Parenting-Furkids

This And That - Often Non Pet Related Topics => General Discussion => Topic started by: Pookie on September 08, 2017, 10:36:48 AM

Title: Equifax breach
Post by: Pookie on September 08, 2017, 10:36:48 AM
In case you weren't aware:  https://www.yahoo.com/finance/news/equifax-breach-exposes-143-million-040540905.html

I wonder if I should sign up for LifeLock, or a service like that.  This just drives me nuts.  I do everything I can to protect my information, and these companies get hacked?!?!?!   bangshead bangshead bangshead bangshead bangshead bangshead
Title: Re: Equifax breach
Post by: DeeDee on September 08, 2017, 10:52:26 AM
Yeah. Heard about it too. Probably going to be one of those that gets a letter. Someone tried using our credit card a few months ago, and had to get a new one, and we've still yet to find out where they got it from. No one can scan us b/c we have the lining in our billfolds and wallets.

Lifelock? That's a joke. My Dad thought he just had to have it, and someone tried breaching one of their accounts. Did they hear jack from Lifelock? Nope. Just like us a couple of months ago, the bank shut it down. That's one of the first things my mom got rid of last year.

Lifelock and other services like it are just more databases for your information to go into, and those databases can be hacked just like any other. https://www.wired.com/2015/07/lifelock-failed-one-job-protecting-data/
Title: Re: Equifax breach
Post by: Pookie on September 08, 2017, 11:02:48 AM
Thanks, Dee!  I've gotten stuff in the mail to sign up with them, but kept procrastinating.  This breach had me thinking maybe I should have signed up.  But if they're not going to protect my data, then I'm not going to bother.

Now I guess I have to put a credit freeze on.  Because according to Equifax, my info may have been breached.  Though the enrollment process for them to provide free monitoring for 1 year STINKS.  It's a loop.   >:( >:D
Title: Re: Equifax breach
Post by: DeeDee on September 08, 2017, 11:57:11 AM
You can always call your bank and ask about how they handle things in case someone goes after you. They would be the best ones to give you advice.
Title: Re: Equifax breach
Post by: Pookie on September 08, 2017, 03:07:37 PM
You can always call your bank and ask about how they handle things in case someone goes after you. They would be the best ones to give you advice.

Thanks, DeeDee.  Done.  Added another password (extra layer) and was advised to watch my FICO score (which I get to see for free on their website).  If the score go does, that could be a sign someone's trying to get credit using my info.  Unfortunately it's only updated quarterly.   :(
Title: Re: Equifax breach
Post by: DeeDee on September 08, 2017, 04:06:22 PM
CreditKarma is free. That's how I keep an eye on mine. I should probably start checking it every day now though instead of just once a week.

Edit: I've had it for years since they first opened though--way before things started getting as bad as it is today.
Title: Re: Equifax breach
Post by: Lola on September 08, 2017, 05:47:45 PM
My bank allows me to check my credit score for free.  In the grand scheme of things, that is probably risky that they have that info available with the click of a key on my keyboard. 
Title: Re: Equifax breach
Post by: Lola on September 08, 2017, 05:53:26 PM
Quote
The strongest possible option a person can take immediately is placing what's known as a credit freeze on their files with the major credit bureaus. That locks down a person's information, making it impossible to open new accounts and bank cards in their name.

I'm going to look into this.  At one time (mannny years ago), this was only allowed for people that live in certain states.  Mine wasn't one of them. 
Title: Re: Equifax breach
Post by: DeeDee on September 08, 2017, 06:10:07 PM
I'm going to look into this.  At one time (mannny years ago), this was only allowed for people that live in certain states.  Mine wasn't one of them. 

Whenever he gets home, I'm going to ask him to look into it. What if WE want to get something? How do we go about that? Does it take a long time to get it undone so that we can use our own credit?
Title: Re: Equifax breach
Post by: Lola on September 08, 2017, 07:06:28 PM
Whenever he gets home, I'm going to ask him to look into it. What if WE want to get something? How do we go about that? Does it take a long time to get it undone so that we can use our own credit?

