Equifax Breach

Anymouse said:
Of course, the conspiracy theory side of me wonders if the folks that are really doing the hacking are the people in the credit protection industry. Lets face it, every time one of these hacks becomes public, they get a **** ton of business.
Click to expand...

My brother was the victim of a particularly vicious ID theft attack. The breach was determined to be from an employee of the bank who determined my brother had a good sum of money in the bank, and proceeded to give his thug buddies my brother's bank account information, social security number, birth date, family names... all the information the bank hand on him.

That bank locked his bank accounts (protecting themselves and leaving my brother only the cash he had at home to use) and gave him one year of credit monitoring. No compensation for having put my brother's life on hold for months. My brother froze his credit and has had to keep it frozen since he never knows if/when someone will try his credit again.

So your thoughts about conspiracy are not unfounded. It has crossed my mind as well.

Due to this breach by Equifax, I too have now frozen my credit. Probably should have done this long ago...
 
Freezing is one of the best things you can do to protect yourself.

But no big institution will strongly recommend it.That's because it's in their interest for you to not freeze. They make money on your impulsive applications for credit, which you will find to be inconvenient when your credit rating is frozen, as it requires remembering a PIN or a login to the credit reporting agency, and often a phone call or two.l
 
NoHeat said:
Freezing is one of the best things you can do to protect yourself.

But no big institution will strongly recommend it.That's because it's in their interest for you to not freeze. They make money on your impulsive applications for credit, which you will find to be inconvenient when your credit rating is frozen, as it requires remembering a PIN or a login to the credit reporting agency, and often a phone call or two.l
Click to expand...
Sounds like a form of two-factor authentication.
 
asicer said:
Sounds like a form of two-factor authentication.
Click to expand...

Yes, I hadn't thought of it that way, but the effect is similar.

Except that the user experience is clunkier, and in my state it costs me $10 to freeze or refreeze.

Not sure why I should have to pay to keep my data private. Instead of that, the credit reporting bureau should be paying me, for the privilege of selling my data. As someone mentioned, it's all like paying the mob for protection. That being said, I'm still better off paying.
 
I will never understand why our credit is not frozen by default. If I want to buy a car, or open a credit card, its a phone call or a email to unlock the credit. Having it open by default is just crazy. I get that they want you to open credit easily, but a phone call or some TFA is not going to stop that.

And why do we need 3 credit agencies? Why not 2 or 10?

Does Equifax not know about encryption? Hash the SSN field type stuff?

This will either be the start of a huge overhaul of the credit companies, or a small slap on the wrist. Will you, the poor little Equifax promise to do better and try harder? Ok, you are free to go...
 
MauleSkinner said:
The exact formula may be secret, but the gist of it is, if you've been in debt for a long time and making payments when you're supposed:rolleyes: to, your score goes up. If you pay off debt, your score goes down.
Click to expand...
I must be a bit of a contrarian. The only consumer debt I have right now is a USAA credit card and I've been aggressively paying of the balance since the beginning of summer.

I checked my FICO score when I started and I was around 675-ish.

I have paid off nearly 10k since then. And checking the score today using the service through USAA that Rich mentioned, my score on Experian shows 770 out of 850.
 
AggieMike88 said:
I must be a bit of a contrarian. The only consumer debt I have right now is a USAA credit card and I've been aggressively paying of the balance since the beginning of summer.

I checked my FICO score when I started and I was around 675-ish.

I have paid off nearly 10k since then. And checking the score today using the service through USAA that Rich mentioned, my score on Experian shows 770 out of 850.
Click to expand...
By "pay off debt", I was referring to something like a home or car loan that goes away when you pay it off...the equivalent of paying a credit card off completely and canceling it.

Probably not clear by the way I phrased it.
 
Pilawt said:
Can someone outline how to go about it efficiently for the uninitiated?
Click to expand...

Google these two words: freeze transunion

Follow the obvious links on the transunion website. It will take 10 min at most. Pay $10 with a credit card, if asked.

Repeat for experian and equifax. For all three, keep your PIN, userID, and password in a safe place.
 
NoHeat said:
Except that the user experience is clunkier, and in my state it costs me $10 to freeze or refreeze.

Not sure why I should have to pay to keep my data private. Instead of that, the credit reporting bureau should be paying me, for the privilege of selling my data. As someone mentioned, it's all like paying the mob for protection.
Click to expand...

Equifax had $3.1 billion in revenue in 2016, much of which was derived from fees to view consumer financial information.

Most everyone would freeze their credit if it were free to do so.

