XYMer's Home away from Home

When http://bbs.xlr8yourmac.com is down (i.e. always)
Privacy Policy
It is currently Thu Jan 17, 2019 3:50 am

All times are UTC - 8 hours




Post new topic Reply to topic  [ 59 posts ]  Go to page Previous  1, 2, 3  Next
Author Message
 Post subject: Re: Equifax breach
PostPosted: Thu Sep 21, 2017 1:11 pm 
Offline
Benevolent Dictator
User avatar

Joined: Mon Apr 21, 2008 2:03 am
Posts: 15372
Thanks Mrs H., seems they make it easier for crooks than for us.


Top
 Profile  
 
 Post subject: Re: Equifax breach
PostPosted: Thu Sep 21, 2017 3:01 pm 
Offline
User avatar

Joined: Thu May 15, 2008 8:10 pm
Posts: 696
Mrs H wrote:
Here's one place you can check the rates by state - I've also seen it simpler in pdf form but I couldn't put my hands on it again:
http://www.experian.com/news/security-freeze.html


This link is better for a state by state break down -
http://consumersunion.org/research/cons ... tection-2/

Jumping thru hoops and paying a small fee is better than the ramifications of ID theft.


Top
 Profile  
 
 Post subject: Re: Equifax breach
PostPosted: Thu Sep 21, 2017 3:48 pm 
Offline
User avatar

Joined: Thu May 15, 2008 8:10 pm
Posts: 696
HA !!

http://www.npr.org/sections/thetwo-way/ ... -fake-site


Top
 Profile  
 
 Post subject: Re: Equifax breach
PostPosted: Thu Sep 21, 2017 4:54 pm 
Offline
User avatar

Joined: Thu May 15, 2008 8:13 pm
Posts: 10266
Location: Caught between the moon and NYC
Yeah, I heard about that one.

Equifax still has no explanation for why they don't implement a subdomain other than basically reiterating that they don't understand why that's important.


Top
 Profile  
 
 Post subject: Re: Equifax breach
PostPosted: Thu Sep 21, 2017 5:08 pm 
Offline
Master

Joined: Sun Apr 20, 2008 5:24 am
Posts: 9940
Location: North of the State of Jefferson
I can't prove it, but to me this whole debacle is still in the "getting worse" phase. I would assume that the intruders siphoned off everything in every credit file at Equifax. I mean, if they have something from 143 million people, it doesn't seem a bad guess. I further support my contention in part on the basis that all evidence suggests Equifax is managed by clueless idiots and hasn't got anything right to date.

I facepalmed when I heard about the breach. Part of that was because "of course they did! It was inevitable! And it'll happen again." If you collect that much valuable information on a computer in this day and age, someone is going to steal it. The apparent stupefying incompetence of Equifax at handling those data is just the proverbial icing on a big sweet gooey layer cake. Or put another way, their incompetence wasn't why a breach occurred: it just helped this one occur sooner.

Society hasn't developed techniques to effectively adapt to this information threat environment. The long term solution, I suspect, is one where this kind of personal information carriers little individual* value. It used to be people used your Social Security number as secure identification. It turns out that was always a bad idea, and we knew that years ago. Now we should come to grips with the fact that all information about all of us is public information, or will likely become so in the future. That means we need to develop social, legal, and technical structures that don't depend on knowing certain historical (addresses, account numbers, mother's maiden name, favorite flavor of ice cream, etc) facts to authenticate yourself, at least not for anything that really matters: anyone with enough technical skill, money, patience, or luck can learn and abuse those facts in bulk. I don't know what an alternate structure would look like, but I know that it won't depend on knowing the address of your college apartment or drivers license number.

There is, however, a silver lining in all this. Well, at least if you're a credit bureau: you'll make a killing off setting up credit freezes. Maybe they should have more data breaches to ensure the $$ keep rolling in?

- Anonymous

* "Individual" as opposed to "aggregate," where data-mining it, cross-tabulating it, and selling it to advertisers will always be valuable.


Top
 Profile  
 
 Post subject: Re: Equifax breach
PostPosted: Sun Sep 24, 2017 12:04 pm 
Offline
User avatar

Joined: Thu May 15, 2008 8:10 pm
Posts: 696
"Getting worse " phase description is too kind, as far as I'm concerned it been fubar and it will be fubar
because of the consumer complacency .

Krebs has some nice new articles - https://krebsonsecurity.com/


Top
 Profile  
 
 Post subject: Re: Equifax breach
PostPosted: Sun Sep 24, 2017 5:19 pm 
Offline
Benevolent Dictator
User avatar

Joined: Mon Apr 21, 2008 2:03 am
Posts: 15372
Oh man, we need a congress responsive to crimes instead of cash.


Top
 Profile  
 
 Post subject: Re: Equifax breach
PostPosted: Tue Sep 26, 2017 12:04 pm 
Offline

Joined: Sat Apr 11, 2009 2:15 pm
Posts: 6365
Location: NYC
Image


Top
 Profile  
 
 Post subject: Re: Equifax breach
PostPosted: Wed Sep 27, 2017 8:46 pm 
Offline
Benevolent Dictator
User avatar

Joined: Mon Apr 21, 2008 2:03 am
Posts: 15372
Your pain isn't over yet...

