So apparently Equifax had a vulnerable application… which was exploited to the tune of hundreds of millions of people, then executives sold stock after the breach was found, but before made public.
And to top it off if when you check to find out if your data was compromised they won’t actually tell you… instead it will say either you weren’t breached or we’ll monitor your shit, which they were supposed to be doing in the first place.
Does it specify whether users outside the US are affected? Equifax is pretty large here in Canada so this news is a bit unnerving
Yes… Canada and UK are involved too.
This is why we shouldn’t have data all in one place.
So essentially not only is your data most likely out there, but theres also no reliable way to double check, and the Equifax “check if youre affected” nonsense is just there to sell you some more bullshit services as opposed to give you useful information
The Equilfax mess is a perfect reason why we shouldn’t have our personal information on a computer, instead we should store it like we did before we had computers.
I think a little chief told all of his buddies, “Hey, you better sell your shit before I do at 4pm today…”
Might be a good time to buy some stock. It’ll even out eventually because theres no way Americans will abandon equifax entirely
Fuck, this isn’t good. What does one do in a situation where someone gets their hands on your info and uses it?
In an ideal world, the government would lock your social security number, give you a new one and provide a website where organisations can enter both the old and the new SSN in a text field to verify that they belong to the same person.
Yeah, it’d be a hassle because so many places have your SSN on file. But it’s better than having your identity stolen.
But seeing as we’re not in an ideal world … expect to give lots of money to lawyers to defend yourself from claims.
If there’s anything you dislike about your name, now might be a good time to change it.
Damn, I guess I’ll just be crossing my fingers hoping this doesn’t bite me.
The thing that’s absolutely fucked about this situation is that Equifax gets my PII regardless of whether I give consent or not by just paying bills and loans and shit like that. Not that I would have had an issue with them having it prior to this coming out, but it still frustrates me that we don’t get an option for it.
So many things are wrong here:
For starters, companies like this one are allowed to keep your information, even if you’ve never used their service. I mean, basically if you have any credit (which is, like every adult in the U.S.) you’re likely to have your information posted on this website. A website that is basically run by this guy:
Which is pretty ridiculous by itself. Let alone the poor practices for security they always have.
It won’t be long, and services like LifeLock will just be the fucking norm, sold with your credit and bank contracts. With this shit everywhere, and the poorly appointed officials in governments (often, who are not qualified and have no knowledge of this kind of thing) I don’t see stuff like this changing anytime soon. Either that, or just keep fucking cash.
I would keep cash, and do for most transactions, but I recently bought a car and didn’t have 20+ grand on hand (and it’s not exactly the best option to throw down that kind of cash on a car) so I took out a loan.
This still puts me in the position of giving the credit agencies my PII.
I hope Equifax is indicted on every case of identity theft in the next 30 years for a social stolen from their site as an accessory. They deserve to burn.
So, I just had a thought. Isn’t that whole thing where the execs sold off their stock insider trading? I’m not too knowledgeable about how insider trading works and what the restrictions/limitations are, but shit if that’s the case, let’s nail them to the wall.
They’ve set up a tool to check if you’re part of the breach. I’m not using it because they’re dead to me and I don’t fucking trust them anymore, but for those interested, its here:
—REDACTED—
Apparently OpenDNS thinks it’s a phishing threat.
From what I can tell it doesnt tell you anything really. I dont think they actually know what data was taken.
Even that looks like an attempt at a money grab.
we fucked up but enroll in this service to protect yourself
EDIT: for the hell of it I put in some bogus info and this is the screen I got
Good to know. Thanks for the test!
Be careful with this link, this article lists the security concerns with that site, to paraphrase:
On a side note, OpenDNS has this flagged as a potiental phishing threat.
Yep, I’m gonna remove that link.
This is why I keep my credit accounts frozen, even if someone has this information there aint fuck all they can do with it.
Also anyone find it odd they just happened to release this when it just so happens a massive storm is about to hit Florida which is crushing the news cycle?
There are some misconceptions here. Freezing credit, opening fraud alerts or using cash only won’t help with stolen identity.
The biggest issue would be tax fraud which none of the aforementioned helps with. People can use your info to obtain a job or file for tax returns. And if they claim 0 dependents then you end up owing the IRS for your second out of state fulltime job that you didn’t know you had… They could work for years before you are audited.
Its potentially a bad situation, but all of this info has already been stolen or openly available before this.
I’m more interested on where the data went and how it will surface. I haven’t gone looking but one can imagine this type of info is not as easy to obtain compared to some username/password database.
