Credit reporting firm Equifax says data breach could potentially affect 143 million US consumers

Is anyone familiar with--->CIVIC

 

Equifax appears to further walk back it's binding arbitration clause for this incident, i.e., seems to eliminates it = the power of social media, with an assist from the NY State AG, in action:

"Update: Equifax issued a statement Friday evening. 'In response to consumer inquiries, we have made it clear that the arbitration clause and class action waiver included in the Equifax and TrustedID Premier terms of use does not apply to this cybersecurity incident,' ..."

BUT:

"...'This language may appear to limit Equifax's ability to block class-action lawsuits,' said Joel Winston, a former deputy attorney general for the state of New Jersey and a privacy and data protection lawyer — but don't get complacent.

Just because someone in the marketing department wrote that the terms of service don't apply to the cybersecurity incident means nothing compared to the contractual obligations of the terms of use,' he said..."

https://www.washingtonpost.com/news/the-switch/wp/2017/09/08/what-to-know-before-you-check-equifaxs-data-breach-website/?hpid=hp_rhp-more-top-stories_equifax-nhp-945pm:homepage/story

 

Equifax posts:

"A Progress Update for Consumers..."

https://www.equifaxsecurity2017.com/

 

I checked my own status earlier today and what do you know......they told me my data was compromised and to return on the 13th to enroll in their 1 year free Premier service. I don't think so.

It was bad enough my data was also compromised 2 years ago in the Federal OPM's security breach, along with some 18 - 21 million other current/former Federal employees. OPM even sent a second letter a while back advising they were extending the free monitoring services for 10 years, and also switched me over to some other monitoring company. Makes me sort of wonder what happened with the first entity they had me with.

Truly a sorry state of affairs...

 

This stupid company should be deprived of possessing any customer's data, and fine them to bankruptcy. All the money should be used to compensate for customers' financial loss due to the ID theft caused by this breach.

 

The other 2 credit bureaus offer assistance...

http://www.experian.com/

https://www.transunion.com/

https://www.trueidentity.com/

 

I wonder why Experian doesn't use https/lock on this site...http://www.experian.com/

Bur uses it here...https://www.experian.com/fraud/center.html

 

Let's hope the Dems do it.

 

I never understood how one number can be used for "secure" identification. That just baffles me.

 

Seems like the link provided in post # 53 that we might have to concern ourselves with this issue.

 

As usual Mandiant (FireEye) was called in for remediation. Not that the Executives at Equifax will have the time to listen as they will be too busy counting there profits from the sale of their stock that just happened to occur right after they learned of the breach but BEFORE public announcement.

 

FireFox is blocking the latest iteration of the Equifax "Have I Been Compromised" page [https://www.equifaxsecurity2017.com/potential-impact/] :

"Your connection is not secure

The owner of www.equifaxsecurity2017.com has configured their website improperly. To protect your information from being stolen, Firefox has not connected to this website...

The certificate is not trusted because the issuer certificate is unknown."

Can't these incompetent @$&^$% do anything right ??

Nice certificate you %$^& Equifax-hired jerks !!

I have been so damn angry at Equifax even before this latest insult.

Angry cuz for decades to come this catastrophe is gonna hurt millions of people, financially, timewise, emotionally.

Angry cuz Equifax's security was so fundamentally flawed.

Angry cuz Equifax waited so long to inform the public and apparently waited for a time when a more serious catastrophe like Hurricaine Irma would limit the press coverage of this Category 6 financial disaster.

Angry cuz Equifax will survive this quite nicely and go on it's merry way profiting off of "private" information, leaving a wake of human misery. Equifax is too big to fail - an essential cog in the financial system.

Angry cuz there has been only a muted response from lawmakers and law enforcement and regulatory agencies.

Angry cuz there does not appear to be much that can be done to rectify this disaster even if a bought and paid for Congress was of a mind to do anything meaningfull.

Call me crazy but I really do see this as a national security issue that is going to cause chaos throughout the economy, financial system, and in millions of individuals' lives for decades to come. Adversarial state actors and terrorist organizations must be both thankful to and jealous of the hackers that pulled this off.

hawki <------<< Mad as Hell !!

 

Equifax has no information for those impacted by this hack outside of the USA. Canada and the UK have been impacted and probably others as well. Equifax phone lines are silent in Canada and there is no web help for them either. I assume it is the same in the UK. Those impacted in the USA will be getting free identity theft protection for 1 yr (for what it is worth) but no one knows what is being done for those who are not in the USA. The website that was setup for help is for USA residents only - those outside the USA do not have SSNs. It is the same for the other major credit reporting companies. Totally USA focused.

 

"Data Breach Victims Talk of Initial Terror, Then Vigilance

One man said his name had been used to set up a fraudulent company that processed payments made with stolen credit cards. A woman said her bank had told her she was being sought by a collections agency — her Social Security number had been used to open a wireless account that was never paid off.

In the wake of the disclosure on Thursday by Equifax that hackers had compromised its collection of private information, potentially affecting 143 million Americans, The New York Times asked readers to tell their own tales of being hacked...

The consequences of cyberattacks can be devastating and take years to untangle, at great financial and personal cost. Last year, 15.4 million American victims of identity theft lost $16 billion,...

'Initially, it’s really terrifying, especially having your Social Security number taken,'... 'You’re worried about the tremendous implications this could have and the possibility of it going on for years.'..."

[This article discloses varied personal experiences of several persons who's identities were stolen]

https://www.nytimes.com/2017/09/09/business/equifax-data-breach-identity-theft-victims.html

hawki <-------<< Mad As Hell !!

 

Ronjor- Regarding the ZDNet article you site: the data check is actually specific for the SS number and not the last name (the last name is only needed when there are multiple hits for the 6 digit string). In other words you could plug in ANY last name but as long as the SS number is one that was breached you will get the warning that one may have been impacted.

So no real conclusion could be made by plugging in a fake name and a random 6 digit number- it may or may not be that the bogus number used was one that was breached.

 

These $%#$%^ !!!

From the comments section in today's Washington Post Online:

"During the online process to freeze my account, Experian kept requesting I start the application process from the beginning and each time they charged a $10 fee to finally say they could not process my request. I have $70 worth of useless charges. They will be disputed with my CC company,
What a mess. Is this America?"

https://www.washingtonpost.com/news/the-switch/wp/2017/09/08/what-to-know-before-you-check-equifaxs-data-breach-website/?hpid=hp_rhp-moretopstories2_equifax-nhp-945pm:homepage/story

[From my personal experience with Experian I have no doubt this comment is accurate.

Several years ago I paid Experian $45 for an immediate online three-agency credit report. Experian took my 45$ but refused to give me the reports claiming it was unable to verify my identity.

After an email and telephone communication initiated by an angry email to Experian's public relations department, the problem was identified:

The reason that Experian was unable to verify my identity was that it had somebody else's social security number listed as mine !!! ]

hawki <-------<< Mad As Hell !!

 

Report: Equifax is blaming the data breach on the Apache STRUTS vulnerability.

"Equifax blames giant breach on vendor software flaw..."

http://nypost.com/2017/09/08/equifax-blames-giant-breach-on-vendor-software-flaw/

 

Source: http://toronto.citynews.ca/2017/09/09/equifax-data-breach-likely-touched-millions-canadians/

 

Interesting. So am I hosed or what? I just checked and was told to come back on the 11th. Geez.