By now, everyone has heard about the appalling data breach of Equifax, it is the largest breach of sensitive information in U.S. history. Not only does this breach involve more than 58% of the adult population, its ramifications are tremendous. The result of this breach will haunt everyone over the age of 18 years old at the time of the breach for decades to come.
The information that was stolen has far reaching implications far more than just credit purposes, it has perpetual value to would-be criminals that would pursue this type of data. In addition to your most private and confidential information, the same information included in this breach is the very same information that is posed to your for “Challenge Questions” when trying to obtain your credit report, or other various services that verify your identity.
Similar to the breach several years ago regarding Choice Point, those challenge questions are generally taken from your various credit bureau databases. That is why this particular breach is much bigger with much wider implications that Equifax is letting on.
The type of data stolen is exactly what anyone would need to essentially clone your identity for the express purposes of fraud. The future cost associated with containing and restoring you back to your original position before the breach occurred, could not possibly be calculated at the present time.
Of course Equifax has placed a price on it, they are sacrificing their $335.88 per year annual fee for their TrustedID service, for the first year, and only if your act within the limited time of their offering. If it weren’t for the three executives that sold their stocks or stock options prior to going public with the information, this would closely resemble an effective marketing or PR campaign, as Equifax stands to make money off the very issue that they have let happen.
In the world of law, this would be equivalent to “Fruit of the Poisonous Tree”, whereby an entity creates the very situation, and tries or intends to benefit from the situation, they themselves caused. While that is a simplified version, it is very much appropriate to view this entire situation from that aspect to see what is really going on.
It is atrocious at how they have handled the entire “incident” (their word, not mine) they refer to this as an “incident”, it’s like putting lipstick on a pig, this is more than “incident”, none the less, they are making a mockery out of the American people (consumers) with the antics that are going on here. They were negligent on multiple levels, leading up to this incident. They can’t provide us with a date that the breach might have occurred on, then after realizing that a breach had occurred, they wait between 5 to 6 weeks to inform the public of it.
First off, to retrieve the data of approximately 143 million people is not a single moment when you realize a breach has occurred, one would think that someone would have noticed the traffic on their network or system that was odd, strange or out of the normal range. Secondly, they not only had a duty to ensure their system was secure to prevent a cyber threat; they had a fiduciary duty to do so as well. In fact this the third cyber threat they have faced since 2015. It would appear they would have been more apt to detect it, since they have previously known they were a target.
There is no excuse for the lack of security on both the back and front end of this company, on their very own website; they explain how to view their data products they sell in Netscape Navigator, anyone with half a brain realizes that they are not taking the pain staking task of staying current as technology evolves. Their motivation is collecting your data and selling it, the hell with protecting it.
This entire ‘incident’ is unforgivable, because of what they let happen, how they have handled it, from detection to announcement to the public, their half-baked solution to make you whole again, while at the same time positioning themselves to make money off the entire deal. All that in light of the fact, no one ever gave them permission to collect the data in the first place, you might have subsequently granted a company permission to report your performance to one of the various credit bureaus, but I don’t recall as to ever granting permission for them to open up their file in the first place.
They have breached their fiduciary duty to the consumers whose data they collected, and they have been negligent in their security process to implement protections and patches to any vulnerability that could lead to such a breach. Then they have acted negligent in detecting, and afterwards informing the public about the breach.
Finally they have acted negligent in their half-baked solution to the whole matter. The credit-monitoring and fraud alert protection they are offering you, for the first year is a negligible response to the nature and severity of what they have allowed to happen. And if you don’t cancel the service at the end of the year, you’re granting them permission to bill you for their service. I think we can all agree they need to contract with a third-party to provide this service, since you’re being asked to trust the very company that has caused the very issue you’re seeking to remedy. Do you see how it keeps going in circles here, all the while to their benefit, and by no means yours?
Essentially they are inducing your into another contract with their subsidiary TrustedID, or any other party that you may choose to engage yourself with, when before the breach either of the services would have been for peace of mind, and not a necessity as it now.
Approximately thirty lawsuits have been filed already against Equifax, one class action is seeking $70 billion in damages, that equates out to $489.51 per person before the attorney fees which are generally 40%, which would leave approximately $42 billion to be divvied up among the 143 million victims or $300 per person, which leaves you $35.88 in the hole, should you opt-in to a second year of their gracious offer to monitor your credit.
You can’t make this stuff up, and they just act like it’s so simple “oh, my bad!”, and your just supposed to carry on, and keep trusting them, not only to continue to maintain this information, but protect you from the repercussions that they themselves have allowed to occur.
And how much should you trust them to protect you? Well that is subjective considering what has already happen, and then their forthright attempt to get out ahead of this thing and inspire you with confidence to rest assured the matter is handled, because they have setup http://www.equifaxsecurity2017.com, ironic name, trying to convey to you sense of security, it should have been equifaxhack2017.com, which would be more fitting since that site is essentially useless, and provides bogus information in regards to who potentially might be affected by the breach. All the while ushering you to be induced in to their more than generous offer for a whole year free, of credit monitoring services from their subsidiary TrustedID.
This does not inspire confidence, not in their handling of the matter, nor in their continued custodial care of my sensitive private information, nor in their ability to protect anyone from consequences.
If you need protection from anyone it’s them, with their lackadaisical approach to securing your information, and from their predatory approach of inducing you into their services after their more than generous complimentary year. It would be absolutely laughable if it wasn’t so serious.
During my research into this “incident”, I happened across a few things of interest to my fellow Americans that may be one of the 143 million (which I’m sure their modestly stating)to offer you a bit of assistance in hopefully at least mitigating the impact of this most egregious breach of data and your trust. You can find out information on Freezing your Credit at http://www.bit.ly/freezecredit advice from renowned consumer reporter Clark Howard. And for those that seeking a legal remedy outside of the class action, there is a genius and innovative tool known as a “Chat-Bot”, that has been instrumental in over-turning more than $160,000 in parking fines in both New York and London. It will provide free assistance in preparing the paperwork necessary to file in court to sue Equifax by asking you questions and generating all the necessary documents you will need to initiate a claim in small claims court, you can find it at:
https://donotpay-search-master.herokuapp.com
An interesting site https://pipl.com/ , the world's largest people search engine, Pipl is the place to find the person behind the email address, social username or phone number, search for your own information, and you will be surprised at the amount available. You should also check out:
https://what-is-privacy.com a detailed and Informative resource on reputation guidance and on steps to take in removing your private information from the public domain.
This issue is bigger than they are making it out to be, and its implications are much more significant that anyone can even imagine at this point, purely because of the nature of the information, its express use and purposes, and its perpetual value to any would-be criminal intending to steal your identity or commit fraud.
I filled out the identity protection through their website...had to add my SS # that will prob get hacked.
It's hard to trust the very people that have caused the issue to begin with, No one knows how far reaching this breach is going to be, because unlike Credit Card numbers, you can cancel this information is a permanent part of your life from now on, I can't believe how cavalier they are being in regards to this breach.