bitflipper
01100010 01101001 01110100 01100110 01101100 01101
- Total Posts : 26036
- Joined: 2006/09/17 11:23:23
- Location: Everett, WA USA
- Status: offline
Equifax
You've probably already heard that Equifax was hacked and sensitive personal data was stolen for 143 million Americans (half of all U.S. adults), and that Equifax has kindly offered their Trusted ID credit monitoring service for free to help mitigate this disaster. Here are a few things you might not have heard... The breech happened in May. They didn't discover it until July. They didn't admit it publicly until September. The first gap shows incompetence, the second gap reveals malfeasance. Four days after the discovery, and long before the incident was made public, three Equifax executives sold $2 million in Equifax stock, including the company's CFO. Here in the U.S. that's called insider trading, which means making stock trades based on information not available to the suckers who bought that stock. It's fraudulent and you can go to prison for it (see Martha Stewart). Even if it is just a white-collar prison with tennis courts. Will that even happen? Not likely. Before you sign up for the "free" monitoring service, read the fine print: by doing so, you waive your right to sue Equifax. There is currently a $70 billion class action lawsuit in progress. If you are one of the people whose information was compromised (as I am) then you will likely be entitled to monetary damages. It won't be enough to compensate you for the yacht somebody in Romania bought with your credit card, but it'll at least be a slap in the face to Equifax. These people lost personal information that you never agreed to give them in the first place. You will be under increased threat of identity theft for life, because while you can change passwords and close accounts you cannot change your Social Security number, birthdate or driver's license number. That information has most likely already been sold on the black market. Think you're safe because you don't live in the U.S.? Many of the compromised records were for UK and Canadian citizens, too.
All else is in doubt, so this is the truth I cling to. My Stuff
|
henkejs
Max Output Level: -81 dBFS
- Total Posts : 489
- Joined: 2004/10/31 13:14:15
- Location: Seattle, WA
- Status: offline
Re: Equifax
2017/09/09 15:10:08
(permalink)
☄ Helpfulby jude77 2017/10/22 20:29:25
I've read some discussion of whether the mediation clause will prove enforceable. Of course, lawyers on both sides will make plenty of money while this is sorted out. On the apparent cases of insider trading, I'll be astonished if charges are brought against the Equifax executives.
A few of my songs SONAR Platinum, Cakewalk by BandLab, Windows 10, Focusrite Scarlett 6i6.
|
Mitch_I
Max Output Level: -86 dBFS
- Total Posts : 212
- Joined: 2003/11/09 12:03:19
- Status: offline
Bit, Great summary of the situation. I was curious to find out whether I was affected, so I went to their site and entered my last name and the last six digits of my SSN. (Now I'm wondering whether I should have done that.) The answer was that I wasn't affected. To my surprise, an Enroll button appeared. What a nerve. In the middle of this scandal, they ask me to sign up and give them my information. Mitch I.
|
drewfx1
Max Output Level: -9.5 dBFS
- Total Posts : 6585
- Joined: 2008/08/04 16:19:11
- Status: offline
I don't understand in the first place why companies are allowed to profit from selling information about ME without my permission and without giving me a piece of the action.
In order, then, to discover the limit of deepest tones, it is necessary not only to produce very violent agitations in the air but to give these the form of simple pendular vibrations. - Hermann von Helmholtz, predicting the role of the electric bassist in 1877.
|
craigb
Max Output Level: 0 dBFS
- Total Posts : 41704
- Joined: 2009/01/28 23:13:04
- Location: The Pacific Northwestshire
- Status: offline
All of what Dave said, plus watch any recently closed credit accounts you may have. Most times, if you make a charge against one, it automatically reopens and you won't even know it until much later. If this was done by a foreign country or a group of professionals, there may be NO effect for 5-10 years then, as Dave pointed out, since your birth date and Social Security Number don't change, they can start using those then. Plus, there's a LOT of spending habit and other personal information that could be mined. Hmm... I think I'll hack the required systems and change my SSN and birth date. I want to be younger anyway, ya?
Time for all of you to head over to Beyond My DAW!
|
DrLumen
Max Output Level: -78 dBFS
- Total Posts : 621
- Joined: 2005/07/05 20:11:34
- Location: North Texas
- Status: offline
drewfx1 I don't understand in the first place why companies are allowed to profit from selling information about ME without my permission and without giving me a piece of the action.
Exactly. In my not so humble opinion, what they are doing should be illegal.
-When the going gets weird, the weird turn pro.
