Equifax has created a web page to keep everyone up to date about the breach, you can read everything that’s been published so far here.
Simply put, somebody screwed up. A patch for a known vulnerability was not applied to their servers, leaving them vulnerable to attack by hackers. This happens a lot more often that you’d think, most large Corporations and Government agencies test security patches before they are applied, to avoid creating problems with existing systems and software, in this case not patching was the wrong choice.
There were an estimated 143 Million consumers records stolen in the breach, that means there’s a good chance that, if you’ve ever taken out a loan, have a credit card or have rented a residence, your information was included.
There were also 209,000 credit card numbers and 182,000 dispute documents lost in the breach.
What they’re going to do about it.
The good news is, if your information was compromised Equifax is offering a years worth of free credit monitoring and insurance, you can check here to see if you’re data was included in the breach and sign up for the free services. You have until November 21st to enroll. These free services include:
- Credit monitoring for all three credit bureaus
- A copy of your credit report to check for inacuracies
- A Credit report lock, to block others from accessing it
- $1 Million in Identity Theft insurance
- Social Security number scanning, to search suspicious web sites for your SSN
After the year is up you’ll probably be offered the possibility to renew your subscription for a cost, but the first year is completely free.
What you should do
The breach happened between May and July this year, so you should check your credit card statements for unauthorized charges from that period, and once you’ve received your free credit report make sure there isn’t anything on it you don’t recognize.
Don’t listen to the naysayers that are telling people not to enroll because you’ll lose your class status in the inevitable class action law suit that is coming. Honestly, who gets rich off of those law suits besides the lawyers anyway? Do the math, 143 Million people, in order to give everyone $100 from a suit Equifax would have to pay out 14.3 Billion Dollars plus lawyer fees, and for a thousand bucks each, 143 Billion, I just don’t see that happening, and Identity theft would be a lot more expensive than that, and very inconvenient.