Both my wife and I got #2 . Now I guess it's time to freeze everything.

I think the actual resistance to a National ID politically would be that you could then use it to as a de facto National Voter ID.

After 9/11, there was some discussion about it, so more for national security than data security.

Again make it opt-in, at least for a transitional period.

Maybe starting at some point, stop issuing new social security numbers and force people to get this new ID instead.

Older people would never have to get this new ID, unless they wanted to.

So they've updated their breach website:

Anyway, I reentered my info and I get message #2 now. :rolleyes:

Same for me.
And, I'm guessing, virtually everyone else as well.

My First bank MLIFE card was hacked about 7 days ago...............several people reported the same exact fraudulent charge. I have to wonder if the 2 events are not related

That's the whole idea... We get our $51 and then we put one of the three corrupt bureaus out of business, and the most corrupt one at that.

In fact, I'd be so happy if all three of these worthless, data mining companies went out of business that I'd break into my happy dance if they did.

There should only be one credit score and one bureau ran by the government, not some independent company or companies.... Not 20 different scoring versions with three different companies so the consumer pays for one score, but the lender pulls another with a completely different score... Just another scam.

Today is the 9th and I still get a stupid prompt to wait until 9/13 to see any information.

"We know it's possible that you were affected by the data breach, but we're going to make you wait another four days to see if you actually were affected even though we just wrote that we'd fix this problem yesterday."

What gives the idea that government is more secure? Didn't the Chinese steal the SSNs of all gov employees 2 yrs ago? Isn't IRS hit with identity theft tax refunds every year and they have no idea until the taxpayer themsleves finds out? Heck, even NSA, the most secure division - their software and classified info gets leaked all the time!

The name of the game these days is not security but monitoring. Just have to be vigilant on what's going on with your accounts. If one thing government can do is perhaps change the laws. because now if you're hit with identity theft, you alone have to spend all the effort just to get back to pre-identity theft. Or a division that helps consumers with identity theft.

Also, 3 credit bureau system probably helps consumers more than harms. Especially people here, considering for a simple fact that now they can split the 50 hard pulls over 3 places than just 1 place and spook all lenders.

But I agree that equifax is the most useless and inept of the 3 so if it was going to happen to any one of them, my guess would've been them.

Except the government system isn't for profit so I don't care as much. They're not making a profit and they don't have information they otherwise wouldn't have had anyways. The government would also let the people know they've been hacked much sooner than Equifax had done. I believe the government would be more helpful if something like this to happen under their watch when compared to Equifax.

Split the inquiries over 3 bureaus? Hardly, in certain regions of the country, one bureau is pulled more than the other two (with certain exceptions of Barclays with TU and AMEX with EX), but ALL show new accounts, which is what lenders will take into account more heavily than inquiries when looking at your credit report. Most people who frequently apply for loans have a lopsided inquiry count with at least one of the three bureaus, and almost all of the same information is shared between the three of them, which is why most have been suggesting you freeze ALL of your reports, not just your Equifax.

Me? It stinks I have to be a victim to three companies who data-mining by information without paying me, but instead, makes ME pay THEM to see my credit report. What demand is there for credit storing bureaus? None, the world would be better off without them and the lending world could still go on if one non-profit organization took over for them.

How is a private company going to issue and authenticate identity?

We have Apple ID, Google accounts, FB, Twitter, Amazon, Microsoft accounts, etc.

Are we going to replace Social Security numbers with a patchwork of different accounts from different companies?

Not even the most anti-govt, staunch libertarian has suggested that our identities be issued and managed by private enterprise.

If a new ID scheme develops to replace Social Security, it's going to come from govt, though maybe they'd consult with tech companies and data security experts to develop and deploy this new scheme.

I'm in their system but they're saying I'n
 

No, that's the weird thing, I've tried a couple times, correct last name, correct SSN last 6 digits, and I'm getting #3 . I've applied for 100s of credit cards over the decades, only 1 car loan in the past (no longer open), and never a mortgage in my life.

I'm wondering if it was not their main database that was breached, but some sub-database, perhaps one with mortgages, perhaps one with current car loans, perhaps one for certain parts of the country, perhaps one which had just gotten an update for a credit in the past week (and all mine updated at other times in the month), perhaps one which had only one a clear address (mine has multiple messed up versions of my address), whatever? Because for some reason I'm definitely in their system yet they're saying I'm not affected.

