Thanks to Harold for this one…
Update: Equifax just announced it’s waiving their fee to freeze your credit. It’s the least they can do since their security breach could cause identify theft for millions of people. Please share this information with your friends and family.
Freezing credit is just a phone call away. Use a landline to call the following:
Equifax 800 349-9960. You’ll be assigned a PIN.
Experian 888 397-3742. They’ll mail your PIN to you.
Trans Union 888 909-8872. Decide on a six digit PIN before calling.
Innovis 800 540-2505. This data mining company needs freezing too. They will mail the PIN.
All agencies will mail letters with your PIN, freezing and unfreezing instructions. Keep these letters in a secure location.
In California those 65 and older can freeze their credit for free. Unfreezing will cost them $5.00 per agency. For those under 65 it’s $10.00 per agency to freeze or to unfreeze. Note: If applying for credit determine which credit agency to unfreeze and pay for only that one. Determine how long you’ll want your freeze “temporarily lifted” so you won’t have to pay to freeze it again. Allow 3 to 5 days for freeze to go into effect and 3 days to be lifted. (So now you can’t buy a new car on impulse.)
Due to Equifax data security breach millions of people could have their identities stolen. The way Equifax is handling this fiasco puts YOU in danger. The free credit monitoring Equifax offers expires after one year. Then you must pay for continued monitoring. Who knows what that will cost. In a year many will drop the coverage. Identify thieves have ALL your information so after a year they could strike. Freezing all 4 agencies is the only way YOU are in control.
Don’t sign away your rights for damages if Equifax offers you a “deal.” Read the fine print. The deal is only for Equifax.
Equifax has released the following on their web site “equifaxsecurity2017.com” you may want to go here and read if will help you. Due, most likely to potential class action suit they removed the “hold harmless clause” in their free offer, best to read their terms of use first, they making this offer until November 21st 2017.
Their current press release:
“Evidence of Unauthorized Access to Core Consumer or Commercial Credit Reporting Databases
Company to Offer Free Identity Theft Protection and Credit File Monitoring to All U.S. Consumers
September 7, 2017 — Equifax Inc. (NYSE: EFX) today announced a cybersecurity incident potentially impacting approximately 143 million U.S. consumers. Criminals exploited a U.S. website application vulnerability to gain access to certain files. Based on the company’s investigation, the unauthorized access occurred from mid-May through July 2017. The company has found no evidence of unauthorized activity on Equifax’s core consumer or commercial credit reporting databases.
The information accessed primarily includes names, Social Security numbers, birth dates, addresses and, in some instances, driver’s license numbers. In addition, credit card numbers for approximately 209,000 U.S. consumers, and certain dispute documents with personal identifying information for approximately 182,000 U.S. consumers, were accessed. As part of its investigation of this application vulnerability, Equifax also identified unauthorized access to limited personal information for certain UK and Canadian residents. Equifax will work with UK and Canadian regulators to determine appropriate next steps. The company has found no evidence that personal information of consumers in any other country has been impacted.
Equifax discovered the unauthorized access on July 29 of this year and acted immediately to stop the intrusion. The company promptly engaged a leading, independent cybersecurity firm that has been conducting a comprehensive forensic review to determine the scope of the intrusion, including the specific data impacted. Equifax also reported the criminal access to law enforcement and continues to work with authorities. While the company’s investigation is substantially complete, it remains ongoing and is expected to be completed in the coming weeks.
“This is clearly a disappointing event for our company, and one that strikes at the heart of who we are and what we do. I apologize to consumers and our business customers for the concern and frustration this causes,” said Chairman and Chief Executive Officer, Richard F. Smith. “We pride ourselves on being a leader in managing and protecting data, and we are conducting a thorough review of our overall security operations. We also are focused on consumer protection and have developed a comprehensive portfolio of services to support all U.S. consumers, regardless of whether they were impacted by this incident.”
