Equifax Data Breach Exposes Personal Information of 143 Million

sfsuphysics said:
Here's the thing though, 143 million people affected. So lets say there is a class action lawsuit and the judge drops a bombshell of a verdict of 14 billion dollars and it sticks! Now easily 50% of that goes to lawyers, and lets say they managed to "sign" 100 million of the affected people, so enjoy your $70 settlement check.

Personally I'd go through arbitration and try to get lifetime monitoring instead of this 1 year bullshit they push.
Click to expand...

Class actions are not really intended to make plaintiffs whole. They are more intended as a way to assess damages to the offending company, to act as a caution to it and other companies so they behave better and take more precautions in the future.

Personally, I already have 3 bureau credit monitoring complimentary courtesy of the federal government after the OPM hack, so I am going to decline the Equifax offer in ordeer to maintain my rights to sue if I actually wind up being a victim of identity theft.

I will not accept any paltry settlement letting them off the hook. A few bucks now does not make up for the potential of life altering identity theft in the future. I'd rather have nothing now, not settle, and then sue if I am actually harmed in the future.
 
sfsuphysics said:
Here's the thing though, 143 million people affected. So lets say there is a class action lawsuit and the judge drops a bombshell of a verdict of 14 billion dollars and it sticks! Now easily 50% of that goes to lawyers, and lets say they managed to "sign" 100 million of the affected people, so enjoy your $70 settlement check.

Personally I'd go through arbitration and try to get lifetime monitoring instead of this 1 year bullshit they push.
Click to expand...

Why not add the lifetime monitoring to the $70 settlement check? Also I would suggest stripping those insider trading assholes of their profits and bump the 14billion dollars to 30billion
 
sfsuphysics said:
Here's the thing though, 143 million people affected. So lets say there is a class action lawsuit and the judge drops a bombshell of a verdict of 14 billion dollars and it sticks! Now easily 50% of that goes to lawyers, and lets say they managed to "sign" 100 million of the affected people, so enjoy your $70 settlement check.

Personally I'd go through arbitration and try to get lifetime monitoring instead of this 1 year bullshit they push.
Click to expand...

I'll take a $70 settlement check. It only cost me $30 to lock down my account.
 
Zarathustra[H] said:
Class actions are not really intended to make plaintiffs whole. They are more intended as a way to assess damages to the offending company, to act as a caution to it and other companies so they behave better and take more precautions in the future.

Personally, I already have 3 bureau credit monitoring complimentary courtesy of the federal government after the OPM hack, so I am going to decline the Equifax offer in ordeer to maintain my rights to sue if I actually wind up being a victim of identity theft.

I will not accept any paltry settlement letting them off the hook. A few bucks now does not make up for the potential of life altering identity theft in the future. I'd rather have nothing now, not settle, and then sue if I am actually harmed in the future.
Click to expand...

Opting out of a class action to pursue an individual lawsuit is very different than being forced into binding individual arbitration. If you can afford to sue them individually, good for you, and I hope you can make them pay. For me, I would probably see what happens with a class action lawsuit (people are apparently already filing them) and then make a decision from there.
 
infin@ said:
I'm from Canada and I got the very vague "I may be affected". WTF kind of an answer is that? I had to fight with these asshats for 6 months to correct errors on my credit. I was trying for a mortgage and my bank would either call Transunion or Equifax depending on the day, my credit was great according to Transunion, Equifax had a delinquent cell phone bill from a provider that operates only on the other side of the country. Guess who my bank called that day. I had to deal with them to correct the error which resulted in me sending them information and now this! I love that it was discovered that the CFO and other senior executives were involved in selling 2 million in shares days after this breach was discovered. Oh you claim you "didn't know" about the breach? I hope that gets you as far as "not knowing" got me with my bank thanks to your incompetence.
Click to expand...
I totally agree with you. Everyone has a right to be completely apedoo angry about this. Try to chill out, only so much we can do. Let's hope enough people complain to all in authority to make the whole system better. They had too much power anyway.
iamjanco said:
My attorney and arbitrator, Mr Ruger, ESQ, tells me that if problems arise with my credit, bank accounts, social security accounts, or anything else as the result of id theft by way of Equifax, he's got a way to deal with them. Watch your bank and credit card accounts boyz and girlz, especially for ghost authorizations.

S***bag insider trading b**turds need to be hung out to dry.
Click to expand...
Could you ask your lawyer what he thinks about a person not being able to sue for just going to the equifax2017 site?

