News Article Here: https://www.nytimes.com/2017/09/07/business/equifax-cyberattack.html


There's some terrible news if you do business with consumer credit monitoring agency Equifax (or even if you don't). Your sensitive personal info — including Social Security and possibly driver's license numbers — may be in the hands of data thieves. This is arguably the worst data breach ever.


You can go to this website to see if your data was compromised.

https://www.equifaxsecurity2017.com/potential-impact/?_ga=2.50472553.1723520058.1504877951-1708800721.1497622547

Annnnnd my information was compromised. Fun times.

Its a major credit agency, EVERYONES info is compromised. I'd be surprised if anyone got a message saying they weren't compromised.

Annnnnd my information was compromised. Fun times.

Mine too.

Same... I also validated the link in that article... I thought it was weird that the website wasn't a part of the equifax domain even though it was branded as such... was able to get to the site provided via the equifax website, so it's a true subsidiary.

Its a major credit agency, EVERYONES info is compromised. I'd be surprised if anyone got a message saying they weren't compromised.

My co-worker wasn't impacted, surprisingly enough.

Based on the information provided, we believe that your personal information may have been impacted by this incident.

Hawt. My stuff has been compromised so many damn times that I don't care anymore.

It says I haven't been impacted but I don't believe them.

I wonder how many Simucoins the hackers are gonna buy with all these people's info.

https://68.media.tumblr.com/cc0f253a369ea43bb15295b9beabb037/tumblr_om74jnRXky1v230yto1_500.gif

Jokes on them! I got no money to steal! hahahahaaahahaa

Based on the information provided, we believe that your personal information may have been impacted by this incident.

Hawt. My stuff has been compromised so many damn times that I don't care anymore.

Every year I get a notification from my university that my data may have been compromised.

Invest in Simucoins now and keep your finances safe before the hackers clean out your bank account!

It's not the bank accounts you need to worry about. It's them opening credit cards in your name. Full name, SocSec #, and sometimes last know address... then voila you're holding the bag for $15,000 in Credt Card charges.

If that checker link is to be trusted, my information wasn't compromised but my wife's was. Way to go, Equifax.

It's not the bank accounts you need to worry about. It's them opening credit cards in your name. Full name, SocSec #, and sometimes last know address... then voila you're holding the bag for $15,000 in Credt Card charges.

Invest in Simucoins and max out your credit now so the hackers won't be able to open anything new in your name!

Invest in Simucoins and max out your credit now so the hackers won't be able to open anything new in your name!

I know some folks whose credit would probably be improved by having it stolen.

Invest in Simucoins and max out your credit now so the hackers won't be able to open anything new in your name!

https://i.imgur.com/Zf643kk.jpg

https://i.imgur.com/Zf643kk.jpg

http://i.imgur.com/5tR6jc4.jpg

I know some folks whose credit would probably be improved by having it stolen.

Ugh. Mine. Open credit cards in my name. Secured ones. None of the other ones like me.

I never considered "financially responsible enough not to use credit" synonymous with "Don't approve this person for anything" until I started wondering why the hell my car loan rates were so high.

Now I have a single loan from my credit union, and I use the loan to pay the loan, and when the loan is paid I'll get another loan to pay itself. Costs about $90 a year but my credit is slowly building itself from nonexistent. It's not quite there yet though. Only been about 4 months.

Ugh. Mine. Open credit cards in my name. Secured ones. None of the other ones like me.

I never considered "financially responsible enough not to use credit" synonymous with "Don't approve this person for anything" until I started wondering why the hell my car loan rates were so high.

Now I have a single loan from my credit union, and I use the loan to pay the loan, and when the loan is paid I'll get another loan to pay itself. Costs about $90 a year but my credit is slowly building itself from nonexistent. It's not quite there yet though. Only been about 4 months.

1. No one cares.
2. Go back to your gay ass forum.

Its a major credit agency, EVERYONES info is compromised. I'd be surprised if anyone got a message saying they weren't compromised.

I actually was not compromised, which was surprising.