It is only for new lines of credit.  You already got your new car, what else could you possibly need?!  ;)
Title: Re: Equifax breach
Post by: DeeDee on September 08, 2017, 08:00:36 PM
LOL. Yeah. He said he was going to think about it. Would rather know how long it takes to get that freeze unfrozen first. He's not in the mood to read much at the moment. Long day.
Title: Re: Equifax Data Breach Victims Could Lose Rights In One Click...
Post by: Lola on September 11, 2017, 02:34:48 PM
Quote
People who are worried about whether their personal information was compromised in the Equifax data breach may be in for another unpleasant surprise: being forced to settle claims against the credit reporting company in arbitration instead of joining forces with other wronged consumers to sue in court.

Equifax is allowing people to sign up on its website for free identity theft protection and credit file monitoring following the disclosure Thursday of the data breach, which Equifax said was detected July 29 and affected 143 million consumers.

But the credit monitoring service, through an Equifax company called Trusted ID, has a provision that limits liability to the company, and consumers who sign up for what is billed as a free service will be charged for it after a one-year trial period if they don't call the company to cancel their subscription.

The provisions, buried in the fine print of Trusted ID's terms of service, added to confusion on Friday about how much help consumers are being offered. In a broader set of terms on Equifax's website, visitors are told they must accept certain terms, including arbitration, before being permitted to register for and purchase any product from its site.
https://www.cnbc.com/2017/09/08/were-you-affected-by-the-equifax-data-breach-one-click-could-cost-you-your-rights-in-court.html
Title: Re: Equifax breach
Post by: Pookie on September 11, 2017, 09:06:28 PM
Thanks, Lola!

Quote
But the credit monitoring service, through an Equifax company called Trusted ID, has a provision that limits liability to the company, and consumers who sign up for what is billed as a free service will be charged for it after a one-year trial period if they don't call the company to cancel their subscription.

censored  >:D

Wow.  They've got kahones.
Title: Re: Equifax breach
Post by: Middle Child on September 12, 2017, 05:04:39 AM
I have yet to read anywhere a sensible answer on how to know if one's individual information has been compromised.
Title: Re: Equifax breach
Post by: DeeDee on September 12, 2017, 10:23:34 AM
I have yet to read anywhere a sensible answer on how to know if one's individual information has been compromised.

CreditKarma.com  is what we have used for years for watching everything. If someone starts using your info, it will show up there. No tricks for getting you to pay anything. They pay for themselves by giving people references to companies. Those companies only get your information if you go to them and apply.
Title: Re: Equifax breach
Post by: DeeDee on September 12, 2017, 04:16:31 PM
Should You Join Lawsuits Mushrooming In Equifax Hack?

Quote
Was Your Data Stolen?

In the first days after Equifax disclosed the data hack, people on social-media sites accused Equifax of not only endangering the financial health and peace of mind of millions of Americans, but also of forcing them to waive their right to sue the company if they wanted to find out from Equifax if their data had been among the information stolen. Critics said that the waiver came about when people logged in to use two Equifax websites. To proceed, users had to agree to the sites' terms of use, which include the waiver and the site user's consent to submit to arbitration instead.


http://www.investors.com/etfs-and-funds/personal-finance/lawsuits-mushroom-against-equifax-since-data-breach/?src=A00220&yptr=yahoo
Title: Re: Equifax breach
Post by: DeeDee on September 12, 2017, 04:19:48 PM
Equifax hack likely impacted all US adults, cybersecurity expert warns

Quote
As the number of complaints continue to rise following credit reporting agency Equifax’s massive hack last week, the scale and scope of the breach is troubling cybersecurity experts who warn nearly every adult in the United States could have been affected.

“You’re talking about a good portion of U.S. adults,” Hiep Dang, director of Product Management at Cylance and former leader of McAfee’s threat team, told FOX Business. “Conservatively, maybe 75% [of us were affected], aggressively, probably all of us.”

https://finance.yahoo.com/news/equifax-hack-likely-impacted-us-193500594.html
Title: Re: Equifax breach
Post by: Middle Child on September 12, 2017, 05:17:35 PM
Affected in what way? This is what I don't understand. This happened two months ago?  What am I supposed to see?  My fico score hasn't changed.  There have been no requests for new lines of credit under my information.  No unauthorized charges on my credit cards.

So what is any one random person supposed to do, regarding this hack?

I sometimes wonder about the truth of these things.
Title: Re: Equifax breach
Post by: DeeDee on September 12, 2017, 05:29:40 PM
Quote
There have been no requests for new lines of credit under my information.  No unauthorized charges on my credit cards.

