quote:

Originally posted by ensigmatic:
newtoSig765 and any others who are interested: Here's a site that rates the various "identity theft and mitigation" services: Identity Theft Protection Reviews & Ratings

DO NOT just grab the ratings and run with the highest. Read about how they came to each, then look for other ratings, reviews, customer experiences, etc. Pick a plan that suits your exposure and needs.

Thanks! I'll look at them tonight.

I have not applied for credit in over ten years. Financed a car back then, don't use credit cards, trying to stay out of debt, so I don't know how vulnerable I am. Suspicious by nature, I also am hesitant to ask if I'm on the hacked list, since I may be exposing my data just by asking. I may talk to my bank Monday morning to get their opinion.

What do the monitoring companies do when you have a freeze on all three credit bureaus?

I had to kinda chuckle. Equifax's web page wants me to enter the last 6 digits of my SSN to see if I was affected. Uhhhhhh...excuse me. Fool me once, shame on you. Fool me twice......

I just thought it quite ironic to have to enter that data to find out if I'd been hacked. Didn't enter jack sh#t and exited the page. If anyone wants my paltry savings and CC access, they're gonna find a way to get it one way or the other.

With all these hacks and breaches, it bothers me that there are those who want our medical records available in the Cloud, or other globally accessible storage medium. Maybe that's already the case and I'm behind the times - but I hope not.
---------------------------------------------------------------------------------------------------
Who knows. Health insurance companies have released plenty of stuff. A defense contractor with Tricare had their hard drives stolen several years ago. Medical records with all identifying data including social security numbers.


Health insurance company Aetna “stunned” some of its customers last month when it accidentally made their HIV statuses visible from the outside of envelopes, two legal groups said Thursday.

The letters, which contained information about changes in pharmacy benefits and access to HIV medications, were sent to about 12,000 customers across multiple states, Aetna confirmed in a statement.

For some of these customers, a plastic window on the envelope exposed not only the patient’s name and address, but also a reference to filling prescriptions for HIV medications. This meant that whoever picked up the mail that day — a family member, a friend, a postal worker — would have been able to see the confidential information, according to the Legal Action Center and the AIDS Law Project of Pennsylvania. It is not known exactly how many customers were affected.

I'm affected. The last time was the OPM breach.

How do I make sure I get in on the class-action lawsuit?

quote:

Originally posted by Ackks:

quote:

That's what it does, all right. Now imagine what happens when a prospective lender tries to perform a credit check and finds a security freeze on the credit bureau of their choice?

What happens?

If they cannot get a credit report it's unlikely they'll extend the credit. Particularly when they're told "Nope. Can't have it. Security freeze."

quote:

Originally posted by ensigmatic:
Not unless they can get to the PINs needed to unfreeze them, which are stored in my encrypted keyring.

Brings up an odd thought. They have to store the PINs somewhere on their side (to know when someone puts in the right one)....right?

So either, a) the PINS are as much at risk as the other stuff, or

b) the PINs are stored somehow more securely than the data that got hacked (in which case, why didn't they use that approach on the other information?!?)

Neither alternative makes makes me feel better, somehow.

^^^^^

It's more likely that they store a hash of the PIN.

"Based on the information provided, we believe that your personal information may have been impacted by this incident."

Ahhh crap.

Froze all three this morning. Coincidentally, I was thinking about doing this last month because I was getting annoyed with paying for credit monitoring every month.

credit freeze has always been more effective than monitoring, the latter only reports it, the former prevents it. I don't think much is truly secure anymore, except perhaps secret military communications. But we probably wouldn't ever hear about a breach like that anyway.

Not long ago, I was on the phone with Schwab.

The rep proposed I use the voice identification system they have which identifies a customer by voice. I was assured it is very secure, works even when hoarse, can't be fooled by Rich Little type characters.

Any merit to something like this?

Apparently if you put your 6 digits in to see if your affected you waive your right to sue. Read the fine print. Thankfully my wife and I were not affected.


https://www.bloomberg.com/news...o-arbitration-clause

quote:

The rep proposed I use the voice identification system they have which identifies a customer by voice. I was assured it is very secure, works even when hoarse, can't be fooled by Rich Little type characters.

Hmmm. How about a recording of your voice?? I am always skeptical of these things. I do not know in this instance, but any system designed by man can be defeated. I am sure some tech savvy folks here will have a better answer.

quote:

Originally posted by DoctorSolo:
How do I make sure I get in on the class-action lawsuit?

Hint, wait for the class action people to do all the footwork, and then sue them as in individual, using their footwork as evidence and precedence.

quote:

Originally posted by ElToro:
Apparently if you put your 6 digits in to see if your affected you waive your right to sue. Read the fine print. Thankfully my wife and I were not affected.


https://www.bloomberg.com/news...o-arbitration-clause

Oh, good luck proving it was me who agreed to this, being how the information is "out there."

VPN and all, could have been anyone

As of a couple of minutes ago, Eqifux stock is down an additional 5%. Hope that it tanks completely.

New merger coming; EquiFargo

quote:

Originally posted by radioman:

quote:

Originally posted by ElToro:
Apparently if you put your 6 digits in to see if your affected you waive your right to sue. Read the fine print. Thankfully my wife and I were not affected.


https://www.bloomberg.com/news...o-arbitration-clause

Oh, good luck proving it was me who agreed to this, being how the information is "out there."

VPN and all, could have been anyone

Equifax has removed that and explicitly confirmed that it does not apply.

quote:

We’ve added an FAQ to our website to confirm that enrolling in the free credit file monitoring and identity theft protection that we are offering as part of this cybersecurity incident does not waive any rights to take legal action. We removed that language from the Terms of Use on the website, www.equifaxsecurity2017.com. The Terms of Use on www.equifax.com do not apply to the TrustedID Premier product being offered to consumers as a result of the cybersecurity incident.

https://www.equifaxsecurity2017.com/