Sonar Platinum / Intel i7-4790K / AsRock Z97 / 32GB RAM / Nvidia GTX 1060 6GB / Behringer FCA610 / M-Audio Sport 2x4 / Win7 x64 Pro / WDC Black HDD's / EVO 850 SSD's / Alesis Q88 / Boss DS-330 / Korg nanoKontrol / Novation Launch Control / 14.5" Lava Lamp
|
DrLumen
Max Output Level: -78 dBFS
- Total Posts : 621
- Joined: 2005/07/05 20:11:34
- Location: North Texas
- Status: offline
Yes, the nerve of them wanting us to sign up (giving more info to another one of their potentially insecure web sites) for credit monitoring. Then in a year, start charging us for their mistake. Metaphorically speaking, the CFPB should rape equifax, chop them off at the ankles and bury them in a shallow grave. Equifax has shown nothing but indifference, incompetence and criminal negligence.
-When the going gets weird, the weird turn pro.
Sonar Platinum / Intel i7-4790K / AsRock Z97 / 32GB RAM / Nvidia GTX 1060 6GB / Behringer FCA610 / M-Audio Sport 2x4 / Win7 x64 Pro / WDC Black HDD's / EVO 850 SSD's / Alesis Q88 / Boss DS-330 / Korg nanoKontrol / Novation Launch Control / 14.5" Lava Lamp
|
DrLumen
Max Output Level: -78 dBFS
- Total Posts : 621
- Joined: 2005/07/05 20:11:34
- Location: North Texas
- Status: offline
Ugh, double post. Time to get a new mouse.
-When the going gets weird, the weird turn pro.
Sonar Platinum / Intel i7-4790K / AsRock Z97 / 32GB RAM / Nvidia GTX 1060 6GB / Behringer FCA610 / M-Audio Sport 2x4 / Win7 x64 Pro / WDC Black HDD's / EVO 850 SSD's / Alesis Q88 / Boss DS-330 / Korg nanoKontrol / Novation Launch Control / 14.5" Lava Lamp
|
auto_da_fe
Max Output Level: -56.5 dBFS
- Total Posts : 1866
- Joined: 2004/08/04 21:32:18
- Status: offline
Wow I was compromised. Until I see more details I may or may nor enroll. That may explain why 6 months ago I got a citibank card that I never applied for. I got put on an immediate 6 month watch. That may also explain why almost every new on line purchase I make is held up until I respond to a text message. As long as I have my phone next to me it all goes pretty well. This internet thing is going to be the end of us. JR
HP DV6T - 2670QM, 8 GB RAM, Sonar Platypus, Octa Capture, BFD2 & Jamstix3, Komplete 10 and Komplete Kontrol Win 10 64 SLS PS8R Monitors and KRK Ergo https://soundcloud.com/airportface
|
auto_da_fe
Max Output Level: -56.5 dBFS
- Total Posts : 1866
- Joined: 2004/08/04 21:32:18
- Status: offline
Wow I was compromised. Until I see more details I may or may nor enroll. That may explain why 6 months ago I got a citibank card that I never applied for. I got put on an immediate 6 month watch. That may also explain why almost every new on line purchase I make is held up until I respond to a text message. As long as I have my phone next to me it all goes pretty well. This internet thing is going to be the end of us. JR
HP DV6T - 2670QM, 8 GB RAM, Sonar Platypus, Octa Capture, BFD2 & Jamstix3, Komplete 10 and Komplete Kontrol Win 10 64 SLS PS8R Monitors and KRK Ergo https://soundcloud.com/airportface
|
craigb
Max Output Level: 0 dBFS
- Total Posts : 41704
- Joined: 2009/01/28 23:13:04
- Location: The Pacific Northwestshire
- Status: offline
I'm affected, my Mom is not. No, I won't be enrolling.
Time for all of you to head over to Beyond My DAW!
