Jump to content


Photo

Massive Equifax data breach hits 143 million


  • Please log in to reply
63 replies to this topic

#1 ALF

ALF

    Veteran

  • Members
  • PipPipPipPipPip
  • 4,618 posts

Posted 08 September 2017 - 06:11 AM

About 143 million US customers of credit report giant Equifax may have had information compromised in a cyber security  breach, the company has disclosed.
 
Equifax said cyber-criminals accessed data such as Social Security numbers, birth dates and addresses during the incident.
 
The hackers accessed credit card numbers for about 209,000 consumers, among other information.
 


#2 eball

eball

    Omar Sly

  • Members
  • PipPipPipPipPipPipPip
  • 22,134 posts

Posted 08 September 2017 - 06:12 AM

I just put fraud alerts on my credit reports and suggest everyone do the same.  This is bad.



#3 joesixpack

joesixpack

    #feelsgoodman

  • Members
  • PipPipPipPipPipPipPip
  • 38,560 posts

Posted 08 September 2017 - 06:24 AM

Thx for posting this

#4 CountDorkula

CountDorkula

    I'm That Guy...

  • Members
  • PipPipPipPipPip
  • 4,245 posts

Posted 08 September 2017 - 07:08 AM

So Did I hear correctly several Exec members sold a bunch of stock before the news was released so they could make money?

 

If that isn't illegal, it is super shady business practice. 



#5 Captain_Quint

Captain_Quint

    Playoff caliber poster

  • Members
  • PipPipPipPip
  • 1,471 posts

Posted 08 September 2017 - 07:19 AM

So half of the US? Cool.

#6 Gugny

Gugny

    TACOCAT

  • Members
  • PipPipPipPipPipPip
  • 13,929 posts

Posted 08 September 2017 - 08:06 AM

Q&A (for anyone who can't open the link):

 

Investor Relations Q&A, Equifax Cybersecurity Incident

September 7, 2017

1. What happened?

We identified a cybersecurity incident potentially impacting approximately 143 million U.S. consumers. Criminals exploited a U.S. website application vulnerability to gain access to certain files. We discovered the unauthorized access and acted immediately to stop the intrusion. We promptly engaged a leading, independent cybersecurity firm that has been conducting a comprehensive forensic review to determine the scope of the intrusion, including the specific data impacted. We also reported the criminal access to law enforcement and continue to work with authorities.

2. When did the company learn of this incident?

We learned of the incident on July 29, 2017, and acted immediately to stop the intrusion and conduct a forensic review.

3. Over what period of time did the unauthorized access occur?

Based on the company’s investigation, the unauthorized access occurred from mid-May through July 2017.

4. What information may have been impacted?

The information accessed primarily includes names, Social Security numbers, birth dates, addresses and, in some instances, driver’s license numbers. Criminals also accessed credit card numbers for approximately 209,000 U.S. consumers, and certain dispute documents with personal identifying information for approximately 182,000 U.S. consumers. As part of our investigation of this application vulnerability, we also identified unauthorized access to limited personal information for certain UK and Canadian residents. We have found no evidence that personal information of consumers in any other country has been impacted.

5. Are Equifax’s core consumer or commercial credit reporting databases impacted?

We have found no evidence of activity on Equifax’s core consumer or commercial credit reporting databases.

6. Is the issue contained?

Yes, this issue has been contained.

7. What are you doing to prevent this from happening again?

Equifax has engaged a leading, independent cybersecurity firm to conduct an assessment and provide recommendations on steps that can be taken to help prevent this type of incident from happening again.

8. What are the features offered in TrustedID Premier?

TrustedID Premier provides you with copies of your Equifax credit report; the ability to lock your Equifax credit report; 3-Bureau credit monitoring of your Equifax, Experian and TransUnion credit reports; Internet scanning for your Social Security number; and identity theft insurance.

Page 2 of 2

9. Do you have an estimate of the costs you expect to incur related the cybersecurity incident, including timing? Does Equifax have cyber insurance and to what extent will it offset the financial impact of this incident? At this time, it is too early for us to provide specific estimates of the costs we expect to incur related to the cybersecurity incident. The most significant near-term costs expected to be incurred will be delivering our TrustedID Premier identity theft protection and credit file monitoring product for a period of 12 months to consumers who enroll. In addition, Equifax will incur legal, forensic consulting and other costs related to the incident. Equifax carries cybersecurity, crime, general liability and other lines of insurance, and we have begun discussions with our carriers regarding the incident.

