Equifax Suffers Largest Breach of 2017

143 Million Equifax Consumer Files Breached

Equifax, a provider of consumer credit scores, was just confirmed as a victim of a data breach.  The incident resulted in 143 million customer files being compromised.  Therefore, this is one of the biggest breaches in U.S. history, and the largest reported in 2017.

The hackers were infiltrating the company’s systems from May to July of this year.  The consumer data compromised includes names, social security numbers, and in some instances, the customer’s driver’s license number.  Hackers also obtained credit card information for 209,000 customers.  Beyond U.S. customers, certain individuals located in Canada and the U.K. were also impacted.

It is unclear if the impacted customers have been notified, or what Equifax plans to do to fully remediate the situation.  The company learned of the breach on July 29th, and has been working with a cyber security firm to conduct a thorough investigation.  Equifax CEO, Richard Smith, made the following statement to Bloomberg,

“This is clearly a disappointing event for our company, and one that strikes at the heart of who we are and what we do. I apologize to consumers and our business customers for the concern and frustration this causes.”

Were You Impacted?

To find out if your personal information was compromised, you can visit Equifax’s Potential Impact page.  Click on “Check Potential Impact”.  You will need to enter your last name and the last six digits of your social security number.  Upon doing so, you will be notified if your information was secure, or if they believe it was compromised.  If there are concerns the data was compromised, you will see this on your screen:

If you get this message — you have the opportunity to enroll in the TrustedID Premier program.  The program features include: Equifax credit report, credit monitoring by 3 credit bureaus, Equifax credit report lock, $1M in identity theft insurance, and social security number scanning.

To see if your data was potentially leaked, click here.

(Visited 31,660 times, 5 visits today)

35 thoughts on “Equifax Suffers Largest Breach of 2017

  1. Ok just got my ‘activation email’ Now to activate ( on an equifax system) they want a bunch more personal info to activate. Just what I want to do-they already demonstrated they can’t keep data secure, and now they want MORE personal info? Not likely from me!!!!! Bite my ass, equifax!!!!

  2. Still have not received my email from either TrustedID or Equifax for enrolling in their 1 year free credit monitoring system, so started googling and this is what I found:

    The terms of an agreement where the URL embedded in the document does not work https://trustedidpremier.com/static/terms

    Just like you said, a clause that was in the opt in agreement waiving my rights, which now I have to request in writing in 30 days that I do not want to waive my rights, https://slickdeals.net/f/10541992-free-trustedid-premier-credit-monitoring-service-for-1-year

    I should known better to put in my full name, ssn, and dob in opt in form, but I thought I could trust TRUSTEDID and I wanted my information protected from the Equifax breech.

    This is worse than the VolksWagon scam! Is this Fake News or what? I am sure after a year of FREE protection Equifax is going to want me to start paying them for this useless personal information protection service.

    So now I have to write a letter to Equifax letting them know if there is class action law suit I will be in on it and I am signing up for a real personal identity protection at https://www.idshield.com/?hub=markacook

  3. I went on their site and checked and it said “it may appear” that both my wife and I could be impacted, however, it appeared to me that Equifax website or landing page is pretty scetchy as to what the statement “may appear to have been impacted” Do they know or not if you have been impacted?
    I do not like signing up for anything online where the pure fact of putting your personal information on some landing page that claims to be there to help when it could be a clone site just to steal your information.
    I just got through dealing with a clone site that tried to take a couple hundred from my credit card. I was able to catch it in time and informed the real company of the clone.
    So now days do not even trust your eyes or any landing page especially when it comes to money transactions or very personal information that would help the thieves.
    Play safe.

  4. I am disappointed in PCMatic recommending people fill out the equifax page. Here is it how sounds to me when I break it down….
    Your data has been breached on our site. Give us your data again and we will protect you.
    Seriously???
    the only people safe in this deal is the ones with crappy credit who cant get any loans or cards approved.

  5. I checked it and got that “probably affected” message and it referred me to their free service. I already have Life Lock, and it works great (like PC Matic) so I just left it blank and will wait for the law suit.

  6. It is my understanding that if you opt into checking to see if your personal data was breached that you are consenting to not engaging in any lawsuit that may be brought against Equifax when all is said an done. Go ahead, give up a few more of your rights seeing as they have already given most of yours away already. I don’t trust anyone anymore. Far as I’m concerned our data should not be handed over to any of these reporting companies. It’s clear they cannot protect our information.

