I'm getting so frustrated and so angry at these institutions that hold our data and then cannot secure it. What makes me even more frustrated is that there is nothing we can do about it. I feel like this Equifax breach should be the straw that breaks the camel's back. Sure, we can choose to not shop at Target or Home Depot where there have been breaches in the past, but as far as I know, there is no way to keep the big 3 credit scoring agencies from holding our data, other than not have credit, which is nearly impossible in today's economy.

And who gave Equifax, Experian and TransUnion the authority to do what they do? Why do they get to hold ALL of my credit card/financial data?

I really wish someone would put legislation through congress that would hold companies such as Home Depot responsible for breaches, but more importantly, companies like the big three credit reporting agencies.

To rub salt in the wound, I am the one that has to go out and find out if I was affected. I think someone ought to be reaching out to ME to inform me that my data was compromised.

It just makes me feel helpless and I don't like it

9/11/2017 5:20:15 PM

Your personal information is not safe. Time to live with that.

9/11/2017 6:40:56 PM

credit is nothing more than a system of wealth redistribution (poor to rich)

9/11/2017 7:59:19 PM

Lol

9/11/2017 11:03:44 PM

Quote :

"And who gave Equifax, Experian and TransUnion the authority to do what they do? Why do they get to hold ALL of my credit card/financial data? "

They're just a registry, they don't actually hold all of your data. Your credit card company didn't give them your credit card numbers, for example. What your credit card company did give them is identifying information, such as your name, address, birthdate, and social security number, and a bunch of credit information, such as credit limit, amount borrowed, delinquency. And then they update it whenever it changes. As such, they have every address you ever gave your bank, hence they can do that weird challenge of "which of the following addresses have you never lived at?"

This is all the information needed to steal your identity, of course. But it is the same information you freely gave to every employer, landlord, and creditor you have dealt with. After-all, they're not born with your social security number, you voluntarily gave it to someone which promptly gave it to the credit agency in order to do a credit check, which upon seeing your social security number for the first time, promptly created a file on you and have merely been updating it ever since.

Nothing was stolen from you. They didn't hack the Social Security Administration to get your Social Security Number. You and the people you've conducted business with chose to give it to them of their own free will. And y'all did that for good reason: credit scores are useful information to have about others, and society would be worse off without it. But, there are always margins where things can be improved without scrapping the system. I'm certainly open to ideas.

9/12/2017 9:15:39 AM

^Thanks for the info. I really had no understanding of how they worked behind the scenes. I did see however that a number of folks had cc numbers taken from this breach through Equifax.

Also, very shady - a number of Equifax execs sold stock prior to this going public.

9/12/2017 11:30:12 AM

^^

9/12/2017 12:28:42 PM

^^^circular argument

the fact is, credit reporting agencies hold your financial life hostage and give you very little power to manage the data, use, or collection. People give a bank their information for their account. The bank sends that on to the credit agency. The people are forced into the situation with credit agencies.. Given the choice, most people, or at least smart ones, would decline the bank's / creditor's request to distribute your private information, if such a choice actually existed. credit agencies are scams and liabilities. see equifax. huge data breach, kept it quiet as long as they could, then trick people into signing away litigation rights, oh, and charge you from taking needed steps to secure the data they just let walk out the door.

[Edited on September 12, 2017 at 1:05 PM. Reason : .]

9/12/2017 1:03:25 PM

So should we be enrolling in their offer of TrustedID Premiere credit monitoring?

9/13/2017 1:59:28 PM

Seems like if you do you're forfeiting your right to sue them in the future

9/13/2017 2:02:37 PM

Quote :

"We’ve added an FAQ to our website to confirm that enrolling in the free credit file monitoring and identity theft protection that we are offering as part of this cybersecurity incident does not waive any rights to take legal action. We removed that language from the Terms of Use on the website, http://www.equifaxsecurity2017.com. The Terms of Use on http://www.equifax.com do not apply to the TrustedID Premier product being offered to consumers as a result of the cybersecurity incident."

