HUGE data breach at Equifax
#181
FlyerTalk Evangelist
Join Date: Jan 2014
Location: San Diego, CA
Programs: GE, Marriott Platinum
Posts: 15,503
The reason that I never signed up for Chase Credit Journey is that the company will have more frequent access to my credit than before. Same thing with Discover:
"In light of the recent Equifax breach, Discover has started offering these SSN notifications for their cardholders. In the ToS for this, it states that by participating you are authorizing Discover to pull fresh reports daily.”
https://www.reddit.com/r/personalfin..._free_service/
It’s the leverage side of it that I’m not so big on. It may be used against you when you apply.
"In light of the recent Equifax breach, Discover has started offering these SSN notifications for their cardholders. In the ToS for this, it states that by participating you are authorizing Discover to pull fresh reports daily.”
https://www.reddit.com/r/personalfin..._free_service/
It’s the leverage side of it that I’m not so big on. It may be used against you when you apply.
FWIW, I've opened up at least a few cards since signing up for that service and haven't seen any AA from them.
#182
Join Date: Jan 2014
Programs: Amtrak Guest Rewards (SE), Virgin America Elevate, Hyatt Gold Passport (Platinum), VIA Preference
Posts: 3,134
IANAL but I'm wondering whether a class objection to the settlement might not be in the offing. If nothing else, presuming that of over 100m affected less than 1m would take up the $125 (especially given the other aspects of the settlement such as increased free credit reports for the next 6-7 years probably partially obviating the benefits of the credit monitoring) seems to be an exercise in innumeracy worthy of the folks over at Hoover, and I can't help but wonder if some other lawyers might find some way to accuse the plaintiffs' lawyers of malpractice (given the implied assumptions on uptake on the cash). The fees off of a successful objection here might well make it worth the risk.
Of course, per the USA Today it also appears that you can claim $25/hour for up to ten hours spent on dealing with consequences of the breach with no documentation, plus fees to accountants, etc., so I sense that there's a real risk of some racketeering opening up on the sidelines here. And if I had to guess from the fallout from the Deepwater Horizon spill case, a decent chunk of it will be successful. It wouldn't be hard to see a sleazy lawyer/accountant round up a bunch of clients to run an overcharge-and-reimburse scam on (e.g. charge them for five hours each at $200/hour or bill them for a retainer and then throw part of the money back at them).
NB: The $125 only applies to "blanket" cash settlements, not reimbursements for actual expenses. That's where everything got fouled up.
Of course, per the USA Today it also appears that you can claim $25/hour for up to ten hours spent on dealing with consequences of the breach with no documentation, plus fees to accountants, etc., so I sense that there's a real risk of some racketeering opening up on the sidelines here. And if I had to guess from the fallout from the Deepwater Horizon spill case, a decent chunk of it will be successful. It wouldn't be hard to see a sleazy lawyer/accountant round up a bunch of clients to run an overcharge-and-reimburse scam on (e.g. charge them for five hours each at $200/hour or bill them for a retainer and then throw part of the money back at them).
NB: The $125 only applies to "blanket" cash settlements, not reimbursements for actual expenses. That's where everything got fouled up.
#183
FlyerTalk Evangelist
Join Date: Jan 2014
Location: San Diego, CA
Programs: GE, Marriott Platinum
Posts: 15,503
I got an email from the settlement administrator offering me a chance to change my mind with regards to the cash payment. I was going to just tell them that I'm using CreditKarma and still take the money (even if it's far less than $125) but since it looks like that doesn't do all three bureaus, I'm considering opting for the monitoring instead. Anyone else doing that too?
#184
Join Date: Oct 2004
Location: Indianapolis area
Programs: Marriott Lifetime Titanium
Posts: 434
I got an email from the settlement administrator offering me a chance to change my mind with regards to the cash payment. I was going to just tell them that I'm using CreditKarma and still take the money (even if it's far less than $125) but since it looks like that doesn't do all three bureaus, I'm considering opting for the monitoring instead. Anyone else doing that too?
#185
FlyerTalk Evangelist
Join Date: Jan 2014
Location: San Diego, CA
Programs: GE, Marriott Platinum
Posts: 15,503
Anyway, I decided to stick with the cash payout. Besides, the settlement didn't specifically say that whatever service you're using has to cover all three bureaus.
#187
Join Date: Jul 2011
Posts: 1,131
I requested the free credit monitoring and time for adding & thawing credit freezes since the breach. However, only two weeks after submitting, someone accessed a store credit card of mine using account lookup (likely with a Social Security number) and made several large purchases within a 10 minute period. Had to ask the administrator if I could amend my claim for additional time related to calling the bank, filing law enforcement reports, and requesting extended fraud alerts.