I think it seems you have to actually sign up for the free credit monitoring for a year to be not able to sue, I'd like to hear what an expert says. It seems they added a way to opt out, so it's confusing. I know someone that checked the site and would like to know. They didn't sign up for the credit monitoring. They don't even want to contact Equifax because of all the shady snake oil moves they read about.
 
sfsuphysics said:
Personally I'd go through arbitration and try to get lifetime monitoring instead of this 1 year bullshit they push.
Click to expand...
Arbitration as it exists in the US largely exists to screw over people who agree to it though. Lifetime monitoring would be better than nothing but is still BS anyways as a preventative.

Personally I hope events like these make people start to consider the question, "why do these credit agencies even need to exist in the first place?", because guess what: they don't. They do little to nothing to provide beneficial service for most and frequently they're used more as a means of sorting "undesireables" out of things like jobs or rentals. Many other countries don't have anything like them and people are still able to get access to debt and credit without much issue.

The reality is these incredibly invasive and half assed credit agencies are there solely to make more money for a few and that is it and we really don't need them at all.
 
Been following this all morning.

The best comment I've seen..............."I wouldn't trust these guys with a bag of chips after this"

We need pressure on them to offer all who request it a freeze on there credit reports.

This is a lot worse than what Martha Stewart did................someone needs a quiet spot to ponder there decisions.
 
I can add, the warning about the buyers/sellers waiting a good while to use information is very very true. These are plenty of pros out there. Both myself and parents got hit from Home Depot mess many many months after it had cleared news. And it was very clear line that it was because of HD, especially parents as they hadnt used the card for absolutely anything for long time, except for single HD purchase long ago.

Definitely need to use separate cards for online versus physical purchase.

But, between OPM and this, me and lot of folks are just absolutely royally fucked forever. They have every single piece of uniquely personal information. More than likely, more than myself, because ive forgotten a lot of previous history/dates.
 
Don't sweat it too much guys. Info like this is already constantly being stolen, sold, and traded, everywhere. It's a digital world and we are on the cusp. All we can do is monitor our reports & accounts and freeze when necessary, etc.
 
As someone who works in IT, I'm interested in how it happened. The scant information out there indicates that it was accessed through a website run by Equifax. Was it SQL injection? No bounds checking? An open API with no rate limiting?
 
triwolf said:
I have to rant. How can I check a website and lose my rights to sue? What a dirty lowdown rackin' frackin' evil company!:rage:
Click to expand...

Turns out:

From their FAQ:

Do the TrustedID Terms of Use limit my options related to the cyber security incident?

The arbitration clause and class action wavier included in the TrustedID Premier Terms of Use applies to the free credit file monitoring and identity theft protection products, and not the cybersecurity incident.

_____

We should all still complain and resist all these agreements where we actually have no rights and are forced into arbitration.
 
Mohonri said:
As someone who works in IT, I'm interested in how it happened. The scant information out there indicates that it was accessed through a website run by Equifax. Was it SQL injection? No bounds checking? An open API with no rate limiting?
Click to expand...
That's an interesting question. At the least no proper security testing was done, with the results. I'd bet it was done on the cheap, to cut costs. Now they are paying big time.
 
Kintigh said:
Been following this all morning.

The best comment I've seen..............."I wouldn't trust these guys with a bag of chips after this"

We need pressure on them to offer all who request it a freeze on there credit reports.

This is a lot worse than what Martha Stewart did................someone needs a quiet spot to ponder there decisions.
Click to expand...
You can freeze it anytime you want. To unfreeze will cost you $3-$5 depending on the bureau. Everyone should freeze their credit unless you have a purchase or need to open a line of credit and then freeze it afterwards.

This sucks big time for everyone involved, consumers and employees...who guess what? They are also consumers.
Shintai said:
I dont get the US credit system. Here people are given loans depending on what they actually earn and spend. Nobody got a "score rating". And certainly not being tracked.

If you are a bad payer you get placed in "RKI" until settled, for everyone else there is no listing anywhere.

Experian is trying to get permission for a "positive list", but getting nowhere :)
Click to expand...
The "score rating" represents that. There are many score models and they look at and weight various factors to determine your level of risk. Which score is used depends on the lender and what they are trying to achieve.

Also, banks still look at income and tax returns in addition to a credit score to determine an individual's worthiness.
 
Last edited:
FB_IMG_1504904546191.jpg
 
erek said:
Good catch. Apparently my free Equifax TrustedID Premiere enrollment date is 9/13. Anyone else?
Click to expand...
yuppers, 09-13 here too. I'm still on the free 3 year coverage provided by the VA for the breach a few years ago. Now looks like I'll have two services keeping me safe and sound ...
 