10. How will you disclose the costs related to the cybersecurity incident in your financial statements and public filings? Equifax will separately disclose costs specifically related to this cybersecurity incident, as well as any insurance reimbursements that offset these costs. These costs and reimbursements will be treated as non-GAAP items in our presentation of Adjusted EPS and Adjusted EBITDA margin. The timing of the accrual for or incurrence of related costs may differ from the timing of recognizing insurance reimbursement for those costs.

11. Do you expect this cybersecurity incident to impact your long term financial model? Equifax remains committed to delivering on the long term financial model of 7-10% revenue growth and 11%-14% growth in Adjusted EPS on average over a business cycle. Equifax’s long term financial model reflects our continuing fundamental ability to utilize our unique and differentiated data assets and leading analytical capability to deliver high value products and services to our customers.

12. Are you expecting any near term impact to your financial results from the cybersecurity incident?

We do expect some disruption to our business, as we focus on completing the detailed investigation of this event, taking the steps needed to minimize the likelihood that this type of incident will happen again, and working with customers to address their concerns and maintain their trust as a leading supplier of consumer data and analytics. We also expect impacts to our Global Consumer business as it focuses on delivering TrustedID Premier to US consumers. We will provide a further update on our 3Q17 earnings call in October.

13. Does this cybersecurity incident impact your capital allocation priorities going forward? Our capital allocation priorities are unchanged at this time. As we have previously indicated, our investment priorities in order of importance are: (1) internal investment; (2) dividends; (3) acquisition; and (4) share repurchase. We do, however, expect to increase our capital spending in an effort to further accelerate IT infrastructure, systems and data security and resiliency improvement actions.

14. When was the Board made aware of the incident? What has their involvement been?

We promptly informed the Board upon learning the potential scope of the incident and have engaged them since then in regular discussions.

15. Are you still planning to attend sell-side conferences scheduled for the remainder of the year?

Yes, investors are an important constituency and we intend to continue a high level of accessibility and participation in conferences, NDR’s and other meeting requests.



#7 Nervous Guy

Nervous Guy

    Me and my Best Buddy

  • Administrators
  • PipPipPipPipPipPip
  • 8,782 posts

Posted 08 September 2017 - 08:52 AM

Find out if you're affected...my wife and I are...my daughters aren't....

 

https://trustedidpre...ligibility.html



#8 Gugny

Gugny

    TACOCAT

  • Members
  • PipPipPipPipPipPip
  • 13,929 posts

Posted 08 September 2017 - 09:02 AM

Find out if you're affected...my wife and I are...my daughters aren't....

 

https://trustedidpre...ligibility.html

 

Is this the message you got that makes you say that you are affected?  Not sure if this is just a "maybe," or should be considered a "yes." 

 

 

"Based on the information provided, we believe that your personal information may have been impacted by this incident."

 

EDIT - Either way, I began enrollment in the free identity theft protection they're offering.  Thanks for sharing this link, NG.


Edited by Gugny, 08 September 2017 - 09:06 AM.


#9 Just Jack

Just Jack

    Lifting things up and putting them down

  • Global Moderators
  • PipPipPipPipPipPipPip
  • 29,831 posts

Posted 08 September 2017 - 09:27 AM

Is this the message you got that makes you say that you are affected?  Not sure if this is just a "maybe," or should be considered a "yes." 
 
 
"Based on the information provided, we believe that your personal information may have been impacted by this incident."
 
EDIT - Either way, I began enrollment in the free identity theft protection they're offering.  Thanks for sharing this link, NG.


That was the same message I got.

#10 Marv's Neighbor

Marv's Neighbor

    Veteran

  • Members
  • PipPipPipPipPip
  • 4,580 posts

Posted 08 September 2017 - 10:08 AM

 

Is this the message you got that makes you say that you are affected?  Not sure if this is just a "maybe," or should be considered a "yes." 

 

 

"Based on the information provided, we believe that your personal information may have been impacted by this incident."

 

EDIT - Either way, I began enrollment in the free identity theft protection they're offering.  Thanks for sharing this link, NG.