Agreeing to use their credit monitoring service waives your right to sue/join a class action.

http://money.cnn.com/2017/09/08/technology/equifax-monitoring-services/index.html


You can't get help right away. When people enter their last name and part of their Social Security number on the site to see whether they were affected (http://money.cnn.com/2017/09/07/pf/victim-equifax-hack-how-to-find-out/index.html?iid=EL), some are being told: "Based on the information provided, we believe that your personal information may have been impacted by this incident."But even in that case, Equifax is not offering the credit monitoring service until next week at the earliest. Monday is the first day you can sign up.

You could be giving up some of your rights to sue. At first, Equifax said anyone who gets the credit monitoring service, TrustedID, must agree to submit any complaints about it to arbitration. Those people wouldn't be allowed to sue, join a class-action suit, or benefit from any class-action settlement.

You can opt-out of the waiver, though.


After public pressure, Equifax added an opt-out provision on Friday. Customers can get out of the arbitration requirement by notifying Equifax in writing within 30 days of accepting the monitoring service.

Looks like I may have been hit. Going to look into lifelock.

I was reading about this elsewhere yesterday and saw it mentioned that you can lock your credit file/report/whatever at the 3 different agencies which will protect you from this type of thing, but you have to unlock it whenever a merchant/job/whoever needs to run a credit check on you. I didn't know that was an option but I'm going to look into it for myself.

I was reading about this elsewhere yesterday and saw it mentioned that you can lock your credit file/report/whatever at the 3 different agencies which will protect you from this type of thing, but you have to unlock it whenever a merchant/job/whoever needs to run a credit check on you. I didn't know that was an option but I'm going to look into it for myself.

fairly common, I see it a lot from CA folks

Its a major credit agency, EVERYONES info is compromised. I'd be surprised if anyone got a message saying they weren't compromised.

I checked my parents for them and neither of them were compromised but I was.

I was reading about this elsewhere yesterday and saw it mentioned that you can lock your credit file/report/whatever at the 3 different agencies which will protect you from this type of thing, but you have to unlock it whenever a merchant/job/whoever needs to run a credit check on you. I didn't know that was an option but I'm going to look into it for myself.

There are free options for this but you can also sign up for credit monitoring from either of the 3 big ones for like 10 bucks a month. It often includes unlimited credit scores and unlimited credit reports, plus monitoring of your credit and information and they'll send you an email or text if something pops up. If also gives you the ability to lock and unlock your credit report from your phone or their website. Plus it comes with insurance that if you incur any costs associated with having your identity stolen they'll pay upwards of a million dollars. It also lets you put a fraud alert on your file and they'll send the alert to the other 2 major credit agencies that puts lenders on notice to verify more of your information before extending credit, this also gives you an option to auto renew the fraud alert every 3 months since the initial alert only lasts 3 months.

It's really not a bad deal for some peace of mind, especially since I had an identity theft scare about 6 or 7 months ago. I already had Equifax's credit monitoring (ironic I know) and then I also signed up for Transunion too for another 10 dollars a month. I was thinking of dropping Transunion but now I think I'll keep both for a while longer.

I checked my parents for them and neither of them were compromised but I was.

Likely due to you being transgender and all.

Likely due to you being transgender and all.

:(

So. I have some experience with this subject. Painful experience, but experience.

1. Your medical data is worth more to start off with. If they stole it to claim free medical services in small hospitals with inefficient billing practices, it'll take roughly 2- 5 years until a collector contacts you.

2. Don't sign anything or sign up for any 'free' protection. The devil is in the details. Everyone of those agreements for 'free' protection requires you to give away the right to sue for damages and runs out in 6 months to 1 year every time it's been offered to me.

3. Your bank/credit card accounts. Notify the banks that your data was vulnerable. Proceed to put a passcode on your account for anything (assuming your bank has that) to make any changes.

4. Banks have their own non sufficient fund list if you go into negative balances. It doesn't show up on a credit report and it's god awful difficult to get it removed (I had one). People open an account, write a hot check at a check cashing place and peace out. The guy from lifelock had a bill in texas for that, which is why he was no longer allowed to give out his SSN on commercials (or at least part of the reason).

5. The state attorney general is your friend. They deal with a lot of FDIC consumer complaint stuff. I had to get the state attorney general involved because a thief changed the address on my bank account and had a card sent to themselves and withdrew a considerable sum. Most banks will take care of it with no fees within 48 hours , but notify them in writing (according to fdic rules you are liable for 50 dollars of it if you don't notify them in writing within 46 hours of you noticing it).