9/13/2017 2:05:12 PM

^^ Not true. The NY AG notified them that that clause was not enforceable and made them remove it. Which they have.

Regardless, my wife and I, who were included in the millions who had their information stolen, are signing up for life lock. We've been meaning to do it for a while anyway.

9/13/2017 2:51:07 PM

Is signing up for Lifelock better than freezing credit at all 4 of the companies? Or better to just do both?

9/13/2017 2:59:38 PM

^ freezing your credit and lifting the freeze is free in North Carolina while other states have different regulations, most make you pay. It seems to me if you don't imagine you'll need to run a credit check for a few years, then go ahead and issue the freeze regardless of whether or not your info was taken. If your info was taken, I'd issue a freeze and only lift it for short periods when you need to.

Now, what the freeze does is it causes the agencies to refuse whenever anyone runs a credit check for you. It also prevents the credit agency from even verifying your identity. However, it doesn't technically stop anyone from extending an identity thief credit in your name. Examples are rare but do exist. As such, if I were you, at least while it is free, I would sign up for the provided automated monitoring, which will at least let you know someone is stealing your identity.

Quote :

"People give a bank their information for their account. The bank sends that on to the credit agency. The people are forced into the situation with credit agencies.. Given the choice, most people, or at least smart ones, would decline the bank's / creditor's request to distribute your private information, if such a choice actually existed."

I disagree. I purposefully got a credit card as early in life as I could so I could build a history of good credit, if only to impress future employers. The mistake you are making is that the information is not "private", you gave it to a stranger which promised, before you gave it to them, that they were going to give it to lots of other people. You were free not to give it to the bank, but you did so anyway. That is not on the bank and it certainly isn't on the credit agency. It is a free country, and just as they have no right to force you to do anything with the information you hold, you have no right to force them to do anything with the information they hold.

Now, maybe they have acted with gross negligence in securing their information about you. You can sue them for that and win damages. What you can't do is use Equifax's bad behavior as justification to punish other credit agencies or, worse, smash the system. Credit scores are valuable information in a free society, so we need someone to be credit agencies. If Equifax is driven bankrupt by the impending lawsuits, then I think that is plenty of checks and balance for the other and future credit agencies to do a better job of security.

9/14/2017 1:05:44 AM

Quote :

"I disagree. I purposefully got a credit card as early in life as I could so I could build a history of good credit, if only to impress future employers. "

Credit is pretty much a requirement of life in the developed world. So you, and others, are forced into the system.

Quote :

" The mistake you are making is that the information is not "private", you gave it to a stranger which promised, before you gave it to them, that they were going to give it to lots of other people. "

It's still private information. And again, it's a system forced onto people where private information must be shared. There is no choice. Unless you live completely off the grid. Completely. That would do well for everyone

Quote :

"you have no right to force them to do anything with the information they hold. "

If it is personal information, then yes, people do have a right. And they should have more rights than currently are provided.

Quote :

"You were free not to give it to the bank, but you did so anyway. "

No. You don't have a choice. If you are going to participate in this economy, you are require to show your papers. To banks, power companies, phone companies, etc. There is no choice. None. Stop saying we have a choice, we don't. Unless you choose to not participate. And that's not much of a choice.


[Edited on September 14, 2017 at 7:38 AM. Reason : .]

9/14/2017 7:37:32 AM

Quote :

"Stop saying we have a choice, we don't. Unless you choose to not participate. And that's not much of a choice."

Just because you don't like the choice doesn't mean you don't have it.

Quote :

"It's still private information."

Again, you give it to complete strangers on a regular basis. How can you call such information private? You gave it to every employer, every financial institution, every utility, every landlord, every tax return, every government agency, etc. etc. This information identifies you, but it is in no way private. It is at best an open secret.

Quote :

"And they should have more rights than currently are provided."