    • @Vivian:

      They should give all that are affected free Equifax protection service for life.
      Equifax may have allowed it to happen to sell more protection services.
      For them to make you opt out of the law suit payment, if you accept their free 1 year of protection.
      That is dirty play for them to expect you to check if you are affected. If you check you are opting out of any payments from the law suit.

      Daniel

    • @Vivian:
      Reporting agencies should all be shut down. they are just dangerous and very offten have incorrect information.
      Wait a minute!, I’m not that worried, most of their information that they have on people is wrong anyway,
      @Vivian: @Vivian:

  7. I have used PCMatic for over a year now and have come to trust their protection. The fact that they provided the Equifax information on their website and sent it to me, a customer, has me thinking it is OK to use the offered protection from Equifax. If it turns out to be some sort of scam, it will be very damaging to PC Matic as well as Equifax. We customers depend on your expertise.

    PCMatic, your reputation is riding on this now!

  8. Use Life Lock or another reputable service… Fox Guarding the Chicken Coop with this Continuing Scam…

    There should be a class action consumer suite against EquiFax to cover any damages to individuals incurred from this inept conduct.

    Individuals affected have not even consented for to them to gather and “bank vault” their “Holy Grail” of information in which they are responsible for and have failed miserably…

  9. I Enrolled in Trusted ID Premier program by giving them my full name, ssn, dob, and email address. A pop up said that I would receive email but never did. Now I am really scared I just got phished out of my sensitive data. Should I cancel all my credit accounts and go into cash?

    • The email from Equifax may take some time. Some have reported it took a day, others reported a few days. Watch your inbox and spam/junk folders.

    • @Mark: Hey Mark…I’ve had Life Lock for 5 years now. I’m extremely satisfied with this company. For the first 4 years I never heard anything from then and wondered if they were really monitoring my info. Then in March of this year they called me to ask if I have applied for a Macy’s card. I did not and told them so. They then got the third party(Macy’s ) on the phone with me. Turns out someone who entered the info. had a typo. The application was denied. All good on my end. I’m paying $10.00 a month which really helps my peace of mind. You might want to check them out….Also have PC matic….

  10. The government should issue new social security numbers. In addition it should be unlawful for any business to request a social security number or to use it to identify a customer for any other purpose than the submission of s contributions. Additionally, consumer credit companies should be severely regulated and audited by the government.

    Also, penalties should be severe for any company which releases the personal information.

    A start.

    • It is pretty creepy that the company who gets breech offers a personal data protection service. I do not trust the government. The last two times my data has been breach was in the military and with the SC dept of revenue. They also offered a similar personal data protection services at no cost. I wonder how good is it compared to paying for a service.

  11. In mid-August, before Equifax announced the breach, at least two of my credit cards were used (a Capitol One Mastetcard, and a Gold American Express that I never use on-line) so I feel pretty confident they were obtained via Equifax, and I feel fairly confident that American Express and Capitol One use Equifax to store their card’s credit histories. The hackers also used my SSN to open an account and apply for a credit card at the Pentagon Federal Credit Union (I live in ALabama, they did however make me a “Colonel” on their application!!). The scariest and worse part of this (someone mentioned wanting to receive info from the Credit Bureaus via US Mail) is that the hackers used my American Express number at the on-line USPS site to create a mail forwarding request that sent ALL my mail to an empty mail box in Oregon!!! On the USPS website, it charges one of your credit cards $1 to verify your identity (duh, what if hackers have your credit card, which they did?!?!?) before placing the forwarding Order that takes 7-10 days to start. Of course as soon as I learned my credit cards were compromised, I froze my credit file. How do the Credit Bureau’s provide your “lift the freeze” PIN? Via USPS Mail. None of the three bureau’s mark the envelopes “Do No Forward”, or “Address Service Requested” so you know the rest of my story! Because of the USPS time lag in sending me a confirmation letter (6-days) “congratulating me on my recent move!!), 2 of my freeze 3 PINs were forwarded to the hackers!!! Now try finding a live rep at any bureau to request a “freeze PIN change” or even a link, or FAQ on-line to help you!! Be on the look-out for a $1 USPS charge, but when you see one, it’s probably already too late. The USPS Postal inspector group I talked to 7-times in 5 days was of no help (they just kept issuing new Case Numbers!). Ultimately, working with my local post office who provided me with the Postmaster name/number in Newberg OR was I able to have my illegally forwarded mail held while the USPS 7-10 day cancellation process (after loosing 6-days before I received the USPS forwarding notice) finally went into effect. These are sophisticated hackers, so don’t feel overly confident relying on “snail mail” either. You might have already been affected (or will be in the future) and won’t know about it for weeks. Learn from my Equifax horror!!