|
MandolinPicker
Max Output Level: -76 dBFS
- Total Posts : 720
- Joined: 2003/11/05 18:51:51
- Location: Oxford, AL
- Status: offline
Affected here as well. One thing you can do is put in for a credit freeze. Once a freeze is in place, no one (including you) can open a new line of credit unless you provide the pin to unlock it. When you do provide the pin, you can specify who the information should be provided to. Beware it might cost you a few bucks (for three of the companies it was $10 each, one provided the freeze for free), but it can go a long way to prevent someone from opening any new accounts in your name. One other thing - if you have children, check their credit ratings. As all kids now have to have a SSN by the time they are 1 year old, they are prime candidates to have fraudulent accounts opened in their name. After all, who checks the credit report of a 6-year old!?! Sometimes these fraudulent accounts aren't found until the kid is getting ready for college, and their credit is ruined before they ever get started. Also, a couple more things to show how 'nice' Equifax is - The website www.equifaxsecurity2017.com/, which Equifax created to notify people of the breach, is highly problematic for a variety of reasons. It runs on a stock installation WordPress, a content management system that doesn't provide the enterprise-grade security required for a site that asks people to provide their last name and all but three digits of their Social Security number. The TLS certificate doesn't perform proper revocation checks. Worse still, the domain name isn't registered to Equifax, and its format looks like precisely the kind of thing a criminal operation might use to steal people's details. It's no surprise that Cisco-owned Open DNS was blocking access to the site and warning it was a suspected phishing threat.
https://arstechnica.com/information-...nal-info-ever/ - If your credit is compromised, Equifax will not help you straighten it out. "We do not offer, provide, or furnish any products, or any advice, counseling, or assistance, for the express or implied purpose of improving your credit record, credit history, or credit rating," the company in its 7,200-word terms and conditions. "By this we mean that we do not claim we can 'clean up' or 'improve' your credit record, credit history, or credit rating."
http://money.cnn.com/2017/09/08/tech...ces/index.html
And in the end, you simply have no choice but to continue to use these companies. If you want a car, a house, a loan of any type, you have to submit your information to them.
The Mandolin Picker "Bless your hearts... and all your vital organs" - John Duffy "Got time to breath, got time for music!"- Briscoe Darling, Jr. Windows 8.1, Sonar Platinum (64-bit), AMD FX 6120 Six-Core, 10GB RAM
|
drewfx1
Max Output Level: -9.5 dBFS
- Total Posts : 6585
- Joined: 2008/08/04 16:19:11
- Status: offline
MandolinPicker And in the end, you simply have no choice but to continue to use these companies. If you want a car, a house, a loan of any type, you have to submit your information to them.
You don't have to do anything. The problem is that they created a system that in the modern world is beyond idiotic - it relies on a "secret" SSN that you are basically forced to give to any number of people and then they make it mostly your problem if this "secret" number (along with a few other pieces of not exactly secure info) gets out and is misused. The obvious solution is actually quite simple - the government just needs to publish everyone's SSN publicly immediately so that none of these idiots will continue to pretend that it's somehow a secure identifier. That would force them into doing what they need to do - setting up a much more secure system for establishing identity that doesn't rely on a "secret" number that we've basically all given to every workplace, financial company, medical facility, school and all kinds of other places over the years.
In order, then, to discover the limit of deepest tones, it is necessary not only to produce very violent agitations in the air but to give these the form of simple pendular vibrations. - Hermann von Helmholtz, predicting the role of the electric bassist in 1877.
|
bapu
Max Output Level: 0 dBFS
- Total Posts : 86000
- Joined: 2006/11/25 21:23:28
- Location: Thousand Oaks, CA
- Status: offline
I want them to increase my Credit Score by 173 points.
|
bitflipper
01100010 01101001 01110100 01100110 01101100 01101
- Total Posts : 26036
- Joined: 2006/09/17 11:23:23
- Location: Everett, WA USA
- Status: offline
When Social Security was first introduced, a lot of people were suspicious that it was a government plot to institute a universal identity card. So the cards used to say right on them "not for purposes of identification". They don't say that anymore.
All else is in doubt, so this is the truth I cling to. My Stuff
|
soens
Max Output Level: -23.5 dBFS
- Total Posts : 5154
- Joined: 2005/09/16 03:19:55
- Location: Location: Location
- Status: offline
The down side is "you" don't use reporting agencies. Banking and credit institutions report you activity to them. So whether you like it or not they have your information. bitflipper It's fraudulent and you can go to prison for it (see Martha Stewart).
On the bright side ( ), because her actions were so highly publicized, Martha Stewart's stock tripled in 6 months of her incarceration. Prudent investors who bought into it at the start came out on top. Can't see that happening here. auto_da_fe This internet thing is going to be the end of us.
You have no idea!
|
craigb
Max Output Level: 0 dBFS
- Total Posts : 41704
- Joined: 2009/01/28 23:13:04
- Location: The Pacific Northwestshire
- Status: offline
bitflipper When Social Security was first introduced, a lot of people were suspicious that it was a government plot to institute a universal identity card. So the cards used to say right on them "not for purposes of identification". They don't say that anymore.
