![Zarathustra[H]](https://cdn.hardforum.com/data/avatars/m/9/9298.jpg?1707758471){kind=avatar}
Zarathustra[H]
Extremely [H]
- Joined
- Oct 29, 2000
- Messages
- 38,859
![[H]ard|Forum](/styles/hardforum/xenforo/logo_dark.png){kind=logo}
Equifax Data Breach Exposes Personal Information of 143 Million
- Thread starter FrgMstr
- Start date
Gigus Fire
2[H]4U
- Joined
- Oct 14, 2004
- Messages
- 2,275
clear case of insider trading. Companies that are this blatant should be burned into the ground.
bizzmeister
2[H]4U
- Joined
- Apr 26, 2010
- Messages
- 2,439
WTF.....?
sfsuphysics
[H]F Junkie
- Joined
- Jan 14, 2007
- Messages
- 15,994
Man if there was anything that could push hurricanes out of the news, this is it.
My attorney and arbitrator, Mr Ruger, ESQ, tells me that if problems arise with my credit, bank accounts, social security accounts, or anything else as the result of id theft by way of Equifax, he's got a way to deal with them. Watch your bank and credit card accounts boyz and girlz, especially for ghost authorizations.
S***bag insider trading b**turds need to be hung out to dry.
S***bag insider trading b**turds need to be hung out to dry.
I have a lot of mixed feelings about this (mostly against) and I know all too well slippery slopes but crap like this is why people will be eager to jump towards biometrics and chips. Things that can't be hacked or stolen or at least WAY more difficult.
Awww but they are probably too big to fail and congress will stick a bailout for them on one of the hurricane bills so Trump can sign it.
Hah, I just noticed the comments and like dislike results are disabled on the Equifax video. I wonder why... lol
So agreeing to the terms of service for their free one year credit monitoring subscription seems to waive your rights to sue Equifax for this breach?
You had ONE JOB.
https://goo.gl/images/iNyux1
https://goo.gl/images/iNyux1
thesmokingman
Supreme [H]ardness
- Joined
- Nov 22, 2008
- Messages
- 6,617
This won't hold up and I doubt any judge will force anyone to give up their rights buried in a tos given the nature of things.
SPARTAN VI
[H]F Junkie
- Joined
- Jun 12, 2004
- Messages
- 8,762
How would you possibly prove in court that your identity was stolen because of data acquired from this breach?
Yes, that's the trap. "Free" credit monitoring provided by Equifax (same people who couldn't keep your info secure) in exchange for waiving the right to class action lawsuits. Great deal for Equifax right? They provide you with a digital monitoring service that costs them almost nothing since they are the ones providing it and you lose your right to sue.
Not true. The Supreme Court has repeatedly upheld binding arbitration in a number of cases in recent years. This is the business friendly direction that the Supreme court is leaning in these days (note that these decisions were 6-3 and 7-1 so not a conservative vs. liberal thing).
2017: http://thehill.com/regulation/court...t-sides-with-nursing-home-in-arbitration-case (Supreme Court ruled that arbitration was binding when somebody died due to alleged substandard care at a nursing home)
2015: https://www.americanbar.org/publications/blt/2016/01/keeping_current.html (DirectTV case in which Supreme Court ruled that federal arbitration laws supersede state laws that make arbitration clauses unenforceable)
Basically, the DirectTV case found that if you sign an arbitration clause these days you are bound even if your state laws say its not enforceable because this type of waiver is "unconscionable" (basically your argument enforcing an arbitration clause would be unfair "given the nature of things"). Over the last 10 years, it has become harder and harder to get out of arbitration. The deck is stacked in favor of corporations. For more information an interesting article can be found below:
https://www.nytimes.com/2015/11/01/...-everywhere-stacking-the-deck-of-justice.html
cyberguyz
Gawd
- Joined
- Aug 28, 2014
- Messages
- 710
I wonder if anybody in Canada was affected by this. I know those "offers" are useless to us since they are only available in the US. I'll have to see what Equifax Canada has to say about it since they are our primary credit bureau.
--- edit ---
Did some google work and found out *some* Canadians were affected too. Main difference is that Canadians don't get that free service offer (perhaps that is not such a bad thing).