Again, a third party is giving our information to another third party who obviously then can't be trusted with it. But if we want that information, WE have to pay for it. So they store our information without our permission and then we have to pay to obtain it.

Any company where you have to buy information about yourself is a scam. Not just the credit bureaus, but Ancestery.com and others are also a scam... It's just that when you use Ancestery.com, they don't have 15 different models of your family, just one.

I'm not the type to want free handouts, but credit scores and reports should be FREE and also SIMPLIFIED... IT IS YOUR INFORMATION. A person should be able to get information on what bureau the lender is pulling, what version, etc., and then they should be able to go online and get that information before submitting the application.... It shouldn't be a stupid guessing game of which bureau and report version they'll pull in which then you go out and pay $25 to obtain information that they MIGHT or MIGHT NOT pull from Equifax, Experian, or TransUnion.

If anyone can't see by now why I'd like to see Equifax disappear after this, well I don't know how to explain it any other way.

The other 2 bureaus have probably been working overtime making sure they haven't been hacked... or trying to figure out the best way to say "we were hacked too..."

It may be time for our government officials to start looking into a plan to give those affected new SSNs. Yes, it's a nightmare scenerio, but now that some other nation of hackers has everything on us, we now need new banking identities. The number 1 responsibilty our government has is to protect it's citizens. This is cyber war and we have been hit.

New SSNs will get hacked again.

It's inherently not secure.

On a positive note, maybe some of us would drop below 5/24 as a result of getting new SSNs? :cool: (Yeah, I know it probably wouldn't work like that, but still.)

This is what ticks me off about (lack of) privacy:

They compile my data without my consent. They cannot safeguard it. Data breaches are commonplace now. The problem with this one is that they have all the info to commit identity theft. It's info which will not change. They could even hold onto it until the buzz dies down and free credit monitoring is over and then wreak havoc. Everyone seems to use it (or try to) as a unique identifier. I make as big a fuss as I can when asked, but for a lot of things it's impossible not to provide this info. I even have to provide it for professional licenses.

I hope there are severe consequences to Equifax and any other organization that is hacked. Credit freezes and unlocks should be free. They basically have our info held hostage.

That's what the British government uses. You pick the private company you want to identify you for government purposes. I use Digidentity because they support FiDO U2F.

British NI numbers are never used by private companies for identity checking. US SSNs aren't meant to be, and every company that does shouldn't.

So how do Brits get credit or sign up for accounts?

I know some EU countries require passports and other registration, just to get a SIM card or even check into a hotel.

Wow, total IT incompetence at Equifax.

When you do a credit freeze with them, the PINs they generate are nothing more than a date and time stamp.

https://arstechnica.com/information-...redit-reports/

I've had a freeze with them for awhile now, because of a different hack. I didn't notice but looking at it, it is a date and time stamp. I don't even know if these dummies let you change your PIN.

I froze mine this morning. The PIN was not a date/time stamp.

Equifax was free for the freeze. Tried another and they wanted $10.00. My info was impacted according to website, is it necessary to freeze all 3?

I would think you would not need to freeze the two that were NOT implacted @:-)

Why would you think that? If someone uses your SSN/DOB to apply for a credit card application (AMEX, say) and AMEX usually uses Experian to pull credit reports, what good does it do to have only Equifax frozen?

The idea is to keep people from opening up credit in your name and different banks use different credit reporting agencies to do the credit checks. If you're concerned enough to freeze one, you should be concerned enough to freeze all three.

they being able to charge $$$ for me to freeze is ridiculous. I never gave anyone permission to store my data.

I thought freezing one causes all the others to freeze, but I guess not?

A fraud alert placed upon one is supposed to cause the other two agencies to be notified.

I'm surprised this thread isn't 500 pages long, why does there seem to be so little interest ?

Guess you can only vent so much. And complaining on an Internet chat board won't bring accountability.

I was just thinking the same thing. I've seen posts at r/churning where the poster dismisses a credit freeze because it would interfere with their credit card churning. Identity theft will interfere on much, much grander scale.

I think a lot of people basically have assumed that the info has already been out there for quite a while, not to mention that Hurricane Irma kinda drowned out this news until recently.