6. Get a password manager. So here's the deal. Go to one of the people location sites. Search for your name or a previous email address. If you ever registered for Amazon on it, or anything else, it'll likely be on the stalker site. Consider that people re-use passwords (I know you're on this forum!) and make them names, places, and things that are significant to you. Why is this important? 4chan located shitbird lebuff in the middle of nowhere using plane contrails because they were bored. There are bots written by data thieves that aggregate data for this purpose. If your name is Uniqquuee, hell even if it isn't, for money, most people would spend twenty minutes looking on facebook for your likely passwords by your posts (remember how you were born in 1980 and your dogs name was Uniqqqquuueee and now your password is Uniqqquuuueee1980? Yeah. http://keepass.info/

7. People want free shit. I do a yearly request for all passport activities.

8. Good luck if someone commits a crime and claims to be you. You're boned. There was a judge who refused to remove an alias from court records. A guy sued because it stopped him from getting jobs. The judge told him to die in a fire. Search for it (duckduckgo.com may be a better choice, google's down the tubes these days).

How do I know all this crap?
# of times VA lost my info - 6
bluecross blue shield hack
collegeboard got hacked several years ago
adobe got hacked
sony got hacked

There are more minor breaches that have impacted me, such as the doctors office that was just throwing my dental records in a shed for storage (thanks hippa, you're great, really), but those are localized.

Yes I'm paranoid, yes I use cash and temporary visas from wal-mart for online purchases or to put money into paypal.

Here is the page for transunion (heh). Search for credit freeze for other agencies.

https://www.transunion.com/credit-freeze/place-credit-freeze

Oh, apple people. Resetting your password is easy with account numbers, dates of birth, physical address and other stuff you post on facebook.

You should all redo your security questions to stuff that has no relevance to you and write that shit down and use 2 factor authentication (if you're not already). Also, most password reset request for companies done via phone requires information like your email address, ssn, stuff like that for "verification" purposes, so keep an eye out for passwords that are mysteriously reset.

So. I have some experience with this subject. Painful experience, but experience.

1. Your medical data is worth more to start off with. If they stole it to claim free medical services in small hospitals with inefficient billing practices, it'll take roughly 2- 5 years until a collector contacts you.

2. Don't sign anything or sign up for any 'free' protection. The devil is in the details. Everyone of those agreements for 'free' protection requires you to give away the right to sue for damages and runs out in 6 months to 1 year every time it's been offered to me.

3. Your bank/credit card accounts. Notify the banks that your data was vulnerable. Proceed to put a passcode on your account for anything (assuming your bank has that) to make any changes.

4. Banks have their own non sufficient fund list if you go into negative balances. It doesn't show up on a credit report and it's god awful difficult to get it removed (I had one). People open an account, write a hot check at a check cashing place and peace out. The guy from lifelock had a bill in texas for that, which is why he was no longer allowed to give out his SSN on commercials (or at least part of the reason).

5. The state attorney general is your friend. They deal with a lot of FDIC consumer complaint stuff. I had to get the state attorney general involved because a thief changed the address on my bank account and had a card sent to themselves and withdrew a considerable sum. Most banks will take care of it with no fees within 48 hours , but notify them in writing (according to fdic rules you are liable for 50 dollars of it if you don't notify them in writing within 46 hours of you noticing it).

6. Get a password manager. So here's the deal. Go to one of the people location sites. Search for your name or a previous email address. If you ever registered for Amazon on it, or anything else, it'll likely be on the stalker site. Consider that people re-use passwords (I know you're on this forum!) and make them names, places, and things that are significant to you. Why is this important? 4chan located shitbird lebuff in the middle of nowhere using plane contrails because they were bored. There are bots written by data thieves that aggregate data for this purpose. If your name is Uniqquuee, hell even if it isn't, for money, most people would spend twenty minutes looking on facebook for your likely passwords by your posts (remember how you were born in 1980 and your dogs name was Uniqqqquuueee and now your password is Uniqqquuuueee1980? Yeah. http://keepass.info/

7. People want free shit. I do a yearly request for all passport activities.

8. Good luck if someone commits a crime and claims to be you. You're boned. There was a judge who refused to remove an alias from court records. A guy sued because it stopped him from getting jobs. The judge told him to die in a fire. Search for it (duckduckgo.com may be a better choice, google's down the tubes these days).