Last edited:
I've had LifeLock Ultimate for about a year now and haven't checked if I was a part of the breach. No point in me checking since I already have one of the best credit monitoring services and if my info was stolen...well...there is nothing I can do about it anyway. Might as well join the class action lawsuit if it happens, and if I was affected - I'm sure I'll be contacted by a law firm conducting one of the class action suits.
 
Spidey329 said:
This would explain the weird stuff recently. My dad kept getting a password change request on his email and I got a call from Chase confirming I made certain charges.

These companies won't take data security seriously until one of them is hit with a fine so severe they're all but bankrupt.

Just checked, my enrollment data is 9/12, so that means I'm one part of it. Joy.
Click to expand...

Fines don't work, they'll just increase pricing to pay them off by passing it along to us. Criminal convictions MIGHT work on this, but guess what.. corporations are considered people in the eyes of the law in some cases... so how do you convict that? the upper echelon gets off scott free because of this.
 
exlink said:
I've had LifeLock Ultimate for about a year now and haven't checked if I was a part of the breach. No point in me checking since I already have one of the best credit monitoring services and if my info was stolen...well...there is nothing I can do about it anyway. Might as well join the class action lawsuit if it happens, and if I was affected - I'm sure I'll be contacted by a law firm conducting one of the class action suits.
Click to expand...

You know the life lock CEO put his social sec number in commercials and got his owned 3 ways from sunday... right? That's why lifelock has changed their messaging dramatically from "you ain't gettin shit" to "nobody can protect everyone from everything".
 
rewted said:
You know the life lock CEO put his social sec number in commercials and got his owned 3 ways from sunday... right? That's why lifelock has changed their messaging dramatically from "you ain't gettin shit" to "nobody can protect everyone from everything".
Click to expand...

I never said it was bulletproof...

There isn't a single credit monitoring service that will protect you 100%. But its still better than the majority of other credit monitoring services and definitely better than no monitoring service at all.
 
Clicking the button is like pulling the slot machines at Vegas.

3 maybe, 1 yes and 1 no. The only constant is that in all 5 cases they want me to sign up for the free monitoring..even the "no" response.

Try it a few times to see if you get the same answer.

I got 3 maybe, 1 yes and 1 no about my data being hacked.

I think it is a scam on a scam.
 
i agree it is a scam on a scam as that so called free monitor .. will cost you some thing later ..if you do not cancel it ???
plus it limits your legal rights ?

i did not read it all but i am concerned ..was this JUST A PLAY TO GET MORE USERS TO BUY \ USE PRODUCTS FROM THIS BULLSHIT CREDIT COMPANY ?

also why did they wait several months to release the facts that they were hacked??

and have several members from the top sell stock off of ?

seems fishy to me ..and they only wanna get everyone to sighn up for some new thing that they make more cash on // eventually buy getting everyone into a new data base that can and will be hacked as they bleed more money for a useless credit system that we have based on SS numbers ..and the info we must give away .. just to get credit

to me seems like a money grab and more info you need to expose ..thus another data base the hackers from where ever will get into
 
you're right.

I just entered completely random information

and it says I may have been affected.

So this is bullshit.



I read that crooks can take control of my bank account?
How would that work?
They would need my pin code, a really good fake ID, etc.
Seems highly unlikely
 
Last edited:
My info says it is potentially affected while wife's isn't. As mentioned by couple of others in this thread, their site to verify seems shady too. It should be part of the equifax.com domain and not TrustUs.ThisSiteIsReallyReally.Real.com I will have to wait until next week to read their full TOS before applying for protection.
 
-=SOF=-WID99 said:
i agree it is a scam on a scam as that so called free monitor .. will cost you some thing later ..if you do not cancel it ???
plus it limits your legal rights ?

i did not read it all but i am concerned ..was this JUST A PLAY TO GET MORE USERS TO BUY \ USE PRODUCTS FROM THIS BULLSHIT CREDIT COMPANY ?

also why did they wait several months to release the facts that they were hacked??

and have several members from the top sell stock off of ?

seems fishy to me ..and they only wanna get everyone to sighn up for some new thing that they make more cash on // eventually buy getting everyone into a new data base that can and will be hacked as they bleed more money for a useless credit system that we have based on SS numbers ..and the info we must give away .. just to get credit

to me seems like a money grab and more info you need to expose ..thus another data base the hackers from where ever will get into
Click to expand...
No, just no. It was not some scheme to sell credit protection.
 