#188
Join Date: Mar 2011
Location: BDL, JFK
Posts: 658
"According to the filing in the U.S. District Court for the Northern District of Georgia, Atlanta Division, Equifax was protecting sensitive personal information on a portal used to manage credit disputes with the username “admin.”
And if that wasn’t enough, the password protecting that data was probably the first one an attacker would guess: Yes that’s right, it was also “admin,” according to the lawsuit."
https://www.forbes.com/sites/kateofl.../#51ffb3543d38
And if that wasn’t enough, the password protecting that data was probably the first one an attacker would guess: Yes that’s right, it was also “admin,” according to the lawsuit."
https://www.forbes.com/sites/kateofl.../#51ffb3543d38
#189
FlyerTalk Evangelist
Join Date: Jan 2014
Location: San Diego, CA
Programs: GE, Marriott Platinum
Posts: 15,503
"According to the filing in the U.S. District Court for the Northern District of Georgia, Atlanta Division, Equifax was protecting sensitive personal information on a portal used to manage credit disputes with the username “admin.”
And if that wasn’t enough, the password protecting that data was probably the first one an attacker would guess: Yes that’s right, it was also “admin,” according to the lawsuit."
https://www.forbes.com/sites/kateofl.../#51ffb3543d38
And if that wasn’t enough, the password protecting that data was probably the first one an attacker would guess: Yes that’s right, it was also “admin,” according to the lawsuit."
https://www.forbes.com/sites/kateofl.../#51ffb3543d38
#190
Moderator: Budget Travel forum & Credit Card Programs, FlyerTalk Evangelist
Join Date: Aug 2002
Location: YYJ/YVR and back on Van Isle ....... for now
Programs: UA lifetime MM / *A Gold
Posts: 14,426
Seems the Chinese were behind this
According to many news sources (hence no links, as it's one of top stories on pretty much all news websites as well as national news), it seems that four Chinese nationals were indicted today for the breach.
Perhaps they are sitting on the info and why people were not as badly effected as some of us feared.
As side note, I'm surprised no one posted this before me.
Perhaps they are sitting on the info and why people were not as badly effected as some of us feared.
As side note, I'm surprised no one posted this before me.
#191
Suspended
Join Date: Oct 2004
Location: Bay Area
Programs: DL SM, UA MP.
Posts: 12,729
Culpability still likes mostly with the companies which failed to protect their customers' data.
Even if you accept that only the perpetrators should be blamed, it's not like we're going to be able to bring these people to justice.
Even if you accept that only the perpetrators should be blamed, it's not like we're going to be able to bring these people to justice.
#192
Moderator: Budget Travel forum & Credit Card Programs, FlyerTalk Evangelist
Join Date: Aug 2002
Location: YYJ/YVR and back on Van Isle ....... for now
Programs: UA lifetime MM / *A Gold
Posts: 14,426
No, we're not going to bring the Chinese perpetrators to justice. And no, I don't accept that only they should be blamed. Someone else could have stolen the info and sold it to some nefarious characters.
#193
FlyerTalk Evangelist
Join Date: Jan 2014
Location: San Diego, CA
Programs: GE, Marriott Platinum
Posts: 15,503
As mentioned previously, it's more of a failing with how identity works in the US than anything else, though that still doesn't excuse Equifax's poor handling of their security.
#194
Suspended
Join Date: Oct 2004
Location: Bay Area
Programs: DL SM, UA MP.
Posts: 12,729
Yeah agreed on all counts.
Its a reflection on the state of things. Americans have gotten used to hearing about hacks and pretty much take it for granted that their info. is out there.
I don't think it's a big enough of an outrage or else it might be a campaign issue and some politicians may promise to address it.
There are various proposals but politicians don't feel pressure to act.
Its a reflection on the state of things. Americans have gotten used to hearing about hacks and pretty much take it for granted that their info. is out there.
I don't think it's a big enough of an outrage or else it might be a campaign issue and some politicians may promise to address it.
There are various proposals but politicians don't feel pressure to act.
#195
FlyerTalk Evangelist
Join Date: Jan 2014
Location: San Diego, CA
Programs: GE, Marriott Platinum
Posts: 15,503
Yeah agreed on all counts.
Its a reflection on the state of things. Americans have gotten used to hearing about hacks and pretty much take it for granted that their info. is out there.
I don't think it's a big enough of an outrage or else it might be a campaign issue and some politicians may promise to address it.
There are various proposals but politicians don't feel pressure to act.
Its a reflection on the state of things. Americans have gotten used to hearing about hacks and pretty much take it for granted that their info. is out there.
I don't think it's a big enough of an outrage or else it might be a campaign issue and some politicians may promise to address it.
There are various proposals but politicians don't feel pressure to act.
Anyway, IIRC it's free to freeze your credit reports now (regardless of state), so that's something. IMO it's nowhere near enough but I doubt we'll see much additional movement at the political level any time soon.