Author Topic: Equifax - 143 million US-based users had their personal information compromised  (Read 6643 times)

0 Members and 1 Guest are viewing this topic.

Offline winchester73

  • Half a bubble off plumb
  • Administrator
  • Hero Member
  • *****
  • Posts: 7332
  • Liverpool FC - YNWA
    • View Profile
Speak softly, but carry a big Winchester ... Winchester Arms Collectors Association member

Offline v_v

  • Full Member
  • ***
  • Posts: 172
    • View Profile
Sigh.  Should we all just abandon the internet and crawl back into caves?!!

I have used a credit reporting agency at work extensively.  Given the sensitive nature of the services that they offer to businesses and consumers, you would think that above all their systems would be 'armored' to withstand nuclear weapons, so to speak.  It is one thing for department stores, movie/music companies, and other such entities to get hacked and compromised.  But for a credit reporting agency . . . it is hard to see why they would not have diamond or platinum level security!  And if they did have such security and it was still compromised, well then nothing is safe.  Forget it all, because just about everybody reports data to one or more of the big three credit reporting agencies, Equifax, Experian, or Transunion.  The amount of data that these entities have accumulated on people would . . . well just let me say that most people would be surprised and probably unhappy.

v_v
Justice, Equity, and Meaningful, Productive, and Fulfilling Lives to All Earthlings

Offline techie

  • LzD Friends
  • Hero Member
  • *****
  • Posts: 613
    • View Profile
You would think at least a very deep walled system, like way deep. I checked the site to read it on a phone for curiosity and the video requires use of javascript? Security? I distrust Java and there scripts. First thing they need to get rid of.

I can add this to the IRS breach, who knows who was affected on that one. Another famous one, US security clearance database. The rest have been credit cards at Target, Home Depot, Sears, just to mention a few that were targeted.

My parents still prefer cash transactions, money orders for bill payments. Maybe they have it right. They never give out there checking or credit card information.




Offline winchester73

  • Half a bubble off plumb
  • Administrator
  • Hero Member
  • *****
  • Posts: 7332
  • Liverpool FC - YNWA
    • View Profile
Speak softly, but carry a big Winchester ... Winchester Arms Collectors Association member

Offline Pete!

  • Hero Member
  • *****
  • Posts: 5259
    • View Profile
.......My parents still prefer cash transactions, money orders for bill payments. Maybe they have it right. They never give out there checking or credit card information.
Based on the assumption that if I don't have the money for something, I can't afford it....When I stopped traveling for business in, I tore up all my credit cards.

On three occasions since then, I've been inconvenienced because the credit reporting agencies have no record of my existence.... Now, that doesn't seem so bad.

Online Corrine

  • The Mystical Rose
  • Administrator
  • Hero Member
  • *****
  • Posts: 20213
  • "Stronger than the past, united in our goal."
    • View Profile
    • Security Garden
Not that it helps, but Equifax security and information executives to retire, DJ reports, effective immediately.


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

Offline techie

  • LzD Friends
  • Hero Member
  • *****
  • Posts: 613
    • View Profile
This story gets more interesting, seems they failed to install security updates provided to them two months before the breech (Negligence).

https://www.usatoday.com/story/money/2017/09/14/equifax-identity-theft-hackers-apache-struts/665100001/

Equifax update states that Apache basically was at fault??? The patch was provided like any other major OS, it's there responsibility to install it.

https://www.equifaxsecurity2017.com/2017/09/13/progress-update-consumers-4/

Everyday there having problems because there not prepared to handle it. The free identity program, was broken initially. If you checked it, it has probably changed your status now. If you signed up the Trusted ID Premier, the token you are given will most likely not work, which takes from beginning to end a week or longer to receive. You may get directed to the site and put your info in, but the Continue Button isn't active.

P.S.  You are being ask to validate, using the same information that most likely was stolen???