I spent my day calling these dipshits, cursing supervisors out, calling Rick Smith a cunt for crying/blaming "criminals" for this breach, etc.

The proper number to get a hold of someone whom actually works at Equifax is: 1-888-202-4025

The number that they put on https://www.equifaxsecurity2017.com/contact-us/ is entirely outsourced staff some of whom I spoke with are in Florida as Irma is coming...

I encourage everyone to call the number above as often as possible and do your best to bring their supervisors to tears because one year of ID theft protection is in no way acceptable when, compared to the Target and other breaches, these assholes and their shitty security have opened up a lifetime potential for the destruction of peoples means to:

Rent an apartment
Buy a home
Buy a car
Get a job
And so on...

Also I live in Portland and have reached out to the legal office here that filed the class action lawsuit. If I hear back from them I'll post what I can here.
 
pmrdij said:
I spent my day calling these dipshits, cursing supervisors out, calling Rick Smith a cunt for crying/blaming "criminals" for this breach, etc.

The proper number to get a hold of someone whom actually works at Equifax is: 1-888-202-4025

The number that they put on https://www.equifaxsecurity2017.com/contact-us/ is entirely outsourced staff some of whom I spoke with are in Florida as Irma is coming...

I encourage everyone to call the number above as often as possible and do your best to bring their supervisors to tears because one year of ID theft protection is in no way acceptable when, compared to the Target and other breaches, these assholes and their shitty security have opened up a lifetime potential for the destruction of peoples means to:

Rent an apartment
Buy a home
Buy a car
Get a job
And so on...

Also I live in Portland and have reached out to the legal office here that filed the class action lawsuit. If I hear back from them I'll post what I can here.
Click to expand...
Yes, yell at the hourly call center people that has zero to do with the breach.

The best course of action is to get a credit report and freeze your credit.
 
Silentbob343 said:
Yes, yell at the hourly call center people that has zero to do with the breach.

The best course of action is to get a credit report and freeze your credit.
Click to expand...
That number I mentioned = actual employees of the company responsible for this mess.

I've done as you mentioned already but I have no sympathy for this organization or the credit regime they serve. Having said that until they actually come up with a reasonable response to this bullshit I see no reason to let any of them go home feeling like they got the job done when they've done the complete opposite as a company.
 
This is all sort of bad. The SEC will look into the stock selling by the officers but keep in mind that there are insider trading laws. Selling it 3 days after they knew is asking for trouble if it wasn't previously announced. Plus, they could have sold more. I believe the amount sold was only a fraction of what any one of them have. They could have made it known 3-4 months ago that they were going to sell at that time. I'm not saying they did but they would be stupid if it wasn't previously announced.
 
pmrdij said:
That number I mentioned = actual employees of the company responsible for this mess.

I've done as you mentioned already but I have no sympathy for this organization or the credit regime they serve. Having said that until they actually come up with a reasonable response to this bullshit I see no reason to let any of them go home feeling like they got the job done when they've done the complete opposite as a company.
Click to expand...
Lol the number you have to did not put you through to the team that developed the site with the issue. You yelled at low level employees, but hey if it makes you feel better. How you see it as a monolith is amusing.

What in your eyes would be a reasonable response?
 
Silentbob343 said:
Lol the number you have to did not put you through to the team that developed the site with the issue. You yelled at low level employees, but hey if it makes you feel better. How you see it as a monolith is amusing.

What in your eyes would be a reasonable response?
Click to expand...
Yes they are not the top of the company nor the jackass team that developed the site with the issue but they have a voice on the inside that can reach the top which is something none of us on the outside have.

Reasonable response? Well given the gravity of this breach the delay in public notification is just astounding so maybe that should have come sooner. Perhaps they were hoping their efforts to be exempt from a Class Action lawsuit would have succeeded before having to tell anyone...

The Consumer Data Industry Association (CDIA) — which says it is “the trade association which represents Equifax
http://www.cdiaonline.org/ConsumerInfo/content.cfm?ItemNumber=11168

Declared that federal regulators “should exempt from its arbitration rule class action claims against providers of credit monitoring products.” The letter asserted that allowing customers to sue companies “would not serve the public interest or the public good” because it could subject the companies to “extraordinary and draconian civil liability provisions” under current law. In another section of the letter, Equifax’s lobbying group says that a rule blocking companies from forcing their customers to waive class action rights would expose credit agencies “to unmanageable class action liability that could result in full disgorgement of revenues” if companies are found to have illegally harmed their customers.