Same here,I figured my data would already be used. I just pulled my credit report and it looks fine, not sure how long of a delay before a new card shows up as my new AA card from 12 days ago does not appear to be listed and I pulled all 3 bureaus.

I checked Friday and I can't even sign up until tomorrow.

I think you're right about the huge time lapse already. All we can do is monitor all our accounts (which we do anyway).

It's probably still a good idea to lock one's credit reports, especially if you have some notoriety (or otherwise are more likely to be personally targeted for whatever reason). But if one doesn't, the chance of a criminal pulling your name/SSN/etc. at random out of hundreds of millions of people may be low.

The thing that's really unfortunate, though, is that locking and unlocking one's credit isn't free, with a few exceptions. That might change, however, if Sen. Schatz's letter to Equifax results in the latter reimbursing people for them.

Locking reports vs churning for fun and profit
 

Like a lot of people here, I churn credit cards like mad. It's been highly profitable for me to do so. It wouldn't be practical to lock and unlock my reports constantly, so the choice is to freeze the reports and quit the hobby or to take my chances with the criminals and keep churning as long as I can. I'm going to continue to churn for the time being.

The bolded statement in your post is something I consider relevant. The sheer numbers involved leads me to believe that one has a short window of time to take precautions. I'm not an IT guy - so I have no idea how quickly one can sort 143 million records - but I'd think it would take a while.

That may just be optimistic speculation on my part.

Interesting. Can you elaborate a bit?

From my perspective, I think you may be underestimating the time, cost, and hassle involved in eliminating the damage you might incur from someone taking out a mortgage in your name or a home equity loan in your name....or using your SSN to engage in criminal activities.

If there was ever a time to take a "strategic pause" from churning, this would be it.

I just don't see the positive risk/reward ratio. Cheers.

Had my social and birthday stolen just before Xmas 2010 - not any cc info. Probably from a doctor's office when I was being treated for breast cancer. Thieves used the info to open an account with AT&T and charge 4 iPhones to it (and they were way cheaper than the new ones coming out now). Only way I found out was when mail from AT&T arrived 2 days before Xmas. I thought it was junk mail and was about to chuck it when I noticed an orange band across one side saying New Account Info (like hey, should you be advertising that on the outside of your mailing?). The fraud was committed the day that AT&T closed their billing cycle, so I got the notice about 2 weeks after it happened rather than almost 2 months after. It was actually misaddressed, but the post office delivered it because they knew my correct address. Lucky me.:(

In the process of dealing with it (disputed charge, fraud alerts, police report), I was told that the info could be held for years and eventually resurface. When you know that your social security number is out there, it is a very unsettling feeling. Maybe it was over-reacting , but I ended up paying for credit monitoring with - guess who - Equifax! Had just been considering dropping it since it has been almost 7 years, and nothing negative has happened. Now I will probably just put on the freezes and drop it. Everyone will have to decide what works for them, but for myself, the inconvenience of the freezes is probably worth it.

went to enroll this morning and site is down...

Trans Union offers free locking..easily turned off and on, no pin via their TrueIdentity. You can also freeze your Trans Union report. There is a fee involved and pin, not quite sure of the difference, but they appear to have the same result.
Equifax was free for me yesterday. Experian wanted $10. I believe that varies by state.

Edit- locking through Trueidentity won't help much..from website:

About this feature:
-Creditors, lenders (when you apply for a loan), landlords and employers can request and view your credit report.
-Locking your TransUnion Credit Report blocks others from looking at it, which may serve as a critical step in preventing an identity thief from applying for credit in your name.

Who are the "others" that are blocked from seeing your report if creditors and lenders are not?
edit again...or maybe I'm reading the above wrong

The responses above cover it pretty well. The criminals have had a minimum of five weeks and possibly as many as nine or ten to sell the stolen data again and again and again before anyone was able to put a credit freeze in place. Once the data is out, it's out for good. Criminals could wait patiently and open accounts in your name years from now. So your pause may be an indefinite one. I've received tens of thousands of dollars worth of benefits from churning, so the price of discontinuing the hobby for many years seems very high.

And this may be wishful thinking, but given the sheer number of affected people, I think there will be better tools available soon to respond to attempted identity theft. The politicians and the executives of the credit agencies have had their information stolen too.