Credit reporting firm Equifax says data breach could potentially affect 143 million US consumers

"FTC opens probe into massive Equifax hack..."

http://www.reuters.com/article/us-e...probe-into-massive-equifax-hack-idUSKCN1BP1VX

 

"The FTC's disclosure of an ongoing probe is highly unusual, underscoring the enormous stakes involved in the incident affecting what amounts to half the country.

'The FTC typically does not comment on ongoing investigations,' said Peter Kaplan, the agency's acting director of public affairs. 'However, in light of the intense public interest and the potential impact of this matter, I can confirm that FTC staff is investigating the Equifax data breach.'...”

https://www.washingtonpost.com/news...ach-adding-to-a-chorus-of-official-criticism/

 

FYI:

"Credit Karma [ https://www.creditkarma.com/ ] Adds Equifax to its Flagship Free Credit Monitoring Service..."

http://www.prnewswire.com/news-rele...free-credit-monitoring-service-300518792.html

NB: Credit Karma is a totally legit, highy regarded free credit score/report monitoring service, and has been such for more than a decade.

 

Since i entered my e mail addy to scan, i just received an e mail from Experian trying to sell a product...

 

Dates of the breach are now in question ...

https://krebsonsecurity.com/2017/09...-200k-credit-card-accounts-in-one-fell-swoop/

 

"credit.com" (experian) & "credit sesame" (Transunion) offer free monitoring.

To my knowledge credit karma always used Equifax & transunion.

There is "Quizzle", not sure which CRA they use or what they offer.

I found these sites yesterday doing research, don't know what they offer.
Mint.com - uses Equifax
Wisepiggy.com - uses Transunion

Using Credit karma which uses Trans union & Equifax. & Credit.com which uses Experian you get 3 credit scores.

 

Source: https://twitter.com/GossiTheDog/status/908359849850875905
Linked image with details: https://pbs.twimg.com/media/DJskccdXUAEhys2.jpg

 

What We Know and Don’t Know About the Equifax Hack

 

2. "I can find out for sure if my information was hacked or not."

 

https://www.wired.com/story/equifax-breach-no-excuse

 

"If you’re an Equifax victim, don’t expect more than a few bucks in compensation...

Equifax’s market value, which has collapsed by a third in a few weeks as a result of the scandal, is down to $11.6 billion. That works out to only $81 for each of the 143 million potential victims..."

http://www.marketwatch.com/story/if...e-than-a-few-bucks-in-compensation-2017-09-15

 

"How Badly Did Equifax Breach Damage Social Security System?...

...Equifax was also hired a year ago, on a $10 million contract, to 'help the SSA manage risk and mitigate fraud for the mySocialSecurity system, a personalized portal for customers to access some of SSA’s services such as the online statement.'...

...Equifax also boasted that the Social Security Administration 'has completed integration with Equifax Inc.'...

...there has been no indication that the Social Security Administration is concerned about whether weaknesses in Equifax’s own customer portal security — such as the Apache tool on which the company is blaming the breach — might have been involved in its security work for the mySocialSecurity portal..."

http://thiscantbehappening.net/node/3643

 

Equifax hackers, do me a favor, fix my credit about 100 more points would be nice

 

"Two Equifax executives will retire following massive data breach

A week after Equifax disclosed it suffered a massive data breach that may have compromised sensitive information belonging to 143 million people, the credit reporting agency's chief information officer, David Webb, and chief security officer, Susan Mauldin **, are retiring, effective immediately, the company said in a statement Friday evening..."

https://www.washingtonpost.com/news/the-switch/wp/2017/09/15/two-equifax-executives-will-retire-following-massive-data-breach/?hpid=hp_rhp-more-top-stories_equifax-7pm:homepage/story

** More Re: the retiring chief security officer, Susan Mauldin:

"Another Coverup? Equifax Accused Of Scrubbing That Its Chief Security Officer Was A Music Major..."

http://www.zerohedge.com/news/2017-...ub-its-chief-security-officer-was-music-major

 

Hawki- For whatever settlement is reached, understand that only those that can PROVE a loss will be entitled to a settlement check. If a person cannot prove that they suffered out of pocket expenses remediating identity fraud they will not get a penny- and if such fraud and expense occurs AFTER a Court-set deadline the person is also out of luck.