Yes, we've both enrolled too BUT is that enough?   I remember 10 years ago, or so, when the Chinese hacked into the OMB data, we were both informed of that too.  Just informed, no apology or offer of protection, but I never saw anything happen from that, so will this be the same? 



#11 Nervous Guy

Nervous Guy

    Me and my Best Buddy

  • Administrators
  • PipPipPipPipPipPip
  • 8,782 posts

Posted 08 September 2017 - 10:38 AM

 

Is this the message you got that makes you say that you are affected?  Not sure if this is just a "maybe," or should be considered a "yes." 

 

 

"Based on the information provided, we believe that your personal information may have been impacted by this incident."

 

EDIT - Either way, I began enrollment in the free identity theft protection they're offering.  Thanks for sharing this link, NG.

Got that for my wife and I, it's a yes...my daughters said they have not been impacted...that was a no


Yes, we've both enrolled too BUT is that enough?   I remember 10 years ago, or so, when the Chinese hacked into the OMB data, we were both informed of that too.  Just informed, no apology or offer of protection, but I never saw anything happen from that, so will this be the same? 

nope...they are actually giving you protection AND I think insurance too...what people really need to do is do a SECURITY FREEZE of their credit...no applications will be accepted without them contacting you and verifying, if you want to for example take out a new loan, you have to unfreeze, fill out the application have them run the check and then refreeze it.  A pain but worth it.  I think it lasts 7 years....our is about it expire.



#12 Seasons1992

Seasons1992

    RFA

  • Members
  • PipPipPipPip
  • 670 posts

Posted 08 September 2017 - 11:10 AM

I also would like to know how to do the security freeze. I just enrolled in that TrustID program, I have to finish it on 9/11.



#13 Gugny

Gugny

    TACOCAT

  • Members
  • PipPipPipPipPipPip
  • 13,929 posts

Posted 08 September 2017 - 11:15 AM

Security Freeze Info:

 

https://www.consumer...dit-freeze-faqs



#14 shrader

shrader

    Pleased but sticky

  • Members
  • PipPipPipPipPip
  • 5,886 posts

Posted 08 September 2017 - 11:42 AM

Does anyone not get the "may have been impacted" message?  I get the feeling they're just telling that to everyone.



#15 Nervous Guy

Nervous Guy

    Me and my Best Buddy

  • Administrators
  • PipPipPipPipPipPip
  • 8,782 posts

Posted 08 September 2017 - 11:48 AM

Does anyone not get the "may have been impacted" message?  I get the feeling they're just telling that to everyone.

As I stated above (twice...does anyone read my posts?)...my wife and I got that message but my daughters did not.



#16 Boyst62

Boyst62

    Hall of Farmer

  • Members
  • PipPipPipPipPipPipPip
  • 32,680 posts

Posted 08 September 2017 - 11:48 AM

I have a feeling this is just in time. All those in Florida will be able to get lots of new stuff!

#17 Nervous Guy

Nervous Guy

    Me and my Best Buddy

  • Administrators
  • PipPipPipPipPipPip
  • 8,782 posts

Posted 08 September 2017 - 12:14 PM

Well that didn't take long...a class action suit has been filed.

 

In the article I found this especially interesting....."three senior executives sold about $1.7 million in stock in the days following the discovery of the hack. A spokeswoman for Equifax said the men “had no knowledge that an intrusion had occurred at the time.”    Yeah right.

 

http://www.msn.com/e...vtWk?li=BBnbfcN



#18 Canadian Bills Fan

Canadian Bills Fan

    When it's too tough for them it's just right for us

  • Global Moderators
  • PipPipPipPipPipPip
  • 11,245 posts

Posted 08 September 2017 - 12:16 PM

Im safe wohoo!

 

 

 

 

CBF



#19 BuffaloBud

BuffaloBud

    Passerby

  • Members
  • PipPipPipPipPip
  • 2,544 posts

Posted 08 September 2017 - 12:39 PM

Link was noted in today's paper.  Clear here.



#20 joesixpack

joesixpack

    #feelsgoodman

  • Members
  • PipPipPipPipPipPipPip
  • 38,560 posts

Posted 08 September 2017 - 01:03 PM

Also, how nice of equifax to let people know 2 months after the breach.

 

<_<