Holy crap. THAT’S why it was the only site that worked. My PIN follows the same pattern… a fu**king timestamp? I didn’t even notice until now. They can’t bother with a RNG?
Now I’m even MORE worried that someone will use Equifax to steal my identity. With a simple counting program they have all of my information AND my “super seekreet” password.
These guys need to hang. It’s unbelievable.
But they won’t hang. Yay free market … except no one has a choice about these yahoos holding the keys to our lives. And if they want to toss them on the street, well, nothing to stop them.
[edit] - And I’ll confirm one item in the NYT story - - if you punch in any random bullshit in the Equifax “am I affected” page, you get the same response… i.e., Yep, probably. So as the article says, Equifax has no freaking clue.
Problem is they don’t tell me what “those docs” are. There isn’t a form. What, do I just type a letter with all of my data, lick a stamp, mail it like 1985, and hope they buy it? If they do…how do they know it’s me and not someone who just downloaded all of my info ?
Well, the PIN is only really a problem if someone knows the exact minute you signed up to freeze your credit. It’s just funny how incredibly incompetent they are.
@DTG: The site should have noted the docs you need to send in. My guess is it’s overloaded and not working properly today.
So, 3 top executives sold about $2 million worth of stock 2 or 3 days after the company found out about this, but about 30 days before the company let anyone else know.
Their sales were NOT part of the sales that are scheduled ahead of time, and routinely done for insiders so as to avoid the perception of insider trading. The company’s response is that the 3 executives were not aware of the breach at the time of their sales.
Why were they not aware? It’s the CFO, what sounds like the CIO, and some human resources guy (who I could give a pass on). But if at least those first 2 were not aware, then they’re just hanging out and cashing their checks and should be fired [edit - prosecuted].
Welp, did a freeze at all four. Only two charged me the $10, and TransUnion errored out, so I need to call and confirm it went through. Thanks Stusser and everyone here for the suggestions. I feel way better.
It would be trivial for a hacker to write a script that just iterates through all possible time stamps. Even if they can’t do that, they have a reasonable range of times and can make relatively targeted guesses. Equifax should be forced out of business.
Shouldn’t it be the default posture of any of these companies to check with you if anybody tries to open an account in your name? This entire business is crazy.
This is so consumer unfriendly. I have a hard time believing that their developers have any idea how to scale a web app. They’re probably running dot net nuke on the backend.
Clay, the part that’s really consumer unfriendly, as noted earlier in the thread, is that enrolling in that nonsense requires you to give up some of your legal rights.
Well you can either suck it up and pay to freeze your credit or fully exert your righteous indignation and get sodomized bone dry. As always, the choice is yours.
I prefer sodomy, but if it happens my wrath (and legal team as yet unhired) will be directed at organizations that have my personal information that I don’t control. Like William Wallace said “never in my whole life did I pledge him to be my King.” “It matters not” is not a good enough response for me. It would be great if we could embed an organizational id into our personal data so that the offender is revealed when identity theft happens. I didn’t buy into this system, my feelings are I should’t have to track and maintain security over it. Let them do that, or shut them by by court order.
You won’t sue anybody, because you can’t prove they’re the ones that exposed your information. You have no recourse, which is what makes it so frustrating. The only way to change this is to contact your congressman.
@Misguided: That’s no big deal, just call the CC company and they’ll take care of it. Stolen cards are easy to handle, stolen identity isn’t.
