1. 18

No Evidence of Unauthorized Access to Core Consumer or Commercial Credit Reporting Databases


  2. 12

    Official response. They offer of credit monitoring that’s free for the first year and an unknown cost thereafter. The form that says you can check if you are affected is actually an enrollment form for the credit monitoring.

    1. 6

      Signing up also means you give up your rights to join a class-action lawsuit.

      1. 4

        Wow. That takes it from misleading lead generation into unconscionable fraud. At this point my expectation is that Equifax would tie my household pets to a railroad track while twirling their big black mustache.

        1. 3

          Their FAQ claims that isn’t the case:

          Q: Do the TrustedID Terms of Use limit my options related to the cyber security incident?

          A: The arbitration clause and class action wavier included in the TrustedID Premier Terms of Use applies to the free credit file monitoring and identity theft protection products, and not the cybersecurity incident.

          I don’t know how solid that is though.

          1. 1

            May have been a 9-year old Apache Struts vulnerability. From the article and linked report, it sounds like a web fileserver full of customer docs was hacked rather than a core database.