No, actually it was a government plot to institute an illegal multi-level pyramid scheme that benefits the early adopters and screws the later generations (like mine). I've paid a ton in and, it's a good bet, there won't be anything left when I hit their so-called (and moving target) retirement age. [conspiracy rant] Almost makes me wonder if it wasn't someone in our own government that hacked Equifax so they can use the information against us... [/conspiracy rant]
Time for all of you to head over to Beyond My DAW!
|
MandolinPicker
Max Output Level: -76 dBFS
- Total Posts : 720
- Joined: 2003/11/05 18:51:51
- Location: Oxford, AL
- Status: offline
craigb [conspiracy rant] Almost makes me wonder if it wasn't someone in our own government that hacked Equifax so they can use the information against us... [/conspiracy rant]
They don't need to hack Equifax - they already got all that info and more at the NSA!!
The Mandolin Picker "Bless your hearts... and all your vital organs" - John Duffy "Got time to breath, got time for music!"- Briscoe Darling, Jr. Windows 8.1, Sonar Platinum (64-bit), AMD FX 6120 Six-Core, 10GB RAM
|
craigb
Max Output Level: 0 dBFS
- Total Posts : 41704
- Joined: 2009/01/28 23:13:04
- Location: The Pacific Northwestshire
- Status: offline
Maybe I should ask the NSA for my credit score now?
Time for all of you to head over to Beyond My DAW!
|
bapu
Max Output Level: 0 dBFS
- Total Posts : 86000
- Joined: 2006/11/25 21:23:28
- Location: Thousand Oaks, CA
- Status: offline
craigb Maybe I should ask the NSA for my credit score now?
They already know you want it.
|
MandolinPicker
Max Output Level: -76 dBFS
- Total Posts : 720
- Joined: 2003/11/05 18:51:51
- Location: Oxford, AL
- Status: offline
This just seems to be getting worse and worse. If you went to the Equifax and were told that you weren't affected, well, it probably isn't correct. It seems that the web site simply gives random answers. - Those hoping to find out if their Social Security number and other identifying info was stolen, along with a potential 143 million other American’s data won’t find answers from Equifax. In what is an unconscionable move by the credit report company, the checker site, hosted by Equifax product TrustID, seems to be telling people at random they may have been affected by the data breach.
https://techcrunch.com/20...08/ps...d-by-the-hack/- Also, if you have a credit freeze on your account at Equifax, turns out the PIN is just a date/time stamp. And it appears that they have been using this for well over a decade.
https://twitter.com/webst...tus/906638411930497029 Every time there is a data breech, it always takes a while before the full scope of the damage is known. Given the damaging information being released just in the first couple days, one has to wonder just how bad this will be when everything is finally known.
The Mandolin Picker "Bless your hearts... and all your vital organs" - John Duffy "Got time to breath, got time for music!"- Briscoe Darling, Jr. Windows 8.1, Sonar Platinum (64-bit), AMD FX 6120 Six-Core, 10GB RAM
|
DrLumen
Max Output Level: -78 dBFS
- Total Posts : 621
- Joined: 2005/07/05 20:11:34
- Location: North Texas
- Status: offline
If you don't want to pay or go the hassle of a credit freeze you can file a fraud alert with the credit bureaus. It is free but it only lasts for 90 days. It does roughly the same as a credit freeze. I keep resubmitting about every 90 days. Supposedly, if you file a fraud alert with one, they send it to the other two automatically. As to the NSA, they don't really need to keep our info as there are other public companies that compile info. Companies like Lexis Nexus or Reed Elsevier did it at one time. They may still do but not publicly advertise it. They compile all public records, marriage/divorce certificates, real estate transactions, child births, car accidents, arrest, convictions, insurance claims, where you work, where you lived, phone numbers, ... An unworldly amount of personal data. While they (supposedly) don't keep credit records as such, they could probably back engineer them if needed. I'm sure if the NSA wanted that data they could get it easily or perhaps have a back door into those databases.
-When the going gets weird, the weird turn pro.
Sonar Platinum / Intel i7-4790K / AsRock Z97 / 32GB RAM / Nvidia GTX 1060 6GB / Behringer FCA610 / M-Audio Sport 2x4 / Win7 x64 Pro / WDC Black HDD's / EVO 850 SSD's / Alesis Q88 / Boss DS-330 / Korg nanoKontrol / Novation Launch Control / 14.5" Lava Lamp
|
bitflipper
01100010 01101001 01110100 01100110 01101100 01101
- Total Posts : 26036
- Joined: 2006/09/17 11:23:23
- Location: Everett, WA USA
- Status: offline
MandolinPicker If you went to the Equifax and were told that you weren't affected, well, it probably isn't correct. It seems that the web site simply gives random answers.