--- edit ---
Did some google work and found out *some* Canadians were affected too. Main difference is that Canadians don't get that free service offer (perhaps that is not such a bad thing).
Last edited:
thesmokingman
Supreme [H]ardness
- Joined
- Nov 22, 2008
- Messages
- 6,617
Not the same. In this case the clause is buried in a tos ppl were tricked into by Equifax and they are only there due to Equifax's negligence. There's no way in hell this BS from Equifax stands in court. Here's a tos example.
http://fortune.com/2016/07/29/uber-arbitration-motion-denied/
I have a packet coming from Chase for the fraud that occurred yesterday on my CC.
Will see if that is enough to refresh my memory. Will try to remember to post back, but feel free to IM me if I don't.
AltreineirialX
Weaksauce
- Joined
- May 30, 2017
- Messages
- 66
Perfect cover to steal from yourself your number and blame it on a phantom.
What a database should have - since we have high speed internet, have "dummy"
data attached so it makes the filesize so big it cant be broadcasted by
normal joe asshole bank robber.
What a database should have - since we have high speed internet, have "dummy"
data attached so it makes the filesize so big it cant be broadcasted by
normal joe asshole bank robber.
Last edited:
sfsuphysics
[H]F Junkie
- Joined
- Jan 14, 2007
- Messages
- 15,994
Well apparently I was wrong, saw a little ticker tape bit about it, and then an story with an "expert" meanwhile they give traffic updates 5 times an hour.
NeghVar
2[H]4U
- Joined
- May 1, 2003
- Messages
- 2,671
One thing I have always wondered about data breaches and liabilities is, depending on the results of an investigation, how liable a company can be held.
There is no such thing as a perfectly secure system. Everyone here should know that. If the investigations find gross negligence and/ or human error to be the fault, then the company is definitely liable. But what if the investigation finds that all systems and configurations were configured to the best the industry can provide. No gross negligence and/ or human error. Does full liability still remain with the company? Is it fair if it does?
There is no such thing as a perfectly secure system. Everyone here should know that. If the investigations find gross negligence and/ or human error to be the fault, then the company is definitely liable. But what if the investigation finds that all systems and configurations were configured to the best the industry can provide. No gross negligence and/ or human error. Does full liability still remain with the company? Is it fair if it does?
https://arstechnica.com/tech-policy...im-you-must-give-up-right-to-sue-to-find-out/
Tech outlets are picking up on the "give up the right to sue" aspect.
Tech outlets are picking up on the "give up the right to sue" aspect.
AltreineirialX
Weaksauce
- Joined
- May 30, 2017
- Messages
- 66
Heres the solution. Have your mail delivered by horse carriage to your mailbox. Have a secret key in a rainbow sugar cupcake feed to a horse and have the horse barf/shit out the key. If it is rainbow puke it is verified, if it is neon crap it is encrypted.
If it makes your day better, the fine print of the protection enrollment signs away your rights to sue or join a class action lawsuit.
I'm more livid than you can imagine. Not at the hack.
That these POS credit bureau's are allowed to keep massive amounts of sensitive data on us, and then CHARGE us to exert any control?
I was impacted.
Today, moments after this hit the news... I got an email from Credit Karma noting an attempt to change my password (did not succeed, I have to click in the email for next steps). 10 minutes later while going to a wake, I get an email from a credit card company noting that my email address has just been changed.
I spend like 20+ mins dealing with that with the CC company, but then visit the Equifax website setup to address this issue. It tells me my enrollment date is 9/11, four days away - that's when I am allowed to enroll. (TBH, I already have a fraud alert on my reports from an event 4 years ago, but figured considering the severity of this, and that minutes after it went public I already had two attempts of fraud, one of them successful...)
Anyway, only Equifax let me put in a security freeze (to not share my file with anyone)... Here's where I become super livid. An hour later after realizing the other bureaus won't let me do it online and I have to mail them, I try to remove the Equifax freeze.
They want $5 for this.
So I can't enroll in their protection plan, even though I already have fraud occuring... And their standard freeze process wants money from me.
They make billions selling information our credit history, separately market products to us consumers... But if we want to exert any control over that, they come looking for a payment method.
