Yep.

Hell, don't they just run all their data through their website. Blammo, no lawsuit.

Could we just ask poconoder?

Ever wonder how just 3 credit reporting agencies got so powerful in the first place? Consumers have very little rights when it comes to credit reporting. Any Tom, Dick, or Jane with a business can damage your credit. You will be presumed guilty by the credit agency they reported to unless you can prove otherwise.

As bad as this breach is, and the incompetency it shows on the part of credit bureaus, I'm not as alarmed as maybe I should be for some reason.

You should be closely monitoring your credit on a regular basis anyway and you don't need to pay anyone to do that. You should also regularly check ALL your financial accounts including investment accounts, credit cards, mortgages, banks, and even insurance companies you do business with. Lastly, make sure to have strong passwords on all these accounts of at least 12 characters or more.

It's just common sense, but it's amazing how lax some people are with these things. I think the biggest concern is someone stealing your identity for medical services. Credit card and bank fraud are easily caught. But if someone uses your identity for a medical service, not only might that go unnoticed for a while, but will be a nightmare trying to prove to the credit bureaus that it was a case of identity theft.

I set aside a few hours on the first Sunday of every month to review paperwork, do computer backups and tasks like that. Check and log my investment accounts, check my bank statements and various bills to match against payments/withd/dep, organize receipts and warranties, look at my electric bill and cable bill. Every 6th month I'll review my insurance policies. The one in March is always my taxes. I pull my annualcreditreport once a year and usually grab another set later in the year and supplement with Credit Karma and Sesame.

It's a minor chore but back in the days I didn't have this routine I wasn't very organized. If my TV broke after 5 months I was usually screwed since I'd toss receipts and never fill out a warranty card, and I'd have to dig through stuff to find a tax return or whatever. It's been a life hack for me to straighten this out and I don't tend to miss things like my deal period with my TV package ending and getting hiked to standard price.

I agree with Letstat on the point that you just need to keep on top of this stuff, pretty much everybody with anything worth protecting should assume their info will be occasionally compromised.

I read that you're supposed to receive a notification in the mail if your info was stolen in this breach. Is that true? They're going to mail out 143 million letters? When can I expect such a letter? I'm not entering my data into that site.

If I was a victim, what exactly is there to do about it? Apply to change my SSN?

https://www.yahoo.com/finance/news/p...010153057.html

I assume they're going to drag their feet and any info they send out will be blatantly dishonest. so I guess keep checking reliable news outlets. Good news is that with 10^8 people affected I'm sure updates will be in the news. I'm not optimistic. My guess is these scumbags who were wildly irresponsible with your info will probably get a slap on the wrist and the rest of us will get a $20 gift card or something.

I doubt changing your SSN is worth the hassle since it's a near-lock it will be compromised again (happened to me three times). Keep practicing good internet security: don't use the same password on multiple websites, try not to use the same username, don't give out your real birthday, etc. One woman I know studies hacking and cybercrime as part of her job and she's crazy paranoid; Rroutinely tears up her credit cards and asks for new ones. Actually, maybe she's not so paranoid.

WaPo has an article on freezing your credit to thwart would-be thieves

https://www.washingtonpost.com/news/...your-identity/

Anyone think that's a good idea?

A+ idea; signing up now, can't believe this isn't standard.

Does sound like a good idea, but man, this ****ing racket:

Turns out losing the credit information of the entire United States is going to be a big financial boon for ALL CREDIT AGENCIES

The scale of this is just colossal. If 5% of those affected sign up for a freeze with two agencies that's a cool $70M robbed from the American people. How the hell are we not lining people up against the wall and shooting them? **** Bernie Sanders, the far left should rallying behind Robespierre.

So, as an internet noob that has always just assumed that everyone that wanted my info, had my info, do the sites like LastPass and the like really work? I hate passwords (capital letter, lowercase letter, number, special symbol, **** that ****), so I'm the idiot who tends to use the same password for a whole bunch of stuff. I suck, I know.

LastPass is legit. Be sure to set up two factor authentication with Google Authenticator

What if I just freeze my credit? I have no debt or credit cards. Would this solve any and all identity theft concerns?

it'll damn sure make life a lot harder for anyone trying to steal your credit. See the article I linked earlier.

I'm still kinda curious if just using the equifax search tool to see if your data was lost auto-signs you up for their monitoring and removes your ability to sue/join a class action

ALSO, and probably more important, depending on how quickly the thieves are able to sell all that info, I wonder if would-be criminals could put a freeze on your credit and set up a pin that only they have access to, thus restricting your ability to freeze and unfreeze your own credit

Freezing your credit sounds like an enormous ass ache whenever you need to borrow money, rent an apartment, pass a background check, change cell phone providers, open a bank account, rent a car, etc.

I don't see a need for any of these things

I can rent a car locally with a deposit

I feel ya. It's probably nbd if your Netflix password and your 2p2 are the same. Problem is if your Facebook or banking passwords are the same as your 2p2 password and you foolishly gave Facebook your real birthday and 2p2 gets hacked; now thieves have probably all they need to do damage.

Sounds like it's relatively quick to unfreeze and can be done online.

All the agencies allow you to lift a security freeze for 24 hours in case you want to do something that requires a hard pull on your credit.

Lol, the thieves just proved they don't need to **** hacking 2p2 anymore.

+1 to using a password manager like LastPass or Keepass. They're free and easy to use too.

Is Equifax publicly traded? Can I short them some kinda way?

Yes, but their stock already lost ~14% of its value overnight when this was announced Thursday evening. You can always bet it will get worse for them!