One writer entered a made-up name and a random SSN, and the website came back "you are affected". I wouldn't put too much stock in that feature. It wasn't a general breach of the central database, but specific files that were stolen. I'm not sure they even know which ones. There is some good news, however. Bowing to the pressure from legal experts, Equifax has now stated that the mandatory arbitration clause does not apply to this particular situation, so even if you signed up for their Trusted ID program you will still be able to participate in the lawsuit.
All else is in doubt, so this is the truth I cling to. My Stuff
|
drewfx1
Max Output Level: -9.5 dBFS
- Total Posts : 6585
- Joined: 2008/08/04 16:19:11
- Status: offline
Good news would be if people using the sort of information that was compromised stopped using it. It would seem to me that companies could/should be found negligent at this point if they are using massively compromised information to open accounts and whatnot and that has a negative implications for consumers.
In order, then, to discover the limit of deepest tones, it is necessary not only to produce very violent agitations in the air but to give these the form of simple pendular vibrations. - Hermann von Helmholtz, predicting the role of the electric bassist in 1877.
|
bapu
Max Output Level: 0 dBFS
- Total Posts : 86000
- Joined: 2006/11/25 21:23:28
- Location: Thousand Oaks, CA
- Status: offline
Maybe it was the Russians thinking they were getting into a voting machine.
|
craigb
Max Output Level: 0 dBFS
- Total Posts : 41704
- Joined: 2009/01/28 23:13:04
- Location: The Pacific Northwestshire
- Status: offline
My FICO score through Equifax went down a staggering 60+ points. The others are still up where they were. Wonderful.
Time for all of you to head over to Beyond My DAW!
|
bitflipper
01100010 01101001 01110100 01100110 01101100 01101
- Total Posts : 26036
- Joined: 2006/09/17 11:23:23
- Location: Everett, WA USA
- Status: offline
Personally, I think Equifax should go down for this. Out of business. Gone. Sued into oblivion. Of course, I felt the same way about Jack in the Box after they killed a bunch of people. Yet they remain.
All else is in doubt, so this is the truth I cling to. My Stuff
|
MandolinPicker
Max Output Level: -76 dBFS
- Total Posts : 720
- Joined: 2003/11/05 18:51:51
- Location: Oxford, AL
- Status: offline
bitflipper Personally, I think Equifax should go down for this. Out of business. Gone. Sued into oblivion.
Very much agree. It would also be a warning to others to start taking their responsibility of safeguarding personal information seriously. But alas, I doubt little will happen.....
The Mandolin Picker "Bless your hearts... and all your vital organs" - John Duffy "Got time to breath, got time for music!"- Briscoe Darling, Jr. Windows 8.1, Sonar Platinum (64-bit), AMD FX 6120 Six-Core, 10GB RAM
|
drewfx1
Max Output Level: -9.5 dBFS
- Total Posts : 6585
- Joined: 2008/08/04 16:19:11
- Status: offline
MandolinPicker
bitflipper Personally, I think Equifax should go down for this. Out of business. Gone. Sued into oblivion.
Very much agree. It would also be a warning to others to start taking their responsibility of safeguarding personal information seriously. But alas, I doubt little will happen.....
The core of the problem is all of the supposedly personal information is widely known because we have had to give it to everyone repeatedly over a period of decades. It's a charade to think that information is secret or personal and thus somehow uniquely identifies anyone or can be safeguarded. That's why I say the government should just publish everyone's SSN immediately - it's a charade anyway, so let's just be done with it and force everyone to stop pretending. Now. I'll go even further - "identity theft" is a charade too. It's not that it doesn't happen with horrible consequences for people - it's that if certain information is commonly compromised then one can't pretend that information ever established anyone's identity in the first place.
In order, then, to discover the limit of deepest tones, it is necessary not only to produce very violent agitations in the air but to give these the form of simple pendular vibrations. - Hermann von Helmholtz, predicting the role of the electric bassist in 1877.
|
craigb
Max Output Level: 0 dBFS
- Total Posts : 41704
- Joined: 2009/01/28 23:13:04
- Location: The Pacific Northwestshire
- Status: offline
So, basically you're saying, that we really can't be sure when the "real" Bapu posts here, ya?
Time for all of you to head over to Beyond My DAW!
|