  12. Yeah well I was listed as affected, signed up, still waiting on a response email-methinks it was just a setup by equifax to drum up business.

  13. I found my information as well as my wife and daughter information was released. The site said click on a link to finish Regerstration. No matter what I did it would no allow me to finish entering the information required for the regerstration Equifax credit monitoring
    The next day I tried again a was able to enter the information Equifax wanted. But each time we tried to enter my wife and daughter information each time there was a day delay to finish the Equifax process. It took us 6 days.
    I believe Equifax limit of one year to monitor our credit credit for free is outrageous. They lost the information.
    Note I read New York has ruled that Equifax can’t enforce there disclaimer they can’t be sued if you sign up for credit monitoring.

  14. Why would I want to put my last name and last 6 SSN’s on an Equifax run website?!!! The easiest SSN’s to figure out are the first 3 numbers since they are based on where you were born!!! So, if for some reason my info wasn’t stolen before why don’t I make it easier for hackers to get my info now?!! (sarcasm)!!!

  15. Saw on WUSA9 DC news CBS affiliate they verified that Eqifax has “removed” the language that would stop anyone from litigation in a class action suit. I signed up for the Trusted ID. Just got the confirmation email to click the link. I’m still thinking about it. Hoping to hear further news to verify it’s the 2nd round to the Equifax breech or not. Equifax might be the credit enemy? Like said why used hacked computers to sign up customers to see if their personal credit data was hacked. Especially giving out the full SSA number on an unknowingly secure web page that the browser says is Equifax. Not sure enough to verify using that email they sent me. An yeah that email is valid just goes to my spam email account. So if you reply to me I don’t get it.

  16. No matter what you type in to the Enrollment box, you are told you might be infected.

    So here we have a company using it’s own data breach to generate revenue from unsuspecting consumers,

    SHAMEFUL.

    Are you going to correct the article? Are you colluding with Equifax on this program?

    • PC Matic is not colluding with Equifax. The article simply provides a link allowing users to use the resources provided. If they choose to enroll in the program, that is entirely up to them. Thank you for sharing your feedback.

      • @Kayla Thrailkill:
        Kayla,

        Your article is featured in the PC Matic email with the subject line, “Did Equifax Breach Your Data? Find Out Now.” Your article ends with the words, “To see if your data was potentially leaked, click here.”

        Many other researchers have shown that Equifax’s Potential Impact page is extremely inaccurate. It’s obviously an unprincipled attempt to get people to sign up for their service.

        I don’t think PC Matic is colluding with Equifax, but you’re aiding and abetting them by trying to convince your readers that Equifax will help them see if their information has been leaked.

    • @Alan Robbins:
      I typed my last name and 6 numbers of my SS#, and it told me I’m not infected. Yay for me and mySS#! Of course I just didn’t type in any old thing. I typed in my correct info.

    • @Alan Robbins: Actually, i put my info in and it said i was not affected which surprised me because I just finished up a home loan in the last 6 months and I have a copy of my credit report from them as was required from the lender. Oh well.
      Truth is, no one is safe. Period. Do what you want but there is no protection. A door lock is only there to keep honest people honest. The only saving grace is that most CC companies will back you up if someone steals your card no’s.

      • A few days after this story broke — and many people discovered the form would take any input – it magically started working. Of course no comment from Equifax about any of this.

        There’s big profit in scaring people… Just sayin

  17. Would it not make sense for Equifax to notify it’s customers if they were infected by U.S. Mail, rather that use E-mail. or any other computer method, since computers were hacked ? You have (Equifax) left a method for someone to check by clicking on a link giving their name and six (6) of their nine digits in S.S. numbers, Really ? Convince me that a link, site, or computer location is COMPLETELY secure by verifying my basic info, with out numerical data (which I would include on a U.S. Postal Mail Form only) and I would then enter your program to check.

  18. I have not seen the fine print on the program that Equifax is offering but I was told that within the agreement they want you to sign, you give up the right to litigate against them. Again, I have not seen it in print but I would certainly read the agreement before signing it.

Leave a Reply

Your email address will not be published. Required fields are marked *