Massive Data Breach

Anyone else having trouble adding an Equifax freeze either online or via calling customer service? Repeated “functionality not available. Try back later.” And excessively long wait times when calling them.
I did. Filed a complaint with the CFPB. Like that will change their lack of customer service leadership issues. But maybe I will get my freeze in place. Good grief!
 
Anyone else having trouble adding an Equifax freeze either online or via calling customer service? Repeated “functionality not available. Try back later.” And excessively long wait times when calling them.
Equifax sucks. There needs to be a fine imposed when they can't do what they're required to do. You can complain.

I'm sure the inbox is full of Equifax complaints at Submit a complaint | Consumer Financial Protection Bureau because there really IS no way around them!

I called Equifax two times today at 15 or 20 minutes per call, only to find out they could not process temporary lifts of security freezes. They claimed the system was down. I called Equifax a third time, this time took even longer and STILL got nowhere! After getting through the VRU, they put me on hold for 5 or so minutes, then they spent 5 minutes asking me questions about my credit file. I had the file open on my desk in front of me, and it wasn't clear what I should be reading off to the guy. After all that, he says I can't process the lift! I need to fax my drivers license, social security card, and include a cover letter with the dates for the temporary lift of the freeze. Then the acknowledgement is via snail mail! When I challenged that, he said I could call back and see if the fax had been received, and if the thaw was processed. I'm going straight to the fax from now on (if it works this time).

Here's my complaint:
 
In my case, a few years back I had a myEquifax online account with them but couldn't log in for whatever reason. Trying to get the account reset was an exercise in frustration and no success as trying to get anything done with them, I'd just get a run around. Unfortunately, at that time, my credit was frozen with them but I needed to unfreeze to apply for a credit card.

I eventually did get the unfreeze done but not by online or phone but using snail mail. After the unfreeze, I ended up signing up for their free credit lock (lock, not freeze). As of today, I still can't get my myEquifax online account reset but manage online by the credit. Not as tight as freeze but better than nothing.
 
^You probably did just what they wanted you to do.... don't they make less money from frozen accounts?
 
After our recent vehicle purchase, DH just successfully refroze both our Equifax accounts. Maybe because fewer people were trying on a Saturday?
 
This leak is a big nothing from what was leaked

I am not sure I agree with that. I have had a couple of password breached before, this was an easy remedie (when you know it), by never using the same password in 2 different places.

This is the first time that my SSN was leaked. (plus associated address, DOB, full name and phone number. In other words: everything else possible). I actually think it is a big concern, I can change my password but can't change SSN, DOB, address, name and phone number.

By the way, I learned about this leak through the google dark web alert. I really like the feature since it told me exactly all the information leaked.

I am in the process of freezing my credit. But does anyone know if this also qualifies as a fraud alert?
 
Last edited:
Anyone else having trouble adding an Equifax freeze either online or via calling customer service? Repeated “functionality not available. Try back later.” And excessively long wait times when calling them.
Had no issue with Equifax. However, so far, Experian prevents me to create an account and give me the run-around.
 
Experian is very difficult to deal with.

I froze my credit with the 3 credit reporting agencies about 12 years ago, today it is done differently but my credit reports indicate that my credit report is still frozen with each bureau.

I use unique userids (when not forced to use my email address) and passwords both of which are long using a random mixture of upper and lower case letters, numbers and special characters. Answers to my security questions make no sense.

I have an Experian Identity Works credit monitoring account due to a past breach. With the NPD breach I was offered an Experian Identity so I signed up and entered the info I have the 1st account monitoring. So now I have 2 Experian Identity Works accounts and each as a unique userid, password and answer to the security question.

8/28 I got 8 emails from Experian Identity Works, 1 telling me to check my account (which one, I have 2?) and 7 emails indicating my personal info was found on the Dark Web. Of course I panic. Trying to reach a person is almost impossible but I found a phone # in an email and called. Over 1 hour on hold and hung up. Called later in the day and even longer on hold just gave up. Called around 8 pm ET that night and was on hold about 10 minutes and actually got a person. I explained that the SS # breaches they found all had the correct last 4 digits of my SS# and 1 had my info connected to my ex wife's SS#. But the one that scared me has a different last 4 digits ie my SS # last 4 is 1234 and this one was 9876 so does that mean someone has my personal info associated with a fake SS#... this is why I called.

Here is where it all went to Hell. I answered all the questions she asked to verify who I am but my security question answer was wrong according to her! I used both answers which again are each unique and they are both wrong according to her. Now these are in a password safe with notes and there is NO way I made a mistake cuz I am anal² when it comes to this having worked in IT my whole life and take security extremely seriously. So now she will not discuss anything with me cuz I can't tell her what the correct answer is! She seems confused that I have 2 Experian Identity Works accounts but I explained they are from 2 breaches. We go round and round and I tell her my userid and password so she is getting that I am legit. She takes my info and is reporting it to the restoration people and they will call me between 8-9 am ET the next morning, that was yesterday and they have yet to call. I told her I want guidance on how to handle that SS# that is not mine, she felt that was important but now what? I need to talk with someone who can reset my security answer or allow me to change it - there is NOWHERE on their website in my accounts to specify an answer to a security question! How can that be?

