Equifax hack
Moderator: Global Moderator
Equifax hack
I went to do the same, but it really grinds my gears I need to *pay* to do that.
Re: Equifax hack
Odd. I froze my credit with all three bureaus, and I don't remember paying anything. I think it might depend which state you're in.
Re: Equifax hack
I believe it does. Sadly, it appears WA state does not appear have any favorable laws, so it's about $10/bureauWiseOne wrote:I think it might depend which state you're in.
Re: Equifax hack
Residents of Washington are allowed a free credit freeze if they are the victim of "identity theft." Take a look at the definition of "identity theft" and "victim" in 9 RCW. It is much broader than you would think, and arguably it applies to anyone who had their credit information released in the recent Equifax fiasco. Make your argument.
Re: Equifax hack
Was there also an Experian hack or is the thread title wrong?
I thought it was Equifax. Used to be my employer, BTW.
I thought it was Equifax. Used to be my employer, BTW.
Re: Equifax hack
I paid, but will be itemizing on 2017 Federal taxes.Maddy wrote:Residents of Washington are allowed a free credit freeze if they are the victim of "identity theft." Take a look at the definition of "identity theft" and "victim" in 9 RCW. It is much broader than you would think, and arguably it applies to anyone who had their credit information released in the recent Equifax fiasco. Make your argument.
- Kriegsspiel
- Executive Member
- Posts: 4052
- Joined: Sun Sep 16, 2012 5:28 pm
Re: Equifax hack
On the subject of freezing credit... If I don't plan on opening any new credit cards or getting a mortgage or using my "credit" in any way... is there any reason not to freeze my credit?
Re: Equifax hack
We bought a new car for my wife this year and paid cash (personal check), yet the dealership still checked my wife's credit score. Not sure why; maybe they just wanted to be extra sure of her identity in case our check bounced and they needed to track us down to break our thumbs or something.
Maybe they would have let us pay cash even if our credit was frozen, but I'm not sure. Just thought I'd mention it.
Maybe they would have let us pay cash even if our credit was frozen, but I'm not sure. Just thought I'd mention it.
Re: Equifax hack
None that I know of. Mine's been frozen for about ten years, and the only time it's ever became an inconvenience (albeit only a very slight one) was when I applied for a mortgage loan. In that instance, all that was required (to the best that I can recall) was a phone call to unfreeze for 48 hours and a second phone call to put the freeze back on.Kriegsspiel wrote:On the subject of freezing credit... If I don't plan on opening any new credit cards or getting a mortgage or using my "credit" in any way... is there any reason not to freeze my credit?
Re: Equifax hack
How many bureaus did you have to unfreeze?Maddy wrote:None that I know of. Mine's been frozen for about ten years, and the only time it's ever became an inconvenience (albeit only a very slight one) was when I applied for a mortgage loan. In that instance, all that was required (to the best that I can recall) was a phone call to unfreeze for 48 hours and a second phone call to put the freeze back on.Kriegsspiel wrote:On the subject of freezing credit... If I don't plan on opening any new credit cards or getting a mortgage or using my "credit" in any way... is there any reason not to freeze my credit?
Re: Equifax hack
Another inconvenience: frozen credit prevents you from getting an online account at the Social Security Administration. I hope that doesn't mean they will make a hard inquiry, but sounds like it. In which case you don't want to do this right before applying for a mortgage.
Apparently, you either need to unfreeze credit (not sure which bureau) or show up in person at a Social Security office (bring SS card and passport). It turns out there's one of those about a 5 minute walk from me, so I'll probably do that.
Apparently, you either need to unfreeze credit (not sure which bureau) or show up in person at a Social Security office (bring SS card and passport). It turns out there's one of those about a 5 minute walk from me, so I'll probably do that.
Re: Equifax hack
I don't recall whether it was the major three (TransUnion, Equifax, and Experian) or just the one that the lender intended to use. It certainly was no more than that.ochotona wrote:How many bureaus did you have to unfreeze?Maddy wrote:None that I know of. Mine's been frozen for about ten years, and the only time it's ever became an inconvenience (albeit only a very slight one) was when I applied for a mortgage loan. In that instance, all that was required (to the best that I can recall) was a phone call to unfreeze for 48 hours and a second phone call to put the freeze back on.Kriegsspiel wrote:On the subject of freezing credit... If I don't plan on opening any new credit cards or getting a mortgage or using my "credit" in any way... is there any reason not to freeze my credit?
Re: Equifax hack
I'm surprised this news doesn't seem to be getting a lot of attention. The theft of enough personal information to facilitate the ID theft of 140 million people sounds like the potential death of ez-credit as a policy to me.