If your credit reports are blocked, come insurance renewal time, your rates will likely increase. :(


Top
 Profile  
 
 Post subject: Re: Equifax breach
PostPosted: Thu Sep 28, 2017 10:23 am 
Offline
User avatar

Joined: Thu May 15, 2008 8:10 pm
Posts: 696
BDAqua wrote:
Your pain isn't over yet...

If your credit reports are blocked, come insurance renewal time, your rates will likely increase. :(


BD, do you have any info on this ?
First time I've ever heard of this.


Top
 Profile  
 
 Post subject: Re: Equifax breach
PostPosted: Thu Sep 28, 2017 11:57 am 
Offline
Benevolent Dictator
User avatar

Joined: Mon Apr 21, 2008 2:03 am
Posts: 15372
Sorry, I knew I should've posted the link while I had it, now I can't find it.:(

But...
Quote:
People with no credit pay 65% more for car insurance than people with excellent credit, on average. Drivers with no credit pay at least twice as much in PA, NJ and MI.

https://wallethub.com/edu/car-insurance ... port/4343/
Quote:
any U.S. car insurance companies use credit-based insurance scores to help determine risk. (Unless you live in Massachusetts, Hawaii, or California, where the practice has been banned.) And studies have shown that there's good reason to use credit-based scoring in developing rates.

https://www.esurance.com/info/car/myth- ... rance-rate


Top
 Profile  
 
 Post subject: Re: Equifax breach
PostPosted: Thu Sep 28, 2017 12:34 pm 
Offline
User avatar

Joined: Thu May 15, 2008 8:10 pm
Posts: 696
It looks to me that the articles are about buying new insurance, it makes no mention
about renewals.


Top
 Profile  
 
 Post subject: Re: Equifax breach
PostPosted: Thu Sep 28, 2017 1:00 pm 
Offline
User avatar

Joined: Sun Nov 27, 2011 1:55 pm
Posts: 2222
I called our insurance company and asked, they said - no impact on our policies.

a quick search took me here for other folks anecdotal info on it:

https://www.bogleheads.org/forum/viewtopic.php?t=227468

btw interesting article here:
https://www.depositaccounts.com/blog/20 ... redit.html

_________________
Mrs H


Top
 Profile  
 
 Post subject: Re: Equifax breach
PostPosted: Thu Sep 28, 2017 4:40 pm 
Offline
Benevolent Dictator
User avatar

Joined: Mon Apr 21, 2008 2:03 am
Posts: 15372
Jimcha, Yeah, I know, sorry I couldn't find the original article.

Mrs H, thanks.


Top
 Profile  
 
 Post subject: Re: Equifax breach
PostPosted: Thu Sep 28, 2017 4:44 pm 
Offline
Master

Joined: Sun Apr 20, 2008 5:24 am
Posts: 9940
Location: North of the State of Jefferson
I think the key is "existing creditors can continue to access your credit reports." If you change insurers, then yes, you'll want to unfreeze at that time.

I think credit monitoring and SSN monitor, etc., are basically snake oil if you're paying for them. At best they are completely reactive. Freezing is proactive. Sure it doesn't prevent a crook from wiring all the money out of my checking account, but I wouldn't expect it to. That's a totally different problem. It probably also won't keep anyone from climbing in to my house through an open window, but I'm not going to avoid getting a credit freeze because of that.

I've contemplated a credit freeze for myself for years, but haven't got one because it costs money. If it were free I'd do it in a heartbeat. I just don't someone need to check my credit very often.

- Anonymous


Top
 Profile  
 
 Post subject: Re: Equifax breach
PostPosted: Thu Sep 28, 2017 5:18 pm 
Offline
User avatar

Joined: Thu May 15, 2008 8:13 pm
Posts: 10266
Location: Caught between the moon and NYC
BDAqua wrote:
And studies have shown that there's good reason to use credit-based scoring in developing rates.

Yeah, because its more profitable to pick on the lower classes. If they picked on people with money they would end up getting sued so often it'd be unprofitable.

I'm not sure if its still the case, but 6-7 years ago it was illegal for insurance companies to use your credit score as a metric for any kind of insurance in Illinois. In Michigan you can ask your insurer to not use that metric. All insurers are supposed to allow you to do it, but the more unscrupulous ones will use that refusal as one of the metrics in determining your rate, which means it skyrockets. A loophole you could drive a dumptruck through. But then you just opt for an insurer who wants your business (odd that an insurance company is turning away business, but they're an odd industry).

Basically check with your state laws. If they have something similar to this, good news, you can opt out of this part of the merry-go-round.


Top
 Profile  
 
 Post subject: Re: Equifax breach
PostPosted: Thu Sep 28, 2017 6:56 pm 
Offline

Joined: Sat Apr 11, 2009 2:15 pm
Posts: 6365
Location: NYC
What I think is interesting in all this is that, based on reading Krebs over time, I'd always assumed that ones SSN was most likely already for sale for only a few bucks. Of course, there's nothing like handing out SSNs, DOBs and addresses nicely correlated.