How do I know all this crap?
# of times VA lost my info - 6
bluecross blue shield hack
collegeboard got hacked several years ago
adobe got hacked
sony got hacked

There are more minor breaches that have impacted me, such as the doctors office that was just throwing my dental records in a shed for storage (thanks hippa, you're great, really), but those are localized.

Yes I'm paranoid, yes I use cash and temporary visas from wal-mart for online purchases or to put money into paypal.

Here is the page for transunion (heh). Search for credit freeze for other agencies.

https://www.transunion.com/credit-freeze/place-credit-freeze

Oh, apple people. Resetting your password is easy with account numbers, dates of birth, physical address and other stuff you post on facebook.

You should all redo your security questions to stuff that has no relevance to you and write that shit down and use 2 factor authentication (if you're not already). Also, most password reset request for companies done via phone requires information like your email address, ssn, stuff like that for "verification" purposes, so keep an eye out for passwords that are mysteriously reset.

Long story short, get a new SS number and name and move to new apartment. The 'burn it with fire' method.

Giving up right to sue... I don't think I've ever gotten more than $10 in a class action lawsuit. The only parties that get a reasonable return in a class action lawsuit are the lawyers.

Giving up right to sue... I don't think I've ever gotten more than $10 in a class action lawsuit. The only parties that get a reasonable return in a class action lawsuit are the lawyers.

For sure. Let's assume the class action lawsuit results in an enormous one billion dollar judgement. After lawyers take their, what, 30% cut? That's 700 million left. Not a bad chunk of change. Okay. 143 million people were affected. That's 5 dollars per person. Even if the judgement is 10 billion dollars that's still 50 dollars per person.

Three Equifax Inc. senior executives sold shares worth almost $1.8 million in the days after the company discovered a security breach that may have compromised information on about 143 million U.S. consumers.

The trio had not yet been informed of the incident, the company said late Thursday.

https://www.bloomberg.com/news/articles/2017-09-07/three-equifax-executives-sold-stock-before-revealing-cyber-hack

I'm sure they knew absolutely nothing about it and just decided to dump their stocks at the same time purely out of coincidence.

For sure. Let's assume the class action lawsuit results in an enormous one billion dollar judgement. After lawyers take their, what, 30% cut? That's 700 million left. Not a bad chunk of change. Okay. 143 million people were affected. That's 5 dollars per person. Even if the judgement is 10 billion dollars that's still 50 dollars per person.

The dollars you receive are not the issue.

Let us take Simu. It costs 250 dollars to get a character out of the back up databases right?

Now, do you expect any company to make changes to their databases, and force those changes on their business affiliates out of their own pockets?

The sue part is not for dollars. The sue part is to force, through legal means under penalties for non compliance, to fix the shit that is wrong. Yes, you need that. I've had to hire lawyers to get things fixed. It costs more than it is worth in most cases, unless it involves fraud (you go to jail for someone else getting money, or IRS, or student loans taken out in your name).

The sue part is to protect you, the credit monitoring trash will not fix the issues, it will alert you to them. This is why retaining your right to attempt to get the law on your side is important.

For me, it was because I "underpaid" due to someone using my SSN illegally to work a job in the US. Audits suck balls. It's a good thing I pay my taxes, no? And keep records?

Same... I also validated the link in that article... I thought it was weird that the website wasn't a part of the equifax domain even though it was branded as such... was able to get to the site provided via the equifax website, so it's a true subsidiary.

https://www.nytimes.com/2017/09/20/business/equifax-fake-website.html

We all fell for it.

https://www.nytimes.com/2017/09/20/business/equifax-fake-website.html

We all fell for it.

The one linked to in the first page of this thread is the correct one though right? Not sure I ever visited the fake site. So glad to see Equifax takes this shit seriously though, holy fuck. First they gather all of our information, then they allow it all to be stolen in one fell swoop, THEN they create a shitty ass website to check if we've been affected, THEN link to a fake website of said check.

