No, you don't waive your right to participate in a lawsuit. Government made them remove that. The lawsuit has to be about the security breach, but not about the 1 year of credit monitoring.

Hey...FTC is on our side.

Well said, Pickles. I agree.

I couldn't agree more! Your spot on!

If you went to the website and entered your name and those 6 digits of your social security number, yo've given up your opportunity to be part of the class action suit against Exquifax. It's in the terms and conditions that no one ever reads. By hitting "submit" you have agreed to everything in Equifax'S terms and conditions.

They debunked this in a thread above. And check the FAQ on Equifax's website. It now states under equifaxsecurity2017.com / frequently-asked-questions / "To confirm, enrolling in the free credit file monitoring and identity theft protection products that we are offering as part of this cybersecurity incident does not prohibit consumers from taking legal action. We have already removed that language from the Terms of Use on the site equifaxsecurity2017.com. The Terms of Use on www. equifax.com do not apply to the TrustedID Premier product being offered to consumers as a result of the cybersecurity incident. Again, to be as clear as possible, we will not apply any arbitration clause or class action waiver against consumers for claims related to the free products offered in response to the cybersecurity incident or for claims related to the cybersecurity incident itself."

That's not true. There are no "terms and conditions" to agree to on that page. You would have to actually agree to terms and conditions for that to happen. Thanks for playing

Care to copy and paste the terms stating that?

There are no 'terms & conditions' on the initial part where you simply enter your last name and the six last SSN digits - it is on the next part where you enter your name and ALL of your SSN. And that page does not have secured emblem on it.

I agree-should have protected our data. But I don't mind getting some marketing mail if it means they r protecting my credit. Equifax told me letters r going out to consumers now explaining how they have been impacted and what to do. They've had the forensic guys in doing their thing to determine what exactly was taken.

No company should get away with these kinds of breaches of privacy. Shut Equifax down. Congress apparently values special interest money over privacy, as their recent and unpopular overturning of internet privacy regulations demonstrates. FTC needs to step up. Challenge the other branches of government. Prevent companies from housing personal data for more than a reasonable time, from requiring consumers provide personal data irrelevant to services offered, and from concealing what information is being collected or hiding it in small print. And companies that can't protect personal information they house ought to be shut down, broken up into smaller companies, or severely penalized. This trend will continue otherwise. FTC, be aggressive for privacy. I want to see Congress suing you for pushing the envelope. We're counting on you.

Completely agree! Where is my notice of a breach? Certainly they have my address.

The FTC is so consumed in their Trump Derangement Syndrome that they can't stop long enough to do their jobs, as if they ever did. Still waiting on my breech letter too.

Can you say class action lawsuit?

Only problem with class action is the only people to get money is the lawyers

Not only that! If you sign up for it you give up the rights to participate in any lawsuit even if your info was stolen and scammers later impersonate you. DO NOT SIGN UP FOR THAT. There are many ways you could monitor your credit yourself on a weekly/monthly/yearly basis.

Yes its time for incompetence to come with a price and a class action lawsuit would be in order.

Perhaps we may use this breach to our advantage. Let 143,000,000+ Americans change their Social Security Number!

Agree that the FTC needs to step. The response by Equifax to offer only one-year of credit monitoring is a joke. The government needs to step in and hold Equifax accountable.

True dat!

So have you confirmed that your info was one of the ones stolen? If so, how?

They lost our information forever but they are only going to provide monitoring for a year for free? Sounds like a way to drum up business. Not fair to the other credit agencies that didn't lose our data!

Agreed

AMEN..STEP UP OR SHUT DOWN..WE'RE NOT GONNA TAKE IT ANYMORE

How can the guardian of credit history do so little when they have exposed 1/2 the population with a high risk of credit fraud. They should do more.

Equifax should be offering everyone lifetime monitoring for free and free credit freeze for life.

That was my question, why are we just learning about
this now...my goodness it's September!!!!!

I agree. Putting your name and social into a site that already has acknowledged a breach is a load of crap. They already have that info and more so why aren't they simply sending me a notice whether I was part of the breach?!! Don't opt out of any lawsuits!!! Of all the places that should have top of the line security and they are getting breached!!! Didn't they learn anything from all the other highly publicized breaches?!!!! I am outraged!

I am equally (more) concerned about my license number. If someone creates a fake license with your number and gets ticketed and that goes unpaid (which obviously it would) you will have warrants out for your arrest. You will not know either. There isn't much out there in regards with how to protect yourself with that issue.

Yes. Equifax should send U.S. Postal mail to each of us informing how we may have been affected including I.D. soc sec numbers

I agree, Equifax if putting a really stupid bandaid on a GSW to the American public. The FTC needs to do much more here. The CO's souls go to jail for insider trading when they sold their stocks before even. Otifying the public that there was a breach in their weak security affecting 1/2 of this country! They should pay to actually fix the problem now matter what it costs them! New SSN's for all Americans with truly identifying information and legitimate papers. Then Equifax should go out of business forever!

I say get rid of Credit agencies and do something creative like, have people contact your creditors directly for a reference. And like so many, I wouldn't doubt if Equifax hacked themselves just so they can charge you for monitoring services. So, so, so, very tired of the abuses these businesses get away with.

I think that's a great idea!

Equifax basically controls our lives with the information it provides and if I had my way, they wouldn't exhist. They don't provide me any service except to make my life a living hell. You can't get negative info off and everything else is only providing the fuel for banks and other companies to make a million off your missfortune. They should be fined and I wouldn't put it past them to find out they sold the information.

Seriously! As consumers, we are at the mercy of the credit bureaus, even though it is OUR information that's being used!! They are very pro-business, with little regard for the person whose life they are affecting.

Ditto

I totally agree..they should not even exist.So what do we do to get rid of them? I'm sure they are politically connected. Enough is enough!!!

This is exactly what I was thinking. I am not going to sign up with their TrustedID. I will check with the Federal Trade Commission and follow their steps. B:)

They should all go to prison!!! ...and then throw away the keys. It's what we all risk might happen to you or I once we neglect to make payments on any fraudulent accounts that get opened in our names, or from any IRS threat notices for fraudulent tax returns filed in our names.

I TOTALLY AGREE with you! Something fishy with this company. I think they should be thoroughly investigated. They removed negative items just for them to reappear again then push their monitoring program. Plus over seas call centers. Check them out FTC!!!

100% agree.

Equifax, Transunion and Experian service businesses, not consumers. FTC won't fine them cause businesses are not inconvenienced.

When the banks have to pay out money because of fraudulent access to bank accounts and credit cards then something will be done about these credit bureaus.

Totattly agree! I have an issue now! For over 9 months!

I just tried to obtain my credit report at annualcreditreport.com and entered all my personal information and then as it was transmitting it to move to the next step and generate a report, I got a site unavailable error. I am now VERY WORRIED that someone just hacked my info as it was heading to their site. I submitted a contact request to be called back to discuss this issue.

The same thing happened to me.

I got the same... I think the site is probably gettting slammed at the moment.

Pages

Leave a Comment

Comment Policy