If that happened, their business model of selling our personal credit histories to any company that wanted to buy access would fall apart.
 
I had created a calendar notification to remind me to go back and sign up for the free credit monitoring... just did it at 0016 CDT and it let me. Now I have to wait for them to "process" my application. No timeline provided.
 
rtk11 said:
Due to this breach by Equifax, I too have now frozen my credit. Probably should have done this long ago...
Click to expand...

Same here. I haven't needed or wanted new credit in a long time. Freeze was overdue. Froze it all.

Wish I could opt-out of the data collection altogether. I'm sure somewhere in my various banking agreements there's a clause where I'm agreeing to them using the clearing houses instead of getting off their lazy butts and manually underwriting things.

Things that should come out of this that won't:

- Laws saying participation in these companies is always Opt-In, not Opt-Out and Opt-Out can be for ALL data collection, not just a credit freeze.

- States telling all three of them that fees for freezing and unfreezing are inappropriate altogether. Many states do have "decent" laws making a freeze or unfreeze free, even for someone who hasn't been a victim of ID theft, but this business is ridiculous. They make plenty of money. Kill the fees.

Should be fun to see who gets ****y that they can't pull my credit now.

I suspect the first and loudest complainer will be Verizon. And they can go pound sand. I buy phones with cash and haven't missed or been late on a telecom bill in decades. Maybe not ever. And I've carried a cell phone since the AMPS days. They can keep their own records or shove it.
 
Mason said:
How To Freeze Your Credit Info

Free for seniors in California
Click to expand...

Free for all sorts of folks. There's a table on each of the company websites that shows the State laws and which ones say the credit bureaus can't charge for certain things.

If you're in a crappy State, get on your State legislator's butts.

Wouldn't be awful if Congress just cut off the fees and made the whole thing Opt-In including data, but we know they're all bent over the table and enjoying it from the banking industry, and the bankers and insurers leave a nice tip on the dresser, so that's unlikely.
 
And this'll just happen to someone else next week and everyone will forget about Equifax, and back to business as usual. Problem is when these folks are left to their own devices they're going to choose ether least expensive way to do business, and that includes exposing their product (us) to the risk of identity theft. Why not, it doesn't cost anything.

Its no different than cars, airplanes or anything else. Left to their own devices manufacturers and operators will choose the lowest common denominator. The only thing making and keeping these things safe is when the cost of getting it wrong exceeds the cost of doing it right. The only way that's going to happen is regulation. Unfortunately, our current office holders are nearly allergic to that particular concept, so look forward to things staying as they are.
 
More proof that Equifax isn't capable of walking and chewing gum at the same time, when it comes to keeping your data safe:

They issue a non-random PIN when you freeze your account. The PIN uses the format MMDDyyHHmm based on the exact time that you signed up. For example if you signed up yesterday at noon you would be assigned the PIN 0911171200. It's so stupid, for a ten-digit password, it's hard to believe.

When a crook wants to unfreeze your account to access your credit record, they could just guess a PIN like the one I just posted, because lots of people have been freezing the last few days.

There are lots of articles being written about this issue, like these:
https://nakedsecurity.sophos.com/2017/09/10/equifax-woeful-pins-put-frozen-credit-files-at-risk/
https://www.nytimes.com/2017/09/10/your-money/identity-theft/equifax-breach-credit-freeze.html
 
I found the first freeze, with them, was free. Experian charged $10 and Transunion nothing. Am in Kalifornia.
 
NoHeat said:
They issue a non-random PIN when you freeze your account. The PIN uses the format MMDDyyHHmm based on the exact time that you signed up. For example if you signed up yesterday at noon you would be assigned the PIN 0911171200. It's so stupid, for a ten-digit password, it's hard to believe.
Click to expand...
Are you fricking kidding me! I use the same format to assign my client account numbers... never for their passwords or PIN numbers! They choose their own 10 digit mixed character password plus 3 security questions that only they would know.
 
Goofy said:
I found the first freeze, with them, was free. Experian charged $10 and Transunion nothing. Am in Kalifornia.
Click to expand...

Hmmm, I'm in California also, but TransUnion and Experian both charged me $10 a piece, no cost for Equifax.
 
cowman said:
The one thought I had was what if to sign up for these things you had to show up somewhere in person
Click to expand...

Showing up in person used to be how most financial institutions made sure things were secure. They actually knew who you were.
 
NoHeat said:
They issue a non-random PIN when you freeze your account. The PIN uses the format MMDDyyHHmm based on the exact time that you signed up.
Click to expand...