It's not the money that bothers me - it's the principle. (Since I'm now twice a victim (a small charge went through on that one CC)... I'll get it removed later for free, after I send them proof to extend my current fraud alert out 7 years from the 3 remaining)
Sorry for the rant.
Unfortunately, just because something is buried in fine print or written in nearly incomprehensible legalese doesn't mean that its not enforceable. Sadly, the case that you cite really doesn't say what you think it does. In the Uber case, the judge found that you cannot be bound simply by using a service. Uber was arguing that any use of their service meant that you automatically agreed even if you were not explicitly asked to agree. From the article you quote:
In this case, the consumer was never asked to agree to a TOS. Uber was arguing that just the use of the service bound you to something you had never been explicitly asked to agree to. This case was the reason why I stated in a previous post that I was sure people who sign up for the monitoring service and clicked agree were screwed but wasn't sure if the people (like me) who just used the service to check if they were compromised were bound by the clause. The reason I'm not 100% sure is that the Uber case is a district case which can be overturned by the Supreme Court.
Should using a service automatically mean that you agree to TOS even if you were never asked if you agreed? I don't think so. Do I trust the Supreme Court to do the right thing and side with the consumer over the corporation? Not one bit.
Last edited:
In discussing this issue with friends, being an affected person, a few things came up.
1) I doubt that that terms of service is binding or enforcable.
2) That aside, why the fuck do they have my SSN and use it as an identification number? We have no tax relationship, they aren't offering me SS services, and they aren't the government. Working at a place that lost a lawsuit over that issue, I do hope some of the class actions persue that aspect.
3) I'm tired of them filing shit that is incorrect and not fixing it. 10+ years ago you could get shit fixed. These days? Not so much. Or at least it's less effective/they are more incompetent at it. I wonder, since your credit report can clearly have a demonstrable negative impact on you, you could sue them for libel?
1) I doubt that that terms of service is binding or enforcable.
2) That aside, why the fuck do they have my SSN and use it as an identification number? We have no tax relationship, they aren't offering me SS services, and they aren't the government. Working at a place that lost a lawsuit over that issue, I do hope some of the class actions persue that aspect.
3) I'm tired of them filing shit that is incorrect and not fixing it. 10+ years ago you could get shit fixed. These days? Not so much. Or at least it's less effective/they are more incompetent at it. I wonder, since your credit report can clearly have a demonstrable negative impact on you, you could sue them for libel?
thesmokingman
Supreme [H]ardness
- Joined
- Nov 22, 2008
- Messages
- 6,617
You're ignoring the circumstances of this case. You can believe what you want, more power to the man good for you.
Do I want this to be enforcable--hell no. I'm just worried about the way things are going with more and more arbitration clauses becoming enforceable due to anti-consumer Supreme Court rulings.
On the bright side: Due to public pressure, Equifax has just added an OPT-OUT clause. If you notify Equifax in writing within 30 days, you can now opt out of the arbitration clause even if you did sign up. I would strongly encourage anyone who has signed up to opt out.
See:
http://money.cnn.com/2017/09/08/technology/equifax-monitoring-services/index.html
Apparently, these types of arbitration clauses are currently allowed. Will not be allowed next year unless Congress succeeds in rolling back the new regulations.
On the bright side: Due to public pressure, Equifax has just added an OPT-OUT clause. If you notify Equifax in writing within 30 days, you can now opt out of the arbitration clause even if you did sign up. I would strongly encourage anyone who has signed up to opt out.
See:
http://money.cnn.com/2017/09/08/technology/equifax-monitoring-services/index.html
Apparently, these types of arbitration clauses are currently allowed. Will not be allowed next year unless Congress succeeds in rolling back the new regulations.
Last edited:
D
Deleted member 93354
Guest
Well it is law that you MUST be notified of any security breeches of your private information. The fact that equifax refuses to disclose to you if you have been affected unless you agree not to sue them is in clear violation of that law.
Even the New York States Attorney just called them and told them to take that clause out.
New York State Attorney Twitter Post said:
thesmokingman
Supreme [H]ardness
- Joined
- Nov 22, 2008
- Messages
- 6,617
^^Thanks for that.
See...