READ THE LETTER: https://www.regulations.gov/document?D=CFPB-2016-0020-3961

Also ID theft protection for 5 years at minimum paid for by them through a third party high on Consumer Affairs list like Credit Sesame sounds reasonable. This one year of ID theft protection from their own service is a joke. I like Brian Krebs take on this because it perfectly sums up the humor involved:

"The fact that the breached entity (Equifax) is offering to sign consumers up for its own identity protection services strikes me as pretty rich."​

Plus if you didn't see it just four months ago they had a breach:

https://krebsonsecurity.com/2017/05...x-security-at-equifaxs-talx-payroll-division/
 
Well luckily my information was not compromised, at least according to their website. Which is odd since I know I have a credit score number through them,
GreenOrbs said:
If you think you are likely to do better in arbitration, that is your right to choose it. You are almost always allowed to opt out of a class action and proceed with whatever method you want.

That said, I feel that you might end up regretting it. Since when does signing your rights away make a company more likely to give you what you want? You need to remember that companies keep trying to push people into arbitration. Logically speaking, why would a company push for binding arbitration if it didn't favor them and end up costing them less? I think that it is unlikely that you can get more out of a company when you agree to be bound by their rules vs. being able to sue in court.
Click to expand...
Well here's the thing, what are you wanting to get out of all of this? A downpayment on a car due to a lawsuit? That isn't going to happen unless you have the money up front first to pay for lawyers. Hope the collective class action will get you money? As mentioned elsewhere in this thread class action is only there to spank the company (and make a lawyer firm VERY rich). Most people just don't want shit except to not have their shit fucked with, and getting a 1 year free monitoring isn't going to do shit except make you somewhat safer for all of a year, then it's game on with your data and you know all the hackers and people out there who are going to use this data have their alarms set for 1 year when everyone's free monitoring goes away without any warning what so ever. So why not make the request up front that this is what you want, as you said it costs them virtually nothing since they're the service who's doing the monitoring you might be able to get it to happen without going to arbitration. But if you could lock down credit monitoring from one of the big 3 credit sites for life? That's pretty big.
 
Zarathustra[H] said:
Class actions are not really intended to make plaintiffs whole. They are more intended as a way to assess damages to the offending company, to act as a caution to it and other companies so they behave better and take more precautions in the future.
Click to expand...

I thought the main purpose of class action lawsuits was to make a few select lawyer rich. :p
 
sfsuphysics said:
Well luckily my information was not compromised, at least according to their website. Which is odd since I know I have a credit score number through them,

Well here's the thing, what are you wanting to get out of all of this? A downpayment on a car due to a lawsuit? That isn't going to happen unless you have the money up front first to pay for lawyers. Hope the collective class action will get you money? As mentioned elsewhere in this thread class action is only there to spank the company (and make a lawyer firm VERY rich). Most people just don't want shit except to not have their shit fucked with, and getting a 1 year free monitoring isn't going to do shit except make you somewhat safer for all of a year, then it's game on with your data and you know all the hackers and people out there who are going to use this data have their alarms set for 1 year when everyone's free monitoring goes away without any warning what so ever. So why not make the request up front that this is what you want, as you said it costs them virtually nothing since they're the service who's doing the monitoring you might be able to get it to happen without going to arbitration. But if you could lock down credit monitoring from one of the big 3 credit sites for life? That's pretty big.
Click to expand...
The entire nation has a "credit score" with Equifax, and the other two, the system that was compromised was not the full database. Hence not all consumers data was compromised.
 
sfsuphysics said:
Most people just don't want shit except to not have their shit fucked with, and getting a 1 year free monitoring isn't going to do shit except make you somewhat safer for all of a year, then it's game on with your data and you know all the hackers and people out there who are going to use this data have their alarms set for 1 year when everyone's free monitoring goes away without any warning what so ever.
Click to expand...
This was my first thought when I saw how that cunt Rick Smith tried to hold back tears while talking up how unprecedented it is that Equifax, whom lost every ones shit in the first place, is going to protect everyone for just one year. In every conversation I had with them I made sure to ram home this point that at the end of that most gracious year people are going to be fucked.

nutzo said:
I thought the main purpose of class action lawsuits was to make a few select lawyer rich. :p
Click to expand...
I doubt there's reason to hope that the norm won't be the case here but I don't know of a single CA in history that benefited those affected better than the lawyer(s). I also don't know of one with this many people affected so anyone hoping to get monetary love out of this is foolish. My only hope is that we get better service than their ridiculous one year of ID theft protection.
 
Last edited:



"Based on the information provided, we believe that your personal information may have been impacted by this incident. " :(
 
You must log in or register to reply here.
Back
Top