So, a "credit agency" is just the normal human situation of "other people have an interest in talking about you with each other and will do so." But, Legislatures can do whatever they want, so what exactly do you want them to do for you? how do you see the system changing in response? How do you see people's behavior changing in response to that? Freezing your credit is already a thing for free in many places, so people are free to opt out right now. What more do you want?

9/14/2017 8:39:35 AM

Once you stop pretending that there is a choice, we'll talk. There isn't a choice. You are given a number upon registration of your birth. You must provide that number to get basic services. You must provide that number to be employed. You must provide that number to participate in banking. The only choice is to live in a first world country, as a first world citizen, or live in a first world country as a third world citizen. So no, that's not really a choice.

you can either be my negro slave or you kin hang in the front yard. it's your choice.

[Edited on September 14, 2017 at 9:21 AM. Reason : .]

9/14/2017 9:19:27 AM

This illusion of choice is funny.

Show me someone who chooses to not have electricity in the southeast in the summertime.

9/14/2017 10:37:06 AM

nothing to see here, folks. CC companies and the feds got this.

9/14/2017 12:43:54 PM

Well - FTC already stepping in. Equifax is in it pretty deep for sure then and heads will almost certainly be rolling.

Sidenote - wonder how many, if any, of their own employees were affected...

9/15/2017 12:22:11 PM

It's like 143 million people right? That's nearly half the us population, so odds are good their employees are affected.

9/15/2017 2:23:06 PM

Gotta go be all realist and not entertain crazy conspiracy theory...

But really - if ever there were enough reasons for a large company to fail this ranks right near - if not at - the top.

And just saw the Chief IS Officer and Security Officers have both "retired" effective immediately. Bah. Getting of easy for doing an absolute shit job.

9/15/2017 8:33:26 PM

In reality it probably wasn't their faults.

9/15/2017 10:11:13 PM

Not directly, sure. But as executives for the security and informational systems areas it ultimately falls on them. It also means those who are in the "trenches" will, rightfully, lose their jobs without the option for "retirement".

It is more the anger at seeing this pattern much too often and that at this point it is sheer luck that I personally haven't, to my knowledge, been majorly affected by such breaches

9/16/2017 11:57:16 AM

Quote :

"Once you stop pretending that there is a choice, we'll talk. There isn't a choice."

I guess we're playing semantics. You're hung up on the position that "A really bad choice is no choice at all!" The reason you have no choice here is because it isn't your choice to make. It is your employer and banker that decided to hit up the credit agency, not you. But choice is here, the reason I say you do have a choice is because you can find an employer and a banker that won't run around sharing your information.

But fine, I'll concede that "hard to do" is the same as "impossible". Then what? The fact is, these are decisions others are making. The only way for you to have what you'd consider "choice" here is to write laws eliminating the choices others have. "I don't trust this stranger that just walked up to me, I'd rather not employ them without asking someone about them" is a choice they cannot apparently have without being an affront to wdprice3 living his life. Your employer and your banker have rights too, and such a law certainly infringes upon them. I suppose you might just want a checkbox on all applications stating "this applicant demands the organization NOT share any information ever with anyone." Of course, that wouldn't help you at all, as all applications with that box checked would just be refused, so no point having it. I know this because they're free to have that box on their forms right now, and none of them do, as they'd rather you just not bother filling it out than check it.

So, I ask again, what would you have society do for you?

9/17/2017 9:52:15 AM

As for who within the company is at fault, it would be hard to say, as intrusions can come in so many ways.

Was it an employee who wasn't paying attention and cross-contaminated a USB stick with malicious software? Or was it something as simple as missing a security patch on a Windows server?

The world may never know.

What is shady though is how the stock sell-off went down.

**Update**

Looks like it was a web application that had a flaw:

Quote :

"Much is still unknown. But it came down to a flaw in a tool designed to build web applications, the company said in a press release this week. And Equifax admitted it was aware of the security flaw a full two months before the company says hackers first gained accessed to its data."