Equifax has established a dedicated website, http://www.equifaxsecurity2017.com, to help consumers determine if their information has been potentially impacted and to sign up for credit file monitoring and identity theft protection. The offering, called TrustedID Premier, includes 3-Bureau credit monitoring of Equifax, Experian and TransUnion credit reports; copies of Equifax credit reports; the ability to lock and unlock Equifax credit reports; identity theft insurance; and Internet scanning for Social Security numbers – all complimentary to U.S. consumers for one year. The website also provides additional information on steps consumers can take to protect their personal information. Equifax recommends that consumers with additional questions visit http://www.equifaxsecurity2017.com or contact a dedicated call center at 866-447-7559 (Click here for an important update on call times due to Hurricane Irma), which the company set up to assist consumers. The call center is open every day (including weekends) from 7:00 a.m. – 1:00 a.m. Eastern time.
In addition to the website, Equifax will send direct mail notices to consumers whose credit card numbers or dispute documents with personal identifying information were impacted. Equifax also is in the process of contacting U.S. state and federal regulators and has sent written notifications to all U.S. state attorneys general, which includes Equifax contact information for regulator inquiries.
Equifax has engaged a leading, independent cybersecurity firm to conduct an assessment and provide recommendations on steps that can be taken to help prevent this type of incident from happening again.”
Experian is also offering a free Dark Web scan at
https://www.experian.com/consumer-products/free-dark-web-email-scan.html
Not sure if that will help, but it’s out there. From what I’ve been reading, the Dark Web is most likely where your stolen ID may pop up. Haven’t tried it yet, but would be interesting from anyone who has . . . . . .
That number for Trans Union is “Not in Service.” The number for Innovis does ring, but you get put on hold for hours or as long as it takes for you to come to your senses and hang up in disgust.
Thanks for the update Soaps! What a way to run a business; I thought this kind of incompetence was reserved for government offices? Seems like these credit companies are begging for restrictive legislation. As much as I hate news laws I believe we have no choice.
I agree with your recommendations and strongly recommend locking your credit at all times.
But, lets do the math. The hack compromised the information of 14o million people. If one criminal randomly selects one identity to steal from this a batch of data that contains your information the odds that the criminal will select yours is about the same as winning the lottery. If a criminal stole 1 million identities the odds that they would get yours is still only 1 out of 140.
The previous numbers were based on a pool of 140 million and random selection of identities. That really isn’t realistic. Why steal the identity of someone that has failed credit? The odds of having your identity stolen would be directly related to your credit rating. I assume for simplicity that the criminals would use your FICO score rather than process all the credit information themselves. So I suspect your odds of having your identity stolen are much higher if you have a high score. If you have access to your FICO score they usually indicate the % of the people that are below you so you could use that to determine how big the identity pool really is. Even if you are in the top 1% and assume there are only 140 million credit histories in all of the databases you chance of been selected based on one section is still 1 out of 1.4 million.
The real number of credit histories recorded is much higher than 140 million. Since only 140 million were compromised and that is just a portion it would be helpful to know why those histories were grouped together. Is it regional; maybe the western US or eastern US? Is it based on credit worthiness; may the top 140 million, or bottom 140 million. Unfortunately Equifax probably will not release that information.
One other thought, Equifax is offering 1 year free credit tracking service to compensate for this error in security. Since they have to make the security breach public anyway why not tell people with good credit that their credit information was compromised even if it wasn’t. By doing this there will probably be a percentage that will continue with the service after the free year because they are concerned that their information is already in the criminals hands so they need protection. After all, the only alternative is to change your SS# and all your credit history information. I would bet the cost to acquire a new customer this way is probably lower than through advertising or giving away a free year without a security breach. If you don’t believe this just listen to the ads on the radio right now. Al the other credit protection companies are spending big money advertising right now because they know 140 million people out there are concerned and afraid having their credit taken.
I have a competing credit monitoring service. There are many available that are quite good. Would I entrust the security of my credit with company that was responsible for the breach?
Hmmmmm, maybe the list of 140 million people was a list of people that subscribed to some other credit protection service. Makes you think.