Anon, maybe not the other three, but I think Equifax may be waiving the credit freeze fee. Might only be NY, but I haven't been asked to pay a dime for any of them.


Top
 Profile  
 
 Post subject: Re: Equifax breach
PostPosted: Thu Sep 28, 2017 9:16 pm 
Offline
User avatar

Joined: Thu May 15, 2008 8:10 pm
Posts: 696
Mrs.H - Thanks for those links, unfortunately the second link depositaccounts reads as a
sales shill for services. Every mothers son is selling something to cash in on Euqifax's fubar security.

Anon - Based on where you live you may only have to shell out less than $20 or so.
The info in the breach, as Wzzz pointed out is everything in a neat package.
To me it wasn't a crap shoot I was willing to be part of, 50-50 odds that I "may" have been compromised
are lousy, if only the lottery had those odds.
I myself contemplated credit freezes back when I read Krebs article on it back in 2015,
but the Equifax breach was a kick in the pants. I froze all four, none charged me,
like Wzzz I'm in NY so I'm not sure if that was the reason.


Top
 Profile  
 
 Post subject: Re: Equifax breach
PostPosted: Wed Oct 04, 2017 5:24 am 
Offline

Joined: Sat Apr 11, 2009 2:15 pm
Posts: 6365
Location: NYC
Latest Krebs

https://krebsonsecurity.com/2017/10/fea ... me-victim/


Top
 Profile  
 
 Post subject: Re: Equifax breach
PostPosted: Wed Oct 04, 2017 7:15 am 
Offline
Benevolent Dictator
User avatar

Joined: Mon Apr 21, 2008 2:03 am
Posts: 15372
Thanks W... if I weren't of of gast, I'd be flabbergasted. :(


Top
 Profile  
 
 Post subject: Re: Equifax breach
PostPosted: Thu Oct 05, 2017 5:57 pm 
Offline
User avatar

Joined: Thu May 15, 2008 8:13 pm
Posts: 10266
Location: Caught between the moon and NYC
Sounds like the data was compromised via the system that was used to lodge disputes over one's credit history.

I wonder if someone hadn't disputed their credit history in a couple decades if they would be in that system.

You know. For a friend. :D


Top
 Profile  
 
 Post subject: Re: Equifax breach
PostPosted: Thu Oct 05, 2017 7:04 pm 
Offline
User avatar

Joined: Thu May 15, 2008 8:10 pm
Posts: 696
MonkeyBoy wrote:
Sounds like the data was compromised via the system that was used to lodge disputes over one's credit history.

I wonder if someone hadn't disputed their credit history in a couple decades if they would be in that system.

You know. For a friend. :D


145 million that's a lot of people disputing their credit history.
:roll:

If congress had any balls they would haul the CEO's, CIO's of the other three in to grill them,
and sign into law that credit reports need express permission from the person for them to sell.

Experian said go pound sand when Smith suggested that all the other should offer free credit freezes ( not locks ).

Sorry for the long url, I forgot how to link text to a url.
https://www.nytimes.com/2017/10/04/your-money/equifax-experian-credit-locks.html
Link shortened by the mgmt


Top
 Profile  
 
 Post subject: Re: Equifax breach
PostPosted: Thu Oct 05, 2017 7:52 pm 
Offline
User avatar

Joined: Thu May 15, 2008 8:13 pm
Posts: 10266
Location: Caught between the moon and NYC
When its a really long url sometimes the link thing breaks.

Given how inaccurate most of the information in a credit report is, I'd say 145 million is probably low. Every time I ran a report I found information from other people on mine. Wasn't even identity theft, it was literally loans opened in someone else's name that somehow got placed on my report because the agency was completely incompetent. But I haven't run it since I bought my car 20 years ago.

However it certainly sounds like if they had penetrated further than the reporting system that many other systems would also have had unencrypted data available for the thieves to access, with little standing in their way.

Perfect time for the IRS to give Equifax a no-bid contract. :shock:


Top
 Profile  
 
 Post subject: Re: Equifax breach
PostPosted: Fri Oct 06, 2017 3:08 pm 
Offline
Master

Joined: Sun Apr 20, 2008 5:24 am
Posts: 9940
Location: North of the State of Jefferson
I've never seen inaccurate information in any of my credit reports from any of the three bureaus.

- Anonymous


Top
 Profile  
 
 Post subject: Re: Equifax breach
PostPosted: Fri Oct 06, 2017 7:14 pm 
Offline
User avatar

Joined: Thu May 15, 2008 8:13 pm
Posts: 10266
Location: Caught between the moon and NYC
Might help that I have a fairly common combination of first and last names. Affords me a degree of anonymity but comes with other fun benefits.


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 59 posts ]  Go to page Previous  1, 2, 3  Next

All times are UTC - 8 hours


Who is online

Users browsing this forum: No registered users and 5 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
cron
Powered by phpBB® Forum Software © phpBB Group