At the personal level here's a guide to protect yourself in the short term.
https://arstechnica.com/information-tec ... -now-what/
At the personal level here's a guide to protect yourself in the short term.
https://arstechnica.com/information-tec ... -now-what/
Re: Equifax hack
IRS Form 14039 - Affidavit of Identity Theft. This may be needed to prevent tax refund theft in the future. I've got a call out to my tax people about this form, whether I should send it in in order to get a PIN assigned to me.
Re: Equifax hack
I just checked on Experian's Equifax's website, and yes, my account was one of those compromised.
I thought it would be useful to start a list of forms of identity theft and the easiest preventive measures. Since apparently the responsibility for this is entirely on us. Thus the PP forum's Guide to Identity Theft. Please add/edit at will!
1. Your credit card or bank account number is stolen and someone starts shopping on your nickel
As a YNAB "classic" user, I reconcile credit card and bank accounts every month. I've caught several fraudulent charges that I might otherwise have missed, average 1-2x/year. The credit card companies in question made it very easy to deal with, but the catch is that most require you to report fraudulent charges within 30 days. In some obvious cases (like the huge charge at a restaurant in Vietnam) the company caught the fraudulent charge before I saw it and notified me.
2. Someone breaks into your bank accounts online or via ATM, and starts draining money
Never happened to me, and frankly I don't know what to do about this, other than strong passwords & two factor authentication where available. Plus monthly monitoring.
3. Someone with your SSN and other info starts opening credit accounts in your name
I froze my credit last year. Be sure to get all loans & credit cards you're interested in first, and don't lose the PINS. Also, creating accounts on government websites requires a credit check - I know for sure about Social Security and MyEVerify, not sure about Treasury Direct. Do those things first.
4. Someone with your name and SSN applies for a job in your name
If the employer does a credit check, the freeze should prevent this issue. If they don't do that but do use EVerify, you should detect it on MyEVerify - not sure how often that's the case though. I imagine most dodgy employers taking on someone with an illegally obtained SSN probably do neither, in which case the first you'll hear of it is a tax notice from the IRS about the reported wages.
5. Someone with your SSN files a paper tax return in your name, claiming and getting refunds
This is why I file taxes at the earliest possible date every year: "He who files first, files best." The main limitation is waiting for all tax info from employers etc, which usually takes until about middle to late February. The risk of doing this: 1) tax software company discovers and fixes a bug late in the tax season, after you've already filed, and you only find out two years later when you get a tax notice from the IRS; 2) you get an amended tax document, which happens 2-3x each year for me.
I thought it would be useful to start a list of forms of identity theft and the easiest preventive measures. Since apparently the responsibility for this is entirely on us. Thus the PP forum's Guide to Identity Theft. Please add/edit at will!
1. Your credit card or bank account number is stolen and someone starts shopping on your nickel
As a YNAB "classic" user, I reconcile credit card and bank accounts every month. I've caught several fraudulent charges that I might otherwise have missed, average 1-2x/year. The credit card companies in question made it very easy to deal with, but the catch is that most require you to report fraudulent charges within 30 days. In some obvious cases (like the huge charge at a restaurant in Vietnam) the company caught the fraudulent charge before I saw it and notified me.
2. Someone breaks into your bank accounts online or via ATM, and starts draining money
Never happened to me, and frankly I don't know what to do about this, other than strong passwords & two factor authentication where available. Plus monthly monitoring.
3. Someone with your SSN and other info starts opening credit accounts in your name
I froze my credit last year. Be sure to get all loans & credit cards you're interested in first, and don't lose the PINS. Also, creating accounts on government websites requires a credit check - I know for sure about Social Security and MyEVerify, not sure about Treasury Direct. Do those things first.
4. Someone with your name and SSN applies for a job in your name
If the employer does a credit check, the freeze should prevent this issue. If they don't do that but do use EVerify, you should detect it on MyEVerify - not sure how often that's the case though. I imagine most dodgy employers taking on someone with an illegally obtained SSN probably do neither, in which case the first you'll hear of it is a tax notice from the IRS about the reported wages.
5. Someone with your SSN files a paper tax return in your name, claiming and getting refunds
This is why I file taxes at the earliest possible date every year: "He who files first, files best." The main limitation is waiting for all tax info from employers etc, which usually takes until about middle to late February. The risk of doing this: 1) tax software company discovers and fixes a bug late in the tax season, after you've already filed, and you only find out two years later when you get a tax notice from the IRS; 2) you get an amended tax document, which happens 2-3x each year for me.
- I Shrugged
- Executive Member
- Posts: 2062
- Joined: Tue Dec 18, 2012 6:35 pm
Re: Equifax hack
I bet in several years we will look back at this and laugh about how weak and vulnerable the electronic transaction system was. The various financial entities wanted to make it painless for consumers, but that is now backfiring. In the future we will have to have some sort of physical verification. Voice, a key thingy, fingerprint, retina, something.
