Go Back

Equifax Data Breach: 143 Million People Could be Affected

From Equifax:

I. What Happened
On July 29, 2017, Equifax discovered that criminals exploited a U.S. website application vulnerability to gain access to certain files. Upon discovery, we acted immediately to stop the intrusion. The company promptly engaged a leading, independent cybersecurity firm which has been conducting a comprehensive forensic review to determine the scope of the intrusion, including the specific data impacted. Equifax also reported the criminal access to law enforcement and continues to work with authorities. Based on the company’s investigation, the unauthorized access occurred from mid-May through July 2017.

II. What Information Was Involved
Most of the consumer information accessed includes names, Social Security numbers, birth dates, addresses, and in some instances, driver’s license numbers. In addition, credit card numbers for approximately 209,000 consumers and certain dispute documents, which included personal identifying information, for approximately 182,000 consumers were accessed. In addition to this site, Equifax will send direct mail notices to consumers whose credit card numbers or dispute documents with personal identifying information were impacted. We have found no evidence of unauthorized access to Equifax’s core consumer or commercial credit reporting databases.

My Response:
It took Equifax six weeks to disclose the breach. Why? That’s six weeks consumers could have been victimized without their knowledge and therefore left without the ability to take countermeasures.

Three Equifax executives sold shares after the discovery of the breach and before its public disclosure, according to Bloomberg. Let's call that Criminal.

Equifax wants you to trust them by selling you their “TrustedID Premier” credit monitoring service. That's rich. After a free year they'll start charging you $19.95 a month or maybe even more!

But be warned the TrustedID terms of service state that enrollees give up their right to sue Equifax and prevents them from filing or joining a class action in the case of any dispute — they’ll have to go to arbitration as individuals, which almost always places consumers at a disadvantage. It isn’t clear how those restrictions apply to preexisting data breaches, but judges have held in other cases that arbitration clauses may have retroactive effect.

If you want to check to see if you were one of the unlucky ones go to: https://www.equifaxsecurity2017.com/potential-impact/


© 2006 - 2018. All Rights Reserved.