From mid-May to July 2017, Equifax exposed the financial and personal identifying information of 143 million Americans – 44% of the country – to hackers, who made off with credit-card details, Social Security Numbers, sensitive credit history data, driver’s license numbers, birth dates, addresses, and then, in the five weeks between discovering the breach and disclosing it, the company allowed its top execs to sell millions of dollars’ worth of stock in the company, while preparing a risibly defective and ineffective website that provides no useful information to the people whom Equifax has put in grave financial and personal danger through their recklessness.
Equifax is in the business of helping employers and financial institutions punish people for making oversights in their business and financial affairs. Being late with a single payment or missing a single bill can constitute a black mark on your Equifax records that lasts for years or decades, affecting your ability to rent or buy a home or get a job.
Fwiw, anyone (let me repeat that A N Y O N E) in the US with any credit history is being told to act as if they have been affected by the breach in order to help protect their personal data. Basically a majority of adults in the US are affected.
One such damage control step that’s being suggested is putting long term freezes on your credit, which p much means if a thief tries to take out a line of credit in your name, your credit report can’t be pulled to allow any new lines.
You’ll need to do freezes one by one with all 3 of the big credit reporting companies, including Equifax, iirc. Long term freezes don’t fix your score if there’s an issue, but can keep it from further potential damage until you remove the freeze.
This is very serious and, most unfortunately, Equifax is not going to inform people (except a very small <1% portion) that they have been affected, placing the onus on the victims of the breach.
Cnet has made the best resources and summary I’ve seen yet btw
Using the tool they’ve provided to check if you were effected waives your right to sue them jsyk
No, it doesn’t. Subscribing to the identity protection service (TrustedID) that they are offering as a remediation waives your right to sue TrustedID. It doesn’t protect Experian from class action lawsuits regarding this data breach.
On the other hand:
1: the tool to check your status is buggy and returns results on made-up people. It also doesn’t inform you if you have definitely been affected by the breach. It informs you that you MIGHT have been, or that you weren’t. So that is not as helpful as it might be.
2: Experian is the parent company of TrustedID. Considering how consistently badly they’ve fucked up with this situation so far, it’s up to you whether you think their identity protection service will do a better job.
