The Equifax database breach

[Rail Paul]

This thing is getting worse by the day. Reports say this may be the biggest hack in history, with bank account info, dates of birth, mother's maiden name, etc all released. items that can't be changed, like dates of birth, prior employers or residences.

 

Executives in the company sold bundles of stock before the info was released. They waited 40 days before publicizing the breach, and then tried to get victims to waive the right to sue.

 

These folks seem to be writing a case study on how to do everything wrong...

 

 

========================

 

 

I've been told the best thing to do is lock down your file with a credit freeze. No point in putting more money in the beast's pocket with the fees they collect selling your info to every whoring credit card provider.

 

 

[splinky]

equifax

[voyager]

We froze our credit almost 10 years ago. it is a simple matter to unfreeze it whenever you really want to add or change cards, etc. It is uncomplicated and costs, as I remember, about $100 for each of the three credit companies.

 

As RP wrote, Equifax has shown real sleaze. And as the news has emphasized, the public is not the consumer here; it is the lender or landlord or other commercial entity that the credit companies serve, NOT US. We are just the pawns.

[Rail Paul]

Topic edited, thank you.

 

I froze our accounts at all three locations

[Peter Creasey]

I went to Equifax online and inquired as to our potential impact. They responded that we are not believe to have been impacted.

 

Hopefully, this is reliable!?!

[paryzer]

I went to Equifax online also and unfortunately was told that I did have potential impact. I enrolled in the free identity theft protection and credit file monitoring service.

[Rail Paul]

The original free credit monitoring offer also had fine print that requires you to agree to arbitration and yield your right to sue them in a class action, etc. After much negative publicity, that requirement was dropped.

 

As of yesterday, Equifax has agreed to allow people to freeze their information without charge. Freezing makes it difficult for identity thieves who possess your date of birth, former employers, old addresses, social security #, etc to open a new account. It also deprives Equifax of the few bucks they get for (mis)handling your data.

 

The downside is this makes it more difficult for you to open a new credit relationship. You have to unfreeze, authorize, refreeze, and maybe pay two fees.

[Peter Creasey]

A credible person just told me that he was told that Equifax's responses to the "Am I impacted?" inquiries are randomized and thus not reliable.

 

I'm skeptical of this being true but decided to throw it into the mix here.

[Orik]

Is he a lizard person?

 

The idea of a centralized plaintext repository of quasi secrets protected by even less secretive secrets* is so idiotic that blaming one of the companies for someone looting it seems misguided.

 

* what's your last name? Cohen you say? Well let me try Cohen, Katz, Friedman, feldman... for a 10% hit on your mother's maiden name, and feel lucky you're no Kim or Park

[memesuze]

Your Social Security benefits may also be vulnerable

 

"What should you do? At a minimum, I recommend immediately printing out and safely preserving your Social Security earnings record. The date may help prove that the real you has the earliest Social Security records. And if you are now collecting benefits? I’d start saving notices of benefits you’ve received or changes to your benefits. Also print out bank statements showing you’ve received benefits. Having these things in your possession with dates that pre-date when your benefits were redirected may help. Then again, Social Security may decide you set up a scam involving your pretending to have been scammed — all in order to double your monthly check. This concern might arise if you failed to report in a timely manner not receiving benefits. So make sure your check arrives each month if you are already receiving benefits.

Another idea for those not yet receiving benefits is to send a certified letter, return receipt required, to Social Security every few months stating that you continue to live at your current address, that you have not yet filed for benefits and to notify you if anyone falsely files for benefits on your record. Keep a copy of these letters to document you never filed for benefits prior to the time you did."

[hollywood]

As far as I am aware Social Security benefits are paid by direct deposit. I'm not clear if that poses a greater or lesser risk in light of the breach.

[Rail Paul]

As far as I am aware Social Security benefits are paid by direct deposit. I'm not clear if that poses a greater or lesser risk in light of the breach.

 

Yes. Most benefits are paid by direct deposit, but a small segment of benefits are paid by way of a prepaid MasterCard.

 

Your payment is made to your card's account. Which you spend or make a single free withdrawal each month. My understanding is this feature is of interest to people who currently live outside the US, as there are some additional charges.

 

HuffPo has a clear explanation of the various features: http://www.huffingtonpost.com/jim-t-miller/when-and-how-social-secur_b_7732098.html

[Nathan]

A credible person just told me that he was told that Equifax's responses to the "Am I impacted?" inquiries are randomized and thus not reliable.

 

I'm skeptical of this being true but decided to throw it into the mix here.

Unfortunately it appears to be true. Arstechnica was trying a bunch of made-up names and some were listed as impacted and some were not.

[Orik]

Is that lizard arstechnica?

[voyager]

You all know I'm a fusty old bat. But even I understand that we live in a world where we have supplied our most private information to entities that can be hacked. Financial, social, medical. All of our most important details are on the internet in some form or another, worse on many. Like slitting a down pillow, one can never retrieve what is out there.

 

You just have to take care of business. All elementary precautions. Carefully review one's bank, brokerage, credit card statements. No amount of credit monitoring can replace your taking time for scrupulous monthly reviews. There's no such thing as a free lunch, nor an easy financial life.