[Edited on September 17, 2017 at 9:07 PM. Reason : dfs]

9/17/2017 9:01:51 PM

Exactly - this is why I'm so upset about it all...

Good take on it by Forbes IMO: http://fortune.com/2017/09/16/equifax-legal/

Best case: some sort of punishment can be pursued and issued setting precedent when things go wrong. (hah.)
Worst case: additional regulations that won't have enough power to actually change a thing... (most likely...)

9/18/2017 12:40:36 AM

Aaaaaaaaaaand they had a breach in March, too. wtf

9/19/2017 8:27:07 PM

I just don't get it.

How can any go forward with any financial transaction with an individual based on personally identifiable information, when the set of information that constitutes this is provably in the hands of literal hackers for basically all Americans for which it matters?

Quote :

"Nothing was stolen from you. They didn't hack the Social Security Administration to get your Social Security Number. You and the people you've conducted business with chose to give it to them of their own free will."

Again, do not get this.

The concern is that someone uses your information to take an action as you. If you just simply assume the (now suddenly reasonable) absurdity that identity can not be proven (from the perspective of a corporation), then you lose every right to property that you previously had.

9/22/2017 9:46:47 PM

http://money.cnn.com/2018/02/09/pf/equifax-hack-senate-disclosure/index.html

2/10/2018 11:10:36 PM

Good thing Mulvaney has really stepped up the CFPB’s investigation on them

2/10/2018 11:22:53 PM

good thing that information can't be used to change our voter registration or anything

2/10/2018 11:56:55 PM

Quote :

"Just because you don't like the choice doesn't mean you don't have it."

Hypocrisy or willful idiocy? You could apply this statement to any number of your Libertarian causes: "You have a choice! You can pay taxes, or you can go to prison - just because you don't like that choice doesn't mean you don't have one!"

The current system effectively requires participation in the credit score racket as a fee for participation in the economy and, really, society at large. It is a scheme managed by unelected incompetents who put its hostages (us) at risk of ruin by failing to secure the information ransom it has demanded of us. They make decisions which affect the lives of every adult in this country, decisions which are not understood by nor explained to the people affected, and they do so on behalf of a minority of interested parties who already wield substantial power over the rest of us.

Quote :

"Your employer and your banker have rights too, and such a law certainly infringes upon them."

My boss and my banker do not have the "right" to just any damn information they please, any more than I have a right to know the ins and outs of every part of their business before I entrust my money with them. Why can't they ask me if I have any outstanding debts or history of missed payment? And if I lie, they can sue or otherwise penalize me. And let me ask them if they're going to share that information with everybody and his brother, and if they say yes, I'll take my money somewhere the fuck else.

2/11/2018 2:23:14 PM

Once more unto the breach, dear friends, once more

https://www.reuters.com/article/us-equifax-cyber/equifax-discovers-another-2-4-million-customers-hit-by-data-breach-idUSKCN1GD5C7

3/1/2018 1:52:10 PM

And not a thing has been done, that I can tell, by our government to protect our data from a company's service that we cannot opt-out of.

3/2/2018 2:54:04 PM

In fact, didn't the CFPB drop the whole lawsuit? Thanks Donald!

3/5/2018 8:38:48 AM

https://www.equifaxbreachsettlement.com

go get that $$$

[Edited on July 26, 2019 at 12:55 PM. Reason : .]

7/26/2019 12:53:44 PM

got my 125$

7/26/2019 1:08:36 PM

you have documented losses? what document did you use to file?

7/26/2019 1:22:37 PM

internet.doc wtf just click the buttons man

7/26/2019 2:22:03 PM

the way i understood it, if your info was compromised, you can file a claim for the 125. if you suffered hardship because of the breach, you can claim additional losses.

7/26/2019 3:08:08 PM

That's what I saw as well. I already have free monitoring thanks to the OPM breach before this one (double breach!), so gimme that 190% $125.

7/26/2019 3:28:59 PM

claim your time for locking/unlocking accounts

7/26/2019 3:49:41 PM