Massive Equifax Hack Affects 143 Million

[Fallen]

Agreeing to use their credit monitoring service waives your right to sue/join a class action.

http://money.cnn.com/2017/09/08/tech...ces/index.html

You can't get help right away. When people enter their last name and part of their Social Security number on the site to see whether they were affected, some are being told: "Based on the information provided, we believe that your personal information may have been impacted by this incident."But even in that case, Equifax is not offering the credit monitoring service until next week at the earliest. Monday is the first day you can sign up.

You could be giving up some of your rights to sue. At first, Equifax said anyone who gets the credit monitoring service, TrustedID, must agree to submit any complaints about it to arbitration. Those people wouldn't be allowed to sue, join a class-action suit, or benefit from any class-action settlement.

You can opt-out of the waiver, though.

After public pressure, Equifax added an opt-out provision on Friday. Customers can get out of the arbitration requirement by notifying Equifax in writing within 30 days of accepting the monitoring service.

[Ltlprprincess]

Looks like I may have been hit. Going to look into lifelock.

[Velfi]

I was reading about this elsewhere yesterday and saw it mentioned that you can lock your credit file/report/whatever at the 3 different agencies which will protect you from this type of thing, but you have to unlock it whenever a merchant/job/whoever needs to run a credit check on you. I didn't know that was an option but I'm going to look into it for myself.

[Orthin]

I was reading about this elsewhere yesterday and saw it mentioned that you can lock your credit file/report/whatever at the 3 different agencies which will protect you from this type of thing, but you have to unlock it whenever a merchant/job/whoever needs to run a credit check on you. I didn't know that was an option but I'm going to look into it for myself.

fairly common, I see it a lot from CA folks

[Tgo01]

Its a major credit agency, EVERYONES info is compromised. I'd be surprised if anyone got a message saying they weren't compromised.

I checked my parents for them and neither of them were compromised but I was.

[Tgo01]

I was reading about this elsewhere yesterday and saw it mentioned that you can lock your credit file/report/whatever at the 3 different agencies which will protect you from this type of thing, but you have to unlock it whenever a merchant/job/whoever needs to run a credit check on you. I didn't know that was an option but I'm going to look into it for myself.

There are free options for this but you can also sign up for credit monitoring from either of the 3 big ones for like 10 bucks a month. It often includes unlimited credit scores and unlimited credit reports, plus monitoring of your credit and information and they'll send you an email or text if something pops up. If also gives you the ability to lock and unlock your credit report from your phone or their website. Plus it comes with insurance that if you incur any costs associated with having your identity stolen they'll pay upwards of a million dollars. It also lets you put a fraud alert on your file and they'll send the alert to the other 2 major credit agencies that puts lenders on notice to verify more of your information before extending credit, this also gives you an option to auto renew the fraud alert every 3 months since the initial alert only lasts 3 months.

It's really not a bad deal for some peace of mind, especially since I had an identity theft scare about 6 or 7 months ago. I already had Equifax's credit monitoring (ironic I know) and then I also signed up for Transunion too for another 10 dollars a month. I was thinking of dropping Transunion but now I think I'll keep both for a while longer.

[Wrathbringer]

I checked my parents for them and neither of them were compromised but I was.

Likely due to you being transgender and all.

[Tgo01]

Likely due to you being transgender and all.

[barbarous]

So. I have some experience with this subject. Painful experience, but experience.

1. Your medical data is worth more to start off with. If they stole it to claim free medical services in small hospitals with inefficient billing practices, it'll take roughly 2- 5 years until a collector contacts you.

2. Don't sign anything or sign up for any 'free' protection. The devil is in the details. Everyone of those agreements for 'free' protection requires you to give away the right to sue for damages and runs out in 6 months to 1 year every time it's been offered to me.

3. Your bank/credit card accounts. Notify the banks that your data was vulnerable. Proceed to put a passcode on your account for anything (assuming your bank has that) to make any changes.

4. Banks have their own non sufficient fund list if you go into negative balances. It doesn't show up on a credit report and it's god awful difficult to get it removed (I had one). People open an account, write a hot check at a check cashing place and peace out. The guy from lifelock had a bill in texas for that, which is why he was no longer allowed to give out his SSN on commercials (or at least part of the reason).

5. The state attorney general is your friend. They deal with a lot of FDIC consumer complaint stuff. I had to get the state attorney general involved because a thief changed the address on my bank account and had a card sent to themselves and withdrew a considerable sum. Most banks will take care of it with no fees within 48 hours , but notify them in writing (according to fdic rules you are liable for 50 dollars of it if you don't notify them in writing within 46 hours of you noticing it).