I see a parallel in all of the stolen emails over the past few years. Why don't organizations implement encryption???? Because it's too inconvenient? Probably. Because it looks suspicious? Maybe. Or is it otherwise not effective in a large organization and their outside contacts?
I see a parallel in all of the stolen emails over the past few years. Why don't organizations implement encryption???? Because it's too inconvenient? Probably. Because it looks suspicious? Maybe. Or is it otherwise not effective in a large organization and their outside contacts?
-
- Executive Member
- Posts: 522
- Joined: Mon Aug 24, 2015 3:12 pm
Re: Equifax hack
Anyone considering or have experience with taking this sort of thing to small claims court?
Re: Equifax hack
Biometrics are dangerous. Once compromised, they can't be changed. Also it gives incentives for death and/or mutilation. Not only all that, but you leave your authenticators behind you everywhere you go: fingerprints, your voice, pictures of you. Really they're not very good at all.I Shrugged wrote:I bet in several years we will look back at this and laugh about how weak and vulnerable the electronic transaction system was. The various financial entities wanted to make it painless for consumers, but that is now backfiring. In the future we will have to have some sort of physical verification. Voice, a key thingy, fingerprint, retina, something.
I see a parallel in all of the stolen emails over the past few years. Why don't organizations implement encryption???? Because it's too inconvenient? Probably. Because it looks suspicious? Maybe. Or is it otherwise not effective in a large organization and their outside contacts?
Re: Equifax hack
I was one of the hacked IDs according to the Equifax website - so I enrolled in the Trusted ID Premier program.
Wasn't sure I wanted to at first. They say the hack occurred through the website. So now they have a link to a new program where you give them all your information on the website.
Say what?
How do I know that's not part of the hack of their website. I think it's called cross-site-scripting or page hijacking or something like that. I used to do this kind of stuff for a living but already forgot everything I know after being retired for a year.
The fact that somebody was able to steal 140 million IDs through the website tells you how insecure their system is. That's right through the front door.
Wasn't sure I wanted to at first. They say the hack occurred through the website. So now they have a link to a new program where you give them all your information on the website.
Say what?
How do I know that's not part of the hack of their website. I think it's called cross-site-scripting or page hijacking or something like that. I used to do this kind of stuff for a living but already forgot everything I know after being retired for a year.
The fact that somebody was able to steal 140 million IDs through the website tells you how insecure their system is. That's right through the front door.
Re: Equifax hack
EF says they will waive credit freeze fees for 30 days
Re: Equifax hack
How generous of them.ochotona wrote:EF says they will waive credit freeze fees for 30 days
Nice windfall for Experian and TransUnion who aren't waving fees.
Re: Equifax hack
My sister just checked the Equifax site and had some excellent questions. Her entire family including her two kids, who have no credit history at all not to mention that the family live in Canada, came up as potentially compromised. My sister pointed out that searching a database of 143 million SSNs should take a while, whereas the site instantly comes back with the answer "yes".farjean2 wrote:How generous of them.ochotona wrote:EF says they will waive credit freeze fees for 30 days
Nice windfall for Experian and TransUnion who aren't waving fees.
In other words, they're not checking anything. They just have a website that makes it look like they are, and then they say yes to everything.
And then consider this: Multiply the credit freeze fees times 143 million people...that's a nice chunk of change. And then there's the one year signup for the ID protection deal. At the end of the year, let's say just 10% decide to pay up and keep the service. Also a nice bit of extra income.
Anyone see where this is going??
The honorable thing would be for all 3 credit bureaus to offer free credit freezes for the next year. YEAR. Not 30 days.
-
- Executive Member
- Posts: 1102
- Joined: Fri Jan 06, 2012 9:04 am
Re: Equifax hack
Not disagreeing here at all, but have you noticed how long it takes Google to return results for a search? (not long)WiseOne wrote: My sister just checked the Equifax site and had some excellent questions. Her entire family including her two kids, who have no credit history at all not to mention that the family live in Canada, came up as potentially compromised. My sister pointed out that searching a database of 143 million SSNs should take a while, whereas the site instantly comes back with the answer "yes".
In other words, they're not checking anything. They just have a website that makes it look like they are, and then they say yes to everything.
Re: Equifax hack
Absolutely agree with this. I've not frozen through Equifax yet because honestly I don't want to give them any money for their own f-up. But they absolutely should foot the bill for anyone to freeze their credit across all bureaus.WiseOne wrote:farjean2 wrote: The honorable thing would be for all 3 credit bureaus to offer free credit freezes for the next year. YEAR. Not 30 days.
I suppose one could take them to small claims court for that, but for $30 (my cost at least) it's just not worth the time/effort.