They changed that code a few days ago. The articles are already out of date.

rtk11 said:
Hmmm, I'm in California also, but TransUnion and Experian both charged me $10 a piece, no cost for Equifax.
Click to expand...

Free for all three here. Maybe the one good thing about Colorado government I've seen in a long time. Unfreeze is also free. Temporary unfreeze is $10 from all, unless you're a victim of ID theft, then free.

Could be fun to jack with them and say you're an ID theft victim and send them copies of any fraud alert you've ever gotten on any credit card as "proof". They can then figure out how they'll tap dance their way out of that one.
 
denverpilot said:
They changed that code a few days ago. The articles are already out of date.



Free for all three here. Maybe the one good thing about Colorado government I've seen in a long time. Unfreeze is also free. Temporary unfreeze is $10 from all, unless you're a victim of ID theft, then free.

Could be fun to jack with them and say you're an ID theft victim and send them copies of any fraud alert you've ever gotten on any credit card as "proof". They can then figure out how they'll tap dance their way out of that one.
Click to expand...

In New York, it has to be either a police report or an FTC report. But the police usually file fraudulent use of plastic cases as both identity theft and some lesser related charge ("unauthorized use of a financial instrument" or some such thing), so it's pretty easy to get the identity theft documentation even if what happened isn't "real name" identity theft.

Thanks to Equifax, however, I suspect that pretty much everyone who's ever had a bank account will qualify as a real-name identity theft case in a few months; so perhaps the days of fees for freezes, thaws, and lifts will be over anyway -- albeit not in the way nor for the reasons we would have hoped. All it takes is one fraudulent credit or deposit account application or tax filing, of which I suspect there will be many, to qualify.

Rich
 
I don't know if it's changed over the years, but on my SSN card there is this statement: "Not For Identification Purposes" What happened to that? Somebody must have seen a problem with using it for identification a long time ago...:mad3:
 
FlySince9 said:
I don't know if it's changed over the years, but on my SSN card there is this statement: "Not For Identification Purposes" What happened to that? Somebody must have seen a problem with using it for identification a long time ago...:mad3:
Click to expand...
Years ago, people didn't worry about it. Remember when your pilot's certificate number was your SS number? I think you could opt out but only a few did. In Idaho, it was my driver's license number. I thought it was cool because I only had to remember one number. But that was before large quantities of information was available on the internet.
 
I remember when I joined the Marines they used SSN's as service numbers and told all of us never, never, never, give anyone your SSN. However the government started requiring every employer and financial institution to require it to report earnings i.e. make sure they were getting their due in the 1970's. :rolleyes: SSN's were never intended to be used for all of the things we use them for. Pretty good write up here.

http://www.investopedia.com/article...615/purpose-having-social-security-number.asp

I wonder if the DoD will go back to unique service numbers at some point.
 
Shopshirt said:
I remember when I joined the Marines they used SSN's as service numbers ...

I wonder if the DoD will go back to unique service numbers at some point.
Click to expand...

Looking at my retired ID card, I now have a DoD ID number that is not my SSN. It is identical to my DoD benefits number. Card issued Nov 2016.

I think the services (at least the AF) have been transitioning to unique identifiers with Common Access Cards. I know over my last few years, most forms have been changed to accept only the last 4 digits to help protect it. I doubt DoD is all the way there yet, but I think they're making progress.
 
Old news?

That means that the media and social messages can't keep up with Equifax's reactive responses to issues like data breaches and their own ill-thought-out responses to the responses to their reactive responses. Those damned barn doors keep opening!

RJM62 said:
Thanks to Equifax, however, I suspect that pretty much everyone who's ever had a bank account will qualify as a real-name identity theft case in a few months; so perhaps the days of fees for freezes, thaws, and lifts will be over anyway -- albeit not in the way nor for the reasons we would have hoped. All it takes is one fraudulent credit or deposit account application or tax filing, of which I suspect there will be many, to qualify.
Click to expand...

Thanks to Equifax the credit agencies will push to make freezes only temporary and behind more hoops.
They can't get along with all of the products they sell being unsalable.
 
Pilawt said:
Experian's "Security freeze" page won't even open.

Otherwise, it's been just ducky. o_O

I'm sending freeze requests to all three by first class mail today.
Click to expand...

You can reach TransUnion's automated system at 888-909-8872 to freeze your credit.
 
murphey said:
It took over a month for them to admit publicly there was a hack. Guess I'll spend the morning dealing with the other two services, get ducks in a row, then workmon Equifax.
Click to expand...

They needed time to dump stock......insider trading will be the nail in the coffin
 
You must log in or register to reply here.
Back
Top