6. Get a password manager. So here's the deal. Go to one of the people location sites. Search for your name or a previous email address. If you ever registered for Amazon on it, or anything else, it'll likely be on the stalker site. Consider that people re-use passwords (I know you're on this forum!) and make them names, places, and things that are significant to you. Why is this important? 4chan located shitbird lebuff in the middle of nowhere using plane contrails because they were bored. There are bots written by data thieves that aggregate data for this purpose. If your name is Uniqquuee, hell even if it isn't, for money, most people would spend twenty minutes looking on facebook for your likely passwords by your posts (remember how you were born in 1980 and your dogs name was Uniqqqquuueee and now your password is Uniqqquuuueee1980? Yeah. http://keepass.info/

7. People want free shit. I do a yearly request for all passport activities.

8. Good luck if someone commits a crime and claims to be you. You're boned. There was a judge who refused to remove an alias from court records. A guy sued because it stopped him from getting jobs. The judge told him to die in a fire. Search for it (duckduckgo.com may be a better choice, google's down the tubes these days).

How do I know all this crap?
# of times VA lost my info - 6
bluecross blue shield hack
collegeboard got hacked several years ago
adobe got hacked
sony got hacked

There are more minor breaches that have impacted me, such as the doctors office that was just throwing my dental records in a shed for storage (thanks hippa, you're great, really), but those are localized.

Yes I'm paranoid, yes I use cash and temporary visas from wal-mart for online purchases or to put money into paypal.

Here is the page for transunion (heh). Search for credit freeze for other agencies.

https://www.transunion.com/credit-fr...-credit-freeze

Oh, apple people. Resetting your password is easy with account numbers, dates of birth, physical address and other stuff you post on facebook.

You should all redo your security questions to stuff that has no relevance to you and write that shit down and use 2 factor authentication (if you're not already). Also, most password reset request for companies done via phone requires information like your email address, ssn, stuff like that for "verification" purposes, so keep an eye out for passwords that are mysteriously reset.

[Kobold]

So. I have some experience with this subject. Painful experience, but experience.

1. Your medical data is worth more to start off with. If they stole it to claim free medical services in small hospitals with inefficient billing practices, it'll take roughly 2- 5 years until a collector contacts you.

2. Don't sign anything or sign up for any 'free' protection. The devil is in the details. Everyone of those agreements for 'free' protection requires you to give away the right to sue for damages and runs out in 6 months to 1 year every time it's been offered to me.

3. Your bank/credit card accounts. Notify the banks that your data was vulnerable. Proceed to put a passcode on your account for anything (assuming your bank has that) to make any changes.

4. Banks have their own non sufficient fund list if you go into negative balances. It doesn't show up on a credit report and it's god awful difficult to get it removed (I had one). People open an account, write a hot check at a check cashing place and peace out. The guy from lifelock had a bill in texas for that, which is why he was no longer allowed to give out his SSN on commercials (or at least part of the reason).

5. The state attorney general is your friend. They deal with a lot of FDIC consumer complaint stuff. I had to get the state attorney general involved because a thief changed the address on my bank account and had a card sent to themselves and withdrew a considerable sum. Most banks will take care of it with no fees within 48 hours , but notify them in writing (according to fdic rules you are liable for 50 dollars of it if you don't notify them in writing within 46 hours of you noticing it).

6. Get a password manager. So here's the deal. Go to one of the people location sites. Search for your name or a previous email address. If you ever registered for Amazon on it, or anything else, it'll likely be on the stalker site. Consider that people re-use passwords (I know you're on this forum!) and make them names, places, and things that are significant to you. Why is this important? 4chan located shitbird lebuff in the middle of nowhere using plane contrails because they were bored. There are bots written by data thieves that aggregate data for this purpose. If your name is Uniqquuee, hell even if it isn't, for money, most people would spend twenty minutes looking on facebook for your likely passwords by your posts (remember how you were born in 1980 and your dogs name was Uniqqqquuueee and now your password is Uniqqquuuueee1980? Yeah. http://keepass.info/

7. People want free shit. I do a yearly request for all passport activities.

8. Good luck if someone commits a crime and claims to be you. You're boned. There was a judge who refused to remove an alias from court records. A guy sued because it stopped him from getting jobs. The judge told him to die in a fire. Search for it (duckduckgo.com may be a better choice, google's down the tubes these days).

How do I know all this crap?
# of times VA lost my info - 6
bluecross blue shield hack
collegeboard got hacked several years ago
adobe got hacked
sony got hacked

There are more minor breaches that have impacted me, such as the doctors office that was just throwing my dental records in a shed for storage (thanks hippa, you're great, really), but those are localized.

Yes I'm paranoid, yes I use cash and temporary visas from wal-mart for online purchases or to put money into paypal.

Here is the page for transunion (heh). Search for credit freeze for other agencies.

https://www.transunion.com/credit-fr...-credit-freeze

Oh, apple people. Resetting your password is easy with account numbers, dates of birth, physical address and other stuff you post on facebook.

You should all redo your security questions to stuff that has no relevance to you and write that shit down and use 2 factor authentication (if you're not already). Also, most password reset request for companies done via phone requires information like your email address, ssn, stuff like that for "verification" purposes, so keep an eye out for passwords that are mysteriously reset.

Long story short, get a new SS number and name and move to new apartment. The 'burn it with fire' method.