See...
kidstechno3
Limp Gawd
- Joined
- Jun 29, 2016
- Messages
- 201
Member when our government actually cared about consumer rights and were against monopolies/corporate consolidation/meaningful regulations?
Those were good times.
Those were good times.
Yes, this is such a law. However, previous news reports stated that Equifax is mailing out physical letters to comply with that requirement. The online access is an "additional service" with the TOS attached. From equifax's press release:
This argument is moot anyways now that Equifax has caved to public pressure and added an opt out clause. To be safe, it would be best to send an opt out notice to Equifax.
This argument is moot anyways now that Equifax has caved to public pressure and added an opt out clause. To be safe, it would be best to send an opt out notice to Equifax.
thesmokingman
Supreme [H]ardness
- Joined
- Nov 22, 2008
- Messages
- 6,617
You shouldn't have to write a letter to opt out of something like this in the first place.
Sure, I agree with that. I personally believe that the way consumers are treated with these arbitration clauses is unfair and unjust. Does that mean that we can't get screwed over thanks to pro-business rulings by the Supreme Court or actions by Congress? Unfortunately, many things I think shouldn't be enforceable are these days.
Anything can be hacked. Biometrics and chips are not the solution either. Do you really want your security tied to something you can't easily change, so once it's hacked it much more difficult to correct?
No, the solution is much worse penalties for identity thief, instead of just letting the business write off the lose on their taxes.
Using a stolen credit card, how about 10 years of hard labor? These lazy crooks would never want to go back to that.
sfsuphysics
[H]F Junkie
- Joined
- Jan 14, 2007
- Messages
- 15,994
Here's the thing though, 143 million people affected. So lets say there is a class action lawsuit and the judge drops a bombshell of a verdict of 14 billion dollars and it sticks! Now easily 50% of that goes to lawyers, and lets say they managed to "sign" 100 million of the affected people, so enjoy your $70 settlement check.
Personally I'd go through arbitration and try to get lifetime monitoring instead of this 1 year bullshit they push.
Todd Walter
Gawd
- Joined
- May 10, 2016
- Messages
- 634
Likely because binding arbitration clauses aren't enforceable up here, at least in Ontario. You cannot sign away your rights as a consumer via contract.
If you think you are likely to do better in arbitration, that is your right to choose it. You are almost always allowed to opt out of a class action and proceed with whatever method you want.
That said, I feel that you might end up regretting it. Since when does signing your rights away make a company more likely to give you what you want? You need to remember that companies keep trying to push people into arbitration. Logically speaking, why would a company push for binding arbitration if it didn't favor them and end up costing them less? I think that it is unlikely that you can get more out of a company when you agree to be bound by their rules vs. being able to sue in court.
https://www.nytimes.com/2015/11/02/...vatization-of-the-justice-system.html?mcubz=1
Monkey34
Supreme [H]ardness
- Joined
- Apr 11, 2003
- Messages
- 5,140
Check this out:
"
By signing up on Equifax’s help site, you risk giving up your legal rights"
https://www.washingtonpost.com/news...s-data-breach-website/?utm_term=.f7ea03ce3e8a
"
By signing up on Equifax’s help site, you risk giving up your legal rights"
https://www.washingtonpost.com/news...s-data-breach-website/?utm_term=.f7ea03ce3e8a
Even lifetime monitoring at a single bureau isn't enough though. Especially since most places pull experian and or transunion. A lot of places don't pull Equifax when determining approval for new credit. Have to go to a place that monitors all 3 to stay on top.
infin@
Gawd
- Joined
- Oct 18, 2006
- Messages
- 812
I'm from Canada and I got the very vague "I may be affected". WTF kind of an answer is that? I had to fight with these asshats for 6 months to correct errors on my credit. I was trying for a mortgage and my bank would either call Transunion or Equifax depending on the day, my credit was great according to Transunion, Equifax had a delinquent cell phone bill from a provider that operates only on the other side of the country. Guess who my bank called that day. I had to deal with them to correct the error which resulted in me sending them information and now this! I love that it was discovered that the CFO and other senior executives were involved in selling 2 million in shares days after this breach was discovered. Oh you claim you "didn't know" about the breach? I hope that gets you as far as "not knowing" got me with my bank thanks to your incompetence.