Then count yourself lucky.

Quote
So what is any one random person supposed to do, regarding this hack?

Keep a constant eye on it, because they didn't get just a few people's information. They got A LOT of information. I mean a WHOLE lot. The people that got it will be going through things one at a time. That could take years depending on how many people got it.

Quote
I sometimes wonder about the truth of these things.

Believe it. They waited to announce the problem because their lawyers and marketing managers had to find ways to spin it to make them sound less liable.  They had to figure out how to hide the information they wanted people to ignore IF the people used the sites' to find if their information had been stolen. They were working up that legal document of terms of service with the waivers in it. They probably hoped they wouldn't get caught with their pants down on that as well.

ALL you can do is keep an eye on your history and hope nothing shows up in it--for YEARS. Because that many accounts will take the hackers YEARS to go through. Or you can do what some have said and put a freeze on your credit.

Try calling your bank for advice like Pookie did. Ask them what you should be doing because they have your accounts, and they're the ones that would best know about how your accounts could be affected.
Title: Re: Equifax breach
Post by: Pookie on September 14, 2017, 10:20:56 PM
Apparently Equifax updated their policy:

http://money.cnn.com/2017/09/11/pf/equifaxmyths/index.html?iid=EL

Quote
4. "If I take Equifax's offer for credit monitoring, I am giving up my right to sue."
No. Not anymore.

Initially, Equifax limited the legal options consumers had, but it has since updated its policy to say: "enrolling in the free credit file monitoring and identity theft protection products that we are offering as part of this cybersecurity incident does not prohibit consumers from taking legal action."

Quote
5. "I have to provide my credit card number to sign up for free monitoring."
No.

Although TrustedID is one of many credit products that Equifax offers, the company is not requesting consumers' credit card information when they sign up for the free credit-file montoring and identify theft protection.

Additionally, Equifax says in an update, people who sign up for free won't be automatically enrolled or charged after the year's service.
This is important to see in writing because Equifax (and its peer agency TransUnion) were fined in January for their deceptive marketing strategies with regard to their credit products.
Title: Re: Equifax breach
Post by: DeeDee on September 15, 2017, 09:30:32 AM
Here's where it starts getting really fun:

Quote
The Apache Struts Software Foundation said Thursday that the exploit hackers used to breach Equifax's data had been patched months before Equifax's Sept. 9 breach acknowledgement, and that "the Equifax data compromise was due to their failure to install the security updates provided in a timely manner."

https://www.bizjournals.com/atlanta/news/2017/09/14/software-company-equifax-failed-to-install-the.html

Struts is a FREE, OPEN SOURCE program that any moron wishing for really high security should never put on their computers. Just about anyone with great ideas can contribute to its programming. That's why I don't promote any kind of Open Source products except Open Office, and there's no way I'd ever promote even that to anyone that has any kind of sensitive information on their comps--like someone in the military. Open Source is great because it's free and a lot of people learn to code with it, but it opens people up to all kinds of weaknesses.

Cheap @^&  (!*#&*'s getting free programs while they're robbing the world.


https://struts.apache.org/


How Equifax hackers could file taxes in your name and get a refund from the IRS

Quote
Here’s a good reason to file your taxes early this year.

The data breach at credit bureau Equifax that may have affected 143 million U.S. adults could have lasting effects — including at tax time. If hackers gained access to the information on consumers’ credit reports, including their Social Security numbers, credit card numbers and driver’s license numbers, they could open credit accounts in consumers’ names, security experts have said.

To guard against that, the Federal Trade Commission warned consumers Friday to file their taxes early — “as soon as you have the tax information you need, before a scammer can.” Tax scams are already a problem. They have caused “thousands of people” to lose “millions of dollars and their personal information,” according to the Internal Revenue Service.

http://www.marketwatch.com/story/how-the-equifax-breach-could-impact-you-during-tax-season-2017-09-08

I don't see how anyone is going to get money out of them when you know good and well they'll just file bankruptcy. Some of them already cut bait after they found out that there was a breach, and I'm seeing some jail time for some peeps:

Quote
Three Equifax senior executives also reportedly sold nearly $1.8 million worth of shares in the days after the company discovered a major security hack and before it was announced publicly. At least three senators have criticized Equifax's missteps, with Sen. Heidi Heitkamp saying the executives should face jail time for alleged insider trading.

https://www.bizjournals.com/atlanta/news/2017/09/14/software-company-equifax-failed-to-install-the.html

Continued in next post. . .
Title: Re: Equifax breach
Post by: DeeDee on September 15, 2017, 09:30:54 AM
Equifax facing more than 30 lawsuits in the U.S. after data breach affecting 143M

Quote
More than 30 lawsuits have been filed in the United States against Equifax Inc (NYSE: EFX) in the wake of the Atlanta-based credit reporting company's announcement last week that thieves may have stolen personal information for 143 million Americans.

At least 25 lawsuits had been filed in federal courts by Sunday, including at least one accusing the company of securities fraud, according to court records reported by Reuters. Several more lawsuits were filed against Equifax on Monday. Similar claims would likely be combined into a single nationwide case.

https://www.bizjournals.com/atlanta/news/2017/09/12/equifax-facing-more-than-30-lawsuits-in-the-u-s.html


I hope none of these other little companies use Open Source code for security:

There are hundreds of companies besides Equifax tracking what you do

Quote
It's not just the 'Big 3' — There are hundreds of credit reporting firms 

Consumers finding that their personal data may have been exposed in the massive Equifax cyberattack might be surprised to learn how many companies have access to different bits of their personal information.

The credit-reporting company announced last week that the personal information of over 140 million Americans could have been accessed by hackers between May and July. Why is that number so big? Equifax is one of the "Big Three" credit reporting companies operating in the U.S. TransUnion and Experian are the other big ones.

Their businesses are based on getting customer data from banks, which allows them to track things like whether you've been paying your mortgage, your credit card or auto loan.

They track checking and savings accounts, too, in case you've been bouncing checks. These companies have all the data anybody would need to steal your identity: name, Social Security number, date of birth, etc. And it's all given to them by third parties, not the customers themselves. There's no opting out, though you can take some steps to secure your information.

But it goes way beyond those "Big Three" companies.

There are literally hundreds of smaller consumer-reporting companies operating in the U.S. and the smaller ones are collecting information you might not expect. The Consumer Financial Protection Bureau maintains a self-reported list of the companies.

https://www.cnbc.com/2017/09/14/there-are-hundreds-of-companies-besides-equifax-tracking-what-you-do.html

The end of that part.
Title: Re: Equifax breach
Post by: DeeDee on September 15, 2017, 09:32:22 AM
Credit Karma sent me this email last night:

Credit Karma

&*&*&*&: Monitor Your Credit After the Equifax Breach

Hi &*&*&*&,

You might have heard about the recent Equifax data breach, which affects about 143 million people. Whether you’re part of that group or not, we want you to know we have your back.

You’re already enrolled in free credit monitoring, so we’ll let you know if we see changes on your credit reports. We’re also accelerating our plans to expand our credit monitoring services, and we’ll be introducing more alerts in the next few weeks.

We recommend checking your reports today to make sure everything looks right.
Title: Re: Equifax breach
Post by: Pookie on September 15, 2017, 10:38:37 AM
I didn't realize that it's not just the credit freeze/unfreeze fees that vary by state.  It's also the length of the freeze.  Yup, depending on where you live, you can add a credit freeze, but it could expire at a certain time, based on state law.

http://www.creditcards.com/credit-card-news/credit-card-freeze-data-1276.php#NJ

The above is from 2007, so if someone finds something more recent, please feel free to post it here.

Dee, thanks for all of the information.  It just disgusts me that various companies can collect our personal information, and we don't have any control over it.  But if they get hacked and OUR information gets stolen, it's OUR lives that can be ruined.  It's absurd and, IMO, just wrong.  They want my information?  They should have to get my permission first.  No ifs, ands or buts.

P.S.  Dee, do you have to use a phone/app in order to receive stuff from CreditKarma?  Or can us low-tech folks do it the "old-fashioned" way:  via email?
Title: Re: Equifax breach
Post by: DeeDee on September 15, 2017, 11:07:33 AM


P.S.  Dee, do you have to use a phone/app in order to receive stuff from CreditKarma?  Or can us low-tech folks do it the "old-fashioned" way:  via email?