Jesus.

The one linked to in the first page of this thread is the correct one though right? Not sure I ever visited the fake site. So glad to see Equifax takes this shit seriously though, holy fuck. First they gather all of our information, then they allow it all to be stolen in one fell swoop, THEN they create a shitty ass website to check if we've been affected, THEN link to a fake website of said check.

Jesus.

Pretty sure the link in the first post had that video on the page..

The one we clicked from the first page was the correct site, (equifaxsecurity2017.com)... The fake one was securityequifax2017.com.

So no, we fell for nothing.

Pretty sure the link in the first post had that video on the page..

I do seem to recall a video being on that link before, and now the video is gone, so it's possible Equifax removed the video after they realized their second major fuck up.

How do you fuck up so bad you link a fake site in this situation? I almost wish it was created maliciously instead of for "Look how stupid you people are" just for lulz.

I don't think the amount of fail involved in this is being appreciated enough.

How do you fuck up so bad you link a fake site in this situation? I almost wish it was created maliciously instead of for "Look how stupid you people are" just for lulz.

I don't think the amount of fail involved in this is being appreciated enough.

You saw their South American office used "admin" as their password?

https://www.cnet.com/g00/news/equifax-argentina-vulnerability-admin/?ftag=COS-05-10-aaa0a&linkId=42196486&i10c.encReferrer=aHR0cHM6Ly9mb3J1bXMuZWxhbnRoaWEub 25saW5lL3RvcGljLzEzOC93dGYvMjc%3D

You saw their South American office used "admin" as their password?

https://www.cnet.com/g00/news/equifax-argentina-vulnerability-admin/?ftag=COS-05-10-aaa0a&linkId=42196486&i10c.encReferrer=aHR0cHM6Ly9mb3J1bXMuZWxhbnRoaWEub 25saW5lL3RvcGljLzEzOC93dGYvMjc%3D

Yeah :lol: I think Equifax was trying to say they don't actually have anything to do with that. Which doesn't make sense but neither does using "admin" for your password whether you're Equifax or some regular fuck down the street.

Nothing to see here, move along plebs.

~

Mick Mulvaney, head of the Consumer Financial Protection Bureau, has pulled back from a full-scale probe of how Equifax failed to protect the personal data of millions of consumers, according to people familiar with the matter.

Equifax said in September that hackers stole personal data it had collected on some 143 million Americans. Richard Cordray, then the CFPB director, authorized an investigation that month, said former officials familiar with the probe.

But Cordray resigned in November and was replaced by Mulvaney, President Donald Trump's budget chief. The CFPB effort against Equifax has sputtered since then, said several government and industry sources, raising questions about how Mulvaney will police a data-warehousing industry that has enormous sway over how much consumers pay to borrow money.

The CFPB has the tools to examine a data breach like Equifax, said John Czwartacki, a spokesman, but the agency is not permitted to acknowledge an open investigation. "The bureau has the desire, expertise, and know-how in-house to vigorously pursue hypothetical matters such as these," he said.

Three sources say, though, Mulvaney, the new CFPB chief, has not ordered subpoenas against Equifax or sought sworn testimony from executives, routine steps when launching a full-scale probe. Meanwhile, the CFPB has shelved plans for on-the-ground tests of how Equifax protects data, an idea backed by Cordray.

When the private and public sectors fail us there's only one solution left on the table.

We need data to unionize.

For i = 1 to inf
MsgBox Solidarity
Next i

compile
run

When the private and public sectors fail us there's only one solution left on the table.

THE JUDEAN PEOPLE'S FRONT?!?!?!?

https://i.imgur.com/jXR7Jcq.gif

I hacked Equifax.

I hacked Equifax.

Reported.

In other news the organization has unveiled their new name, the Corporate Financial Protection Bureau.

Better check, just in case.

https://scontent.fbtr1-1.fna.fbcdn.net/v/t1.0-9/35360460_10156167274092535_627927113483157504_n.jp g?_nc_cat=0&oh=342f8399e4322f066fff6f1d342f7630&oe=5BC459D0

I don't think that thing is accurate. I did it and it said I was good, but then I started noticing strange purchases on my statement.