So I have no idea what to do now and I am mad. Careless or stupid people cause me this problem and I get the run around. Calling SS about that SS# probably won't help as I only see the last 4 digits and have no idea what the whole number is and calling SS is probably as bad as Experian.
 
View attachment 51913

My data is out there from the massive data breach.

We are talking about, name, SSN, DOB and the goodies the criminals want :(.



https://fox2now.com/news/national/w...assive-breach-how-to-know-and-what-to-do-now/

The article has a link NPD Breach Check - Pentester.com where you can check to see if you too have been assimilated
I checked on myself. No hits in Hawaii where I have lived for over 10 years. But when I checked for Arizona I come up with addresses I had going back to the 1980s!
 
I just froze all three credit reports.

I started at pentester and found my information in two states. I'm associated with relatives at addresses I've never used personally. So it was time.

I had an Experian watch by virtue of previous breach(s).

I'm pretty sure my SSN was leaked back in the day by US gov't leak of my clearance investigation details.

I have ExperianID works, Discover, and MyIDcare protection also.
 
I just returned from a 12-week trip and collected my mail, which included FOUR notices of data breach: Frontier Communications, Prudential, Ticketmaster, and Change Healthcare. Plus of course, the big breach of everyone on the planet that we're all talking about.

Most of these happened in the February-May time frame. I haven't had a Frontier account for years, so I wish they had purged my info.

These are happening so often that I just re-sign-up for whoever is offering free monitoring. Despite all these, and previous ones, I haven't been notified of any naughtiness.
 
This practice is called password aging and many studies discourage it because it leads to being less secure as people tend to write or record passwords that are always changing down somewhere that can be compromised. A combination of an easy-to-remember long password that does not change is much preferred to password aging. This is has been studied and takes into account human laziness and lack of attention paid to using long series of aged passwords.

Two-factor and zero-trust are better approaches. Zero trust approaches like Yubikey are the latest flavor of the week.

The study only studied stupid people, not ones that use a password manager.

Using a password manager solves the "issue" of people taking shortcuts with creating new passwords. So now a person can literally reset their password every month.

Changing the password to one of equal or longer size (and possibly with more character sets) makes all the previously stolen databases of passwords invalid.
 
That search site, in the article claimed the DOB was masked, but not really as when searched by the year, it shows the month and day for a DOB and **** for the year. But since the year was entered into the search box the **** value is obvious.

So the search checking site is practically an online scammer research site. :banghead:
 
My stuff is out there in multiple ways. Some correct, some merged with garbage, some correct except for the name.

I'm on my way now to do a freeze now that last month I opened my last credit card I'll probably ever open. I don't see loans on the horizon. As a first step, I decided to download my credit reports from the sponsored site: Annual Credit Report.com - Home Page I hadn't done this for many, many years. I have to say they have improved this site tremendously. That was easy.

Now on to the freeze process.
 
Freezing for the big three went smoothly. I started with Equifax: firefox with duckduckgo plugin didn't play well. So I moved to Edge with no add ons.

Once there:

Equifax - simple
Experian - simple
Transunion - accidentally got on their paid page. Started over. A few pages were not loading, but a stop and refresh brought them up. Done in 5 minutes.

One of the providers mentioned that they use some info from your wireless carrier to help identify you. What this means to me is you really, really need to have a sim lock with your carrier.

Secondly, you better also guard your email address carefully. That is becoming way too key.

Overall, it was disturbing how easily they "verified my identity". Very few questions, mostly just asking for the mobile phone number.

The last time I tried this was about 10 years ago. Back then, I had to answer about 5 mysterious questions about things like previous addresses or mortgage companies, and so on. I got none of that. Those questions (which frequently were "none of the above") was one reason I was hesitant.

Also, I had an account with Equifax I made 10 years ago. It was invalid. They changed too much.

Just having an account with these three is important. Do it before someone else opens an account for you. I'm sorry to say I dragged my feet so long, but that's water over the dam. And make sure you have an account with Social Security and the IRS before you freeze. SS uses Equifax to verify you. I don't know what the IRS does, but it may. Or you can always unfreeze, but in any case, you need accounts with both of those so they don't open one up for you.

Now I have to ponder whether to look into the lesser bureaus. Here's the list. LexisNexis is first on my list. This BH article has links to the freeze page for them too: Credit freeze - Bogleheads
 
Last edited:
One last thing: one cannot exists easily in this society unless you have a mobile phone that can accept text messages and at least pull up a simple browser link. I suspect that some of the most vulnerable in our society to identity theft (the very elderly), will have to go through a much more manual process to freeze credit.

A cell phone is essential. A smart phone has likely crossed the threshold to being essential too.
 
Back
Top Bottom