Really think it will. They're handling it as poorly as humanly possible.

lastpass works on all the major browsers afaik, and there are apps for ios and i assume android as well

it's pretty handy. No use wasting brain cells remembering passwords

I love Lastpass, but it's hard not to be worried how ****ed we'll all be when they get got.

They have got got before. They make it super easy to change many of your passwords hands off tho

I got hacked in the 90s with my SSN, name and address. I found out about it from a collection agency of course. Someone had opened a cel phone account in my name and a landline in Oakland.

I called the Oakland cops and asked if they could go to the address where the landline was registered. They basically told me I watch too many movies and cops don't do that. "Anyone could have opened that account." Um ok, but you could always just go there and see if they have like 500 credit cards lying around. I dunno.

Got it fixed, locks on my account. I just assume everyone has my SSN now.

A couple of years ago I transferred to my company's compliance department. Not the sexiest job, but I do get involved in conversations and projects related to lots of interesting topics including cybersecurity. I have also become "paranoid", which I think is inevitable if you learn even the basics of how cybersecurity / cybercrime works in practice. The "bad guys" are 20-something amoral computer experts. The "good guys" are 50-something career managers in a corporate setting. It's not even a fair fight.

The best analogy I can think of is that being an internet user these days is much like driving on the interstate. Terrible, catastrophic stuff happens every single day to people on the interstate. Although you should establish best practices and that helps, you may still suffer a catastrophe through no fault of your own. The question is whether or not you're willing to take that risk. Most people will trade the small risk of catastrophe on the road for the benefits, and the same will be true online.

Robespierre guillotined everyone on the far left.

It won't completely stop any possibility of ID theft, but it will make it hard enough that you're probably ok unless someone is trying to use YOUR particular identity, which is pretty unlikely.

Almost all of these guys just want any valid identity that doesn't have garbage credit. They're not targeting particular individuals.

I was able to freeze my credit with Experian ($7.50) and Equifax ($0) online with little trouble. Transunion was unable to do it online, I called their 800 number and they couldn't do it there either, said I need to speak to a human, which of course, their office is closed.

Anyway, my suggestion to everyone is to first grab your reports from https://www.annualcreditreport.com/

then go and freeze your credit with the agencies:

https://www.experian.com/freeze/center.html
https://www.freeze.equifax.com/Freez...onalIDInfo.jsp
https://www.transunion.com/credit-fr...-credit-freeze

I had no problem with with transunion online, ymmv.

TechCrunch: Equifax Hack-Checking Web Site Is Returning Random Results

Do I really need to freeze my credit here? Or am I good enough just checking it on creditkarma like once a week or something? Freezing it seems like a huge hassle, and I really don't want to give money to a company that literally just ****ed me over.

$15 bucks to freeze your credit on 3 sites, or $1500+ to deal with identity theft (checking your credit won't stop thieves from establishing credit under your name)

your call

edit

Also, people should read INAR's link. Equifax appears to be giving fake info to people checking if they're affected, and the PIN they should give when you freeze your credit may just be a timestamp. Not sure how they could be handling this worse, but it seems they're trying to find ways to.

The equifax PIN is definitely 100% a timestamp.

Freezing credit is the best solution afaik. It's a minor inconvenience but way more effective than credit monitoring.

From the latest Equifax FAQ

I'm closing on a house in 2 weeks, my loan is all set but I assume I can't freeze my credit until after closing?

Think you can still freeze but warm for a temporary time

It was nice to see that the executives of the company sold after they realized the breach happened but not before they reported the incident. scum bags

Your mortgage company has probably already run all the checks they need, call them and ask what they recommend.

i would all but bet the perpetrators of this crime can't unload 140 million people's info and the buyers have enough time to actual use that info, in just 2 weeks. I would guess it will be at least a couple months before anyone starts getting hit from this hack.

The hack was ongoing for a couple months before it was discovered. The majority of people affected still won't have money stolen from them simply because there aren't enough people out there committing credit card fraud.

I got mine from TransUnion, then the next was Equifax. Equifax says their system is temporarily down. Was anyone else able to get theirs from Equifax?

Its security questions made me a little nervous. One was like, "Your credit report indicates an auto loan/lease in 2013. Which bank was it from?" I have never leased or financed a car; I pay the full amount up front (I only buy used). So I selected, "None of the above". The next question was, "How much is the monthly payment for your auto loan/lease?"

Supposing for a moment that I've been owned and someone financed a car using my credit, why would Equifax use that as a security question? The whole point of getting my report is so that I can potentially dispute things. What if I want to dispute that auto loan, but now I can't even get my report because the auto loan info is the quiz to prove my identity?

Both are trick questions where none of the above is the correct answer, unless you already have been compromised. Then you have to call in to clear it up.

Isn't the hack:

1) 143M people (basically everyone) SSN and name

2) 200k or something (ppl who signed up for credit monitoring) - all that plus their CC

I just assume the whole world has my SSN by now.