Yesterday Equifax broke the news hackers gained access to the Social Security numbers and other sensitive personal information for 143 million Americans (a group that apparently includes me, my husband, our daughter and probably you).
Because that wasn’t enough, today the outrages just continued:
- The breach was discovered at the end of July. What was Equifax doing in the meantime? Well, its executives sold about $2 million worth of company shares, The Washington Post reports.
- The same day the breach was announced, Congress scheduled a hearing on a bill to shield the bureaus from full accountability from their actions.
- Equifax offered free credit monitoring for a year, but didn’t make clear whether its usual binding arbitration language applied. So were people waiving their right to sue over the breach? Equifax wouldn’t say, until the New York Attorney General demanded and got an answer: the binding arbitration clause applies to the monitoring product, not the breach. Just in case, after signing up I sent this letter using Equifax’s opt out clause to (hopefully) preserve our right to sue.
- Credit monitoring doesn’t prevent anything; it just notifies you after you’ve been victimized. Equifax is also offering free credit freezes, which prevent others from opening accounts in your name. Well, it was supposed to be free; some journalists reported they were charged $3.
- Experian and TransUnion aren’t offering free anything. To shut down your credit, you need freezes at all three bureaus. The others are charging $3 to $10 each, plus additional fees if you need to temporarily lift the freeze to apply for credit, a job, insurance, cell phone service, utilities, an apartment, etc. Oh, and freezes won’t help with other types of crime, such as medical and criminal ID theft or blackmail. (The hack is a potential national security threat, according to experts quoted by the New York Times.)
- Oh, and when victims try to enroll in credit monitoring, Equifax tells them to come back in a few days. Because, apparently, they’re kind of busy.
- In fact, all three bureaus’ Web sites were having trouble under the deluge of requests. Sites were freezing and offering error messages; people were getting busy signals or being kicked off calls.
There was no way to make this breach better, but clearly there were plenty of ways to make it worse.
Josh Stompro says
Liz, have you seen the reports that the site that is supposed to check to see if you were part of the breach is actually handing out random data?
https://techcrunch.com/2017/09/08/psa-no-matter-what-you-write-equifax-may-tell-you-youve-been-impacted-by-the-hack/
Liz Weston says
Yes, but I think you can just assume you were among the victims, given the odds.
Bill says
I have tried twice to place a freeze on my Equifax account. Both times I got a system error with a “Please try again later” message.
Liz Weston says
The bureaus’ sites were overwhelmed with these requests. They seem to be operating more normally now.