Here is there daily blog of excuses

https://www.equifaxsecurity2017.com/



Offline winchester73

  • Half a bubble off plumb
  • Administrator
  • Hero Member
  • *****
  • Posts: 7332
  • Liverpool FC - YNWA
    • View Profile
Speak softly, but carry a big Winchester ... Winchester Arms Collectors Association member

Offline winchester73

  • Half a bubble off plumb
  • Administrator
  • Hero Member
  • *****
  • Posts: 7332
  • Liverpool FC - YNWA
    • View Profile
Speak softly, but carry a big Winchester ... Winchester Arms Collectors Association member

Offline techie

  • LzD Friends
  • Hero Member
  • *****
  • Posts: 613
    • View Profile
We have three primary credit monitoring systems in the US. Experian is used mainly by most creditors. It has the most weight as far as creditors are concerned. Equifax is the second in line, not used as much. The last one Transunion is rarely used. You can almost guarantee that Experian will be checked if asking for credit. Equifax may or may not be viewed.

As far as the credit system, it is a joke. FICO is a joke. If you don't have ten or more accounts then your dinged? If you don't use your credit lines your dinged. If you use your credit lines your dinged. If you apply for new credit your dinged.

You can have exactly the same thing reported on all three credit reports, all are suppose to be using the same calculation system. All three will have a different score. the degree of variance can sometimes be absolutely ridiculous. I check Experian the rest are just a joke anyway basically.

The bottom line? Do they pay there bills on time? If they have three or ten accounts, it shouldn't make a difference. The less credit extended is a lower risk. Do they have the income to repay a loan? As I said we have a stupid system, that affects peoples lives. I don't worry about it, but younger people are being raked over the coals. I told my wife along time ago, I don't work for the banks. The banks have stolen the insurance industry, that's why they failed, they want interest on loans, plus your protection money as well, the insurance and had the inability to cover it.

It's a broke system and now there being sloppy and allowed basically every working Americans identity to be stolen.

You don't want me to get started on the insurance industry, crooks.

Online Corrine

  • The Mystical Rose
  • Administrator
  • Hero Member
  • *****
  • Posts: 20213
  • "Stronger than the past, united in our goal."
    • View Profile
    • Security Garden
From Equifax Suffered a Hack Almost Five Months Earlier Than the Date It Disclosed - Bloomberg:
Quote
Equifax Inc. learned about a major breach of its computer systems in March -- almost five months before the date it has publicly disclosed, according to three people familiar with the situation.

In a statement, the company said the March breach was not related to the hack that exposed the personal and financial data on 143 million U.S. consumers, but one of the people said the breaches involve the same intruders. Either way, the revelation that the 118-year-old credit-reporting agency suffered two major incidents in the span of a few months adds to a mounting crisis at the company, which is the subject of multiple investigations and announced the retirement of two of its top security executives on Friday.


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

Offline Frands

  • LzD Friends
  • Hero Member
  • *****
  • Posts: 1065
  • Esbjerg, Denmark
    • View Profile
Latest from BBC News. 21/9-17

http://www.bbc.com/news/technology-41347467
Our greatest glory is not in never falling but in rising every time we fall.
- Confucius
-----
Trend Micro Internet Security


Home Forums:
https://www.landzdown.com/
http://securitygarden.blogspot.dk/
https://www.classicrockforums.com/

Online Corrine

  • The Mystical Rose
  • Administrator
  • Hero Member
  • *****
  • Posts: 20213
  • "Stronger than the past, united in our goal."
    • View Profile
    • Security Garden
It never made sense to me why Equifax created a separate website in the first place. 

Nice article by ESET:  CCleaner incident clarified to enable better understanding of the problem.


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

Offline plodr

  • LzD Friends
  • Hero Member
  • *****
  • Posts: 1307
    • View Profile
I was thinking about freezing our credit accounts. But after reading Brian Krebs' article yesterday, I figured that would not help either. Note this relates to Experian, another credit reporting company.
https://krebsonsecurity.com/2017/09/experian-site-can-give-anyone-your-credit-freeze-pin/

Offline techie

  • LzD Friends
  • Hero Member
  • *****
  • Posts: 613
    • View Profile
I was thinking about freezing our credit accounts. But after reading Brian Krebs' article yesterday, I figured that would not help either. Note this relates to Experian, another credit reporting company.
https://krebsonsecurity.com/2017/09/experian-site-can-give-anyone-your-credit-freeze-pin/

Except for Equifax and that is temporary, you have to pay to freeze each of the Credit bureaus. Some states don't allow them to charge you.