I don't even know if there's an app for that.  :-\  If there were, we still wouldn't use it. 

We signed up on our computers years ago, and we've always accessed it via our computers. We get emails, but then we never access the site through email. We always open a new window and type in "Creditkarma.com." Entering sites through email is just too risky.

As far as our existing accounts in BankOfAmerica goes, hubs gets warnings through email on his phone; but, again, we only access those accounts through our computers and only by typing in the address into a new window. (When someone tried to use our CC earlier this year, he called me as soon as he got the email-alert, and I signed into the account on my computer to start the fraud process.)

We both have Firefox set up for any type of business use. We have it set where as soon as we close it, it deletes all Internet history. We never check into more than one account at a time in it. Open Firefox, do something in only one site, close it.
Title: Re: Equifax breach
Post by: Lola on September 18, 2017, 07:29:36 PM
Find out if you were POSSIBLY affected...

https://www.equifaxsecurity2017.com/potential-impact/
Title: Re: Equifax breach
Post by: Pookie on September 18, 2017, 08:05:53 PM
Find out if you were POSSIBLY affected...

https://www.equifaxsecurity2017.com/potential-impact/

It REEEEAAAALLLLY makes me nervous that you have to enter the last 6 digits of your SSN.  sarcasmalert Sure, they've already been hacked, let's put more of our private info out there on the web, even if it's a partial number.

Sorry, Lola, I don't mean to sound snide about your post.  I'm just really peeved about this whole thing.  But thanks for sharing that link.   Hug1
Title: Re: Equifax breach
Post by: Lola on September 19, 2017, 05:37:26 PM

Sorry, Lola, I don't mean to sound snide about your post.  I'm just really peeved about this whole thing.  But thanks for sharing that link.   Hug1

Noooooo problem.  I don't have any faith that the link above really gave adequate info, as far as whether or not I was affected by the hack. 
Title: Re: Equifax breach
Post by: Pookie on September 20, 2017, 09:06:48 PM
Some good info. in this article:  https://www.yahoo.com/finance/news/credit-freeze-wont-help-equifax-232749199.html

It goes into other ways your information can be used, such as someone collecting your Social Security, your tax refunds, your health insurance, and how they can use your driver's license.

Soooooooo not happy about this whole cluster.  >:D
Title: Re: Equifax breach
Post by: Pookie on September 21, 2017, 10:24:19 PM
Oh, fer cryin' out loud!

https://www.yahoo.com/finance/news/experian-makes-easy-someone-undo-190300127.html

Quote
Experian makes it easy for someone to undo your credit freeze

Turns out Equifax isn't the only credit reporting agency with garbage security, which probably shouldn't come as a surprise at this point. As Brian Krebs reports on his security news website, Experian has a few issues too, namely some incredibly lax barriers to obtaining a PIN used to unlock a credit freeze. 

ARGH!   bangshead bangshead bangshead bangshead bangshead bangshead bangshead bangshead bangshead bangshead

Do any of these places have any clue how what security actually means?!?!?!
Title: Re: Equifax breach
Post by: DeeDee on September 21, 2017, 10:37:51 PM


Do any of these places have any clue how what security actually means?!?!?!

Nope. As the evolution of the Internet continues, nothing is sacred anymore. Why I said we'll just wait for a good lawsuit.
Title: Re: Equifax breach
Post by: Pookie on September 22, 2017, 02:26:13 PM
Nope. As the evolution of the Internet continues, nothing is sacred anymore. Why I said we'll just wait for a good lawsuit.

Only problem with that is a point you brought up earlier:  they can just file for bankruptcy, and then we're all SOL.  >:(
Title: Re: Equifax breach
Post by: DeeDee on September 22, 2017, 02:57:49 PM
Only problem with that is a point you brought up earlier:  they can just file for bankruptcy, and then we're all SOL.  >:(

I figure that if I got the woman that used my information for medical bills before, I'll find anyone else that might get it now. Will be going after them and every single asset they hold.
Title: Re: Equifax breach
Post by: Pookie on September 22, 2017, 09:44:10 PM
I figure that if I got the woman that used my information for medical bills before, I'll find anyone else that might get it now. Will be going after them and every single asset they hold.

Oh, I thought you meant suing Equifax.   :-[  My bad.