This just seems to be getting worse and worse. If you went to the Equifax and were told that you weren't affected, well, it probably isn't correct. It seems that the web site simply gives random answers.

• Those hoping to find out if their Social Security number and other identifying info was stolen, along with a potential 143 million other American’s data won’t find answers from Equifax. In what is an unconscionable move by the credit report company, the checker site, hosted by Equifax product TrustID, seems to be telling people at random they may have been affected by the data breach.

 https://techcrunch.com/20...08/ps...d-by-the-hack/

• Also, if you have a credit freeze on your account at Equifax, turns out the PIN is just a date/time stamp. And it appears that they have been using this for well over a decade.

 https://twitter.com/webst...tus/906638411930497029
 
Every time there is a data breech, it always takes a while before the full scope of the damage is known. Given the damaging information being released just in the first couple days, one has to wonder just how bad this will be when everything is finally known.

If you don't want to pay or go the hassle of a credit freeze you can file a fraud alert with the credit bureaus. It is free but it only lasts for 90 days. It does roughly the same as a credit freeze. I keep resubmitting about every 90 days. Supposedly, if you file a fraud alert with one, they send it to the other two automatically.
 
As to the NSA, they don't really need to keep our info as there are other public companies that compile info. Companies like Lexis Nexus or Reed Elsevier did it at one time. They may still do but not publicly advertise it. They compile all public records, marriage/divorce certificates, real estate transactions, child births, car accidents, arrest, convictions, insurance claims, where you work, where you lived, phone numbers, ... An unworldly amount of personal data. While they (supposedly) don't keep credit records as such, they could probably back engineer them if needed. I'm sure if the NSA wanted that data they could get it easily or perhaps have a back door into those databases.

MandolinPicker
If you went to the Equifax and were told that you weren't affected, well, it probably isn't correct. It seems that the web site simply gives random answers.

One writer entered a made-up name and a random SSN, and the website came back "you are affected". I wouldn't put too much stock in that feature. It wasn't a general breach of the central database, but specific files that were stolen. I'm not sure they even know which ones.
 
There is some good news, however. Bowing to the pressure from legal experts, Equifax has now stated that the mandatory arbitration clause does not apply to this particular situation, so even if you signed up for their Trusted ID program you will still be able to participate in the lawsuit.

Good news would be if people using the sort of information that was compromised stopped using it.
 
It would seem to me that companies could/should be found negligent at this point if they are using massively compromised information to open accounts and whatnot and that has a negative implications for consumers.

Maybe it was the Russians thinking they were getting into a voting machine.

My FICO score through Equifax went down a staggering 60+ points.  The others are still up where they were.  Wonderful.

Personally, I think Equifax should go down for this. Out of business. Gone. Sued into oblivion.
 
Of course, I felt the same way about Jack in the Box after they killed a bunch of people. Yet they remain.

bitflipper
Personally, I think Equifax should go down for this. Out of business. Gone. Sued into oblivion.

Very much agree. It would also be a warning to others to start taking their responsibility of safeguarding personal information seriously. But alas, I doubt little will happen.....

MandolinPicker

bitflipper
Personally, I think Equifax should go down for this. Out of business. Gone. Sued into oblivion.

Very much agree. It would also be a warning to others to start taking their responsibility of safeguarding personal information seriously. But alas, I doubt little will happen.....

The core of the problem is all of the supposedly personal information is widely known because we have had to give it to everyone repeatedly over a period of decades. It's a charade to think that information is secret or personal and thus somehow uniquely identifies anyone or can be safeguarded. That's why I say the government should just publish everyone's SSN immediately - it's a charade anyway, so let's just be done with it and force everyone to stop pretending. Now.
 
I'll go even further - "identity theft" is a charade too. It's not that it doesn't happen with horrible consequences for people - it's that if certain information is commonly compromised then one can't pretend that information ever established anyone's identity in the first place.

So, basically you're saying, that we really can't be sure when the "real" Bapu posts here, ya?