The breach was bad enough but Equifax's response to the breach is deplorable. If you go to their site for the breach, they just give you the "opportunity" to sign up for a credit monitoring service at some future date. They don't even bother to acknowledge that your data has been compromised. And guess who provides this wonderful credit monitoring service? Equifax! Equifax is treating this breach like a business opportunity. Yep, they just signed up 143 million new customers for their credit monitoring service and they will no doubt convert some of those customers to paying customers after the first year of free service. Also note the following quote from the "Los Angeles Times" (Michael Hiltzik) "Even worse, the TrustedID terms of service state that enrollees give up their right to sue Equifax and prevents them from filing or joining a class action in the case of any dispute — they’ll have to go to arbitration as individuals, which almost always places consumers at a disadvantage."
Furthermore, this breach more than a credit risk exposure. The compromised data is the key to most of your financial accounts: bank accounts, broker accounts, Social Security, pensions, etc.. If you need to reset your password for an account, what data do companies use to validate your identity? They use the same data that was exposed in this breach: birth date, social security number, and address. Even if email addresses and phone numbers were not exposed in this breach, that data can be derived from cross referencing public databases with names and addresses that were included in the breach. Also, just using the data that was compromised, anyone could file a fraudulent tax return for a tax refund.
Most of the major breaches in the past have involved credit card numbers, email addresses, or passwords. OK, I can fix that by cancelling a credit card, changing my email address, or changing a password. Is Equifax going to issue me a new Social Security number and birth date? I think not so the risk caused by this breach will follow me for the rest of my life.
In a nutshell, here is Equifax's response to this breach: We gave away the keys to your financial assets for your entire life so we are compensating you by providing a credit monitoring service free for one year. Wow, what a deal.
In case you haven't figured this out yet, I'm mad as hell about this breach. I've spent many hours of my life protecting my identity by shredding documents, limiting exposure to personal data (not publicly listing birth date, phone numbers, or email addresses), monitoring credit reports, and securing accounts with complex passwords. Now, thanks to Equifax, all of that effort was for naught. Millions of Americans have been digitally exposed, naked so to speak, thanks to Equifax. I hope this breach bankrupts them. That would be an appropriate punishment because they have exposed millions of Americans to the same risk.
/www.equifaxsecurity2017.com/potential-impact/ shows up as UNSAFE in Chrome.
Facebook
Twitter