To give an example on how this should play out, consider the Home depot breach of 2014 (about 46 million folks compromised). Class Action lawyers initially sued for over 1 billion, but it was settled for setting up "up a $13 million fund to reimburse shoppers for out-of-pocket losses, and spend at least $6.5 million to fund 1-1/2 years of cardholder identity protection services." That's it. And those that could claim actual damages were limited to a max of $5780, and these checks were mailed out earlier this year. For those whose actual damages exceeded 5780, tough luck Peasant.

And Oh Yeah, since the breach and subsequent settlement the Enterprise value of Home Depot rose from about 105 billion USD to the current 186 billion.

The true outrage of the Equifax breach is how it is being handled in the New Media. Anywhere you look you will see advise that YOU should change passwords, YOU should put on a credit freeze, YOU should constantly check to see if there is unauthorized financial activity anywhere in your name.

This puts the remediation burden on the victim which I for one think is an outrage. My mother is in Corporate law, and when I discussed this with her over the phone the other day I could just imagine a sly smile appearing and her wondering how she could have given birth to such a naive child.

(ps- just to potentially outrage you further, in the case of Home Depot the CEO, Frank Blake, did actually resign. But please shed no tears- they made him Chairman of the Board. He subsequently retired from there in 2016 and became the non-Executive Chairman of Delta Airline. Tough life, yes?).

 

Considering the fact that the credit reporting companies request all manner of government issued IDs (birth certificate, drivers licenses, SSN, passport IDs, certificate of citizenship, residence card etc.) as proof of identity, it will be mind boggling if it is allowed to continue after this breach. They can not be trusted to store and protect this information.

Some government issued IDs have more value to criminals than others, e.g. SSN and passport IDs. SSA should immediately announce that social security numbers can no longer be used as ID for anything other than accessing social services. The same could be said for the DoS - only government(s) should accept a passport ID as proof of identity. Foreign countries need to step up in the same way. They have the responsibility to protect these IDs.

Name and address, proof of employment and a utility bill should be adequate proof of identity- for a credit approval inquiry.

 

"Equifax Releases New Information About Security Breach..."

https://www.bleepingcomputer.com/ne...about-security-breach-as-top-execs-step-down/

The Equifax Press Release:

https://investor.equifax.com/tools/viewpdf.aspx?page={E1BE17E3-88DB-4F27-85AF-D01A26BFABBA}

 

"...As many as 143 million people may have been affected by the breach, but as of Sept. 12, as Quartz’s Karen Hao reported, only 15 million people—a mere 10% of potential victims—had visited the Equifax website to see if they were affected..."

https://qz.com/1079138/whats-the-wo...quifax-breach-a-lot-especially-if-youre-poor/

 

http://talkingpointsmemo.com/edblog/the-real-problem-with-equifax

 

Nothing new here. Externalization of corporate costs has been a major component of the corporate business model for some time and appears that it will only increase exponentially in the near future as the current administration guts regulatory safeguards with a broad swath (860 regulations claimed to have been eliminated to date, the majority in the environmental area, with the future targets to include the financial sector among others, a.k.a. "the deconstruction of the administrative state").

"Cost externalizing is a socioeconomic term describing how a business maximizes its profits by off-loading indirect costs and forcing negative effects to a third party...

Fundamentally, cost externalization occurs when a company transfers some of its moral responsibilities as costs to the community directly or as degradation to the environment. For example, railroads and airlines transfer the cost of fuel, noise, and terminal infrastructure to the community. Airlines and auto manufacturers transfer the cost of degraded air quality to the community and the environment. By externalizing to the community or the environment, many true costs become lost in analysis because the true cost is non-quantifiable and neither the community nor the environment have effective advocates to recoup the damages. A major modern theme in the relationship of business to society is the society's ability (or inability) to resist this kind of externalization. In its extreme, society collapses as business realizes its profits..."

https://en.wikipedia.org/wiki/Cost_externalizing

 

Revoking Equifax's Corporate Charter ?

http://multinationalmonitor.org/mm2002/02oct-nov/oct-nov02corp1.html

The above link gives examples of corporations that deserved to have their charter revoked due to unconscionable miscreant conduct. It also speaks to why it never happened. Revoking a charter exists in US Law (and in British Law).

The actions of the Equifax executives may meet the criteria for having their charter revoked. The scope of the damage, the longevity of the harm, their negligence and attempts to profit from the situation.