Credit Freeze & other Info

Status
Not open for further replies.
The problem with this breach is that the information is useful to the bad guys for the rest of time. Unless companies start using some extra piece of private information to approve credit, then you have to keep credit freezes active for the rest of your life.

It looks like some of the freezes expire after 7 years so you have to remind yourself to renew.

If the hackers are smart then they'll sit on the leaked info until 2025 and then start using it when everyone has forgotten and the credit freezes from now have expired.

And on a side note, nobody has yet proven that this information is in the hands of malicious individuals, so the panic it is causing could be unnecessary. Not saying we are safe, but I have concerns about "taking action now" when there is no hard proof of an actual threat yet.
 
Originally Posted By: friendly_jacek
yeah, i did most of that, but for the record, credit freeze is not free. $10 per agency in my state. only equifax waived their fee.


Then you pay again periodically to unfreeze and refreeze.
 
Originally Posted By: Reddy45
The problem with this breach is that the information is useful to the bad guys for the rest of time. Unless companies start using some extra piece of private information to approve credit, then you have to keep credit freezes active for the rest of your life.


And on a side note, nobody has yet proven that this information is in the hands of malicious individuals, so the panic it is causing could be unnecessary. Not saying we are safe, but I have concerns about "taking action now" when there is no hard proof of an actual threat yet.


I would imagine that the hackers are "malicious individuals"....why else would they bother hacking the info?
 
Originally Posted By: pbm
Originally Posted By: Reddy45
The problem with this breach is that the information is useful to the bad guys for the rest of time. Unless companies start using some extra piece of private information to approve credit, then you have to keep credit freezes active for the rest of your life.


And on a side note, nobody has yet proven that this information is in the hands of malicious individuals, so the panic it is causing could be unnecessary. Not saying we are safe, but I have concerns about "taking action now" when there is no hard proof of an actual threat yet.


I would imagine that the hackers are "malicious individuals"....why else would they bother hacking the info?


They could have hacked for the sake of doing the hack - bragging rights or intellectual curiosity. Alternatively they could have done the hack to hold the data ransom in exchange for money or other resources.

These details are not known or aren't exposed so we cannot positively say that the breached data is in the hands of people who plan on doing fraudulent tax returns or opening up credit cards.

It is very common nowadays for malware to not destroy your data but to encrypt it and put it up as ransom for Bitcoin, which is why I do not believe that anyone smart enough to exploit an Apache Struts system for this data would simply use the data at face value.

For all we know, the hackers could have notified Equifax officials of the breach and given them a chance to buy it back for a large amount of money.

So to go back to the original point -- there is nothing wrong with putting a freeze on your accounts and going into full defense mode, but we don't know if or when they'll strike.

We simply don't have all the details for anyone to make a strategic decision.
 
Originally Posted By: Reddy45
The problem with this breach is that the information is useful to the bad guys for the rest of time. Unless companies start using some extra piece of private information to approve credit, then you have to keep credit freezes active for the rest of your life.

It looks like some of the freezes expire after 7 years so you have to remind yourself to renew.

If the hackers are smart then they'll sit on the leaked info until 2025 and then start using it when everyone has forgotten and the credit freezes from now have expired.

And on a side note, nobody has yet proven that this information is in the hands of malicious individuals, so the panic it is causing could be unnecessary. Not saying we are safe, but I have concerns about "taking action now" when there is no hard proof of an actual threat yet.


Most ridiculous sentence in your post. This information is said to be worth $30.00/pop (X145 million names) on the "dark web". They didn't steal it for bragging rights.....


For those "not taking actions now-I know guys that change their own oil are cheap-but for the $30.00 or $40.00 it cost to freeze your credit-the action could potentially save you 100's hours of headaches.

Somethings not right here.....
 
Last edited:
Originally Posted By: CKN
Originally Posted By: Reddy45
The problem with this breach is that the information is useful to the bad guys for the rest of time. Unless companies start using some extra piece of private information to approve credit, then you have to keep credit freezes active for the rest of your life.

It looks like some of the freezes expire after 7 years so you have to remind yourself to renew.

If the hackers are smart then they'll sit on the leaked info until 2025 and then start using it when everyone has forgotten and the credit freezes from now have expired.

And on a side note, nobody has yet proven that this information is in the hands of malicious individuals, so the panic it is causing could be unnecessary. Not saying we are safe, but I have concerns about "taking action now" when there is no hard proof of an actual threat yet.


Most ridiculous sentence in your post. This information is said to be worth $30.00/pop (X145 million names) on the "dark web". They didn't steal it for bragging rights.....


For those "not taking actions now-I know guys that change their own oil are cheap-but for the $30.00 or $40.00 it cost to freeze your credit-the action could potentially save you 100's hours of headaches.

Somethings not right here.....


Feel free to link me to something that tells us the information is in malicious hands. Until then I will keep an open mind about the situation.
 
Originally Posted By: Reddy45
Feel free to link me to something that tells us the information is in malicious hands. Until then I will keep an open mind about the situation.


Sure, here you go:

Link
 
Originally Posted By: Reddy45
Originally Posted By: CKN
Originally Posted By: Reddy45
The problem with this breach is that the information is useful to the bad guys for the rest of time. Unless companies start using some extra piece of private information to approve credit, then you have to keep credit freezes active for the rest of your life.

It looks like some of the freezes expire after 7 years so you have to remind yourself to renew.

If the hackers are smart then they'll sit on the leaked info until 2025 and then start using it when everyone has forgotten and the credit freezes from now have expired.

And on a side note, nobody has yet proven that this information is in the hands of malicious individuals, so the panic it is causing could be unnecessary. Not saying we are safe, but I have concerns about "taking action now" when there is no hard proof of an actual threat yet.


Most ridiculous sentence in your post. This information is said to be worth $30.00/pop (X145 million names) on the "dark web". They didn't steal it for bragging rights.....


For those "not taking actions now-I know guys that change their own oil are cheap-but for the $30.00 or $40.00 it cost to freeze your credit-the action could potentially save you 100's hours of headaches.

Somethings not right here.....


Feel free to link me to something that tells us the information is in malicious hands. Until then I will keep an open mind about the situation.



Unbelievable.....
 
Originally Posted By: Reddy45


Feel free to link me to something that tells us the information is in malicious hands. Until then I will keep an open mind about the situation.


No linking necessary, if you truly believe what you're saying then you're just plain wrong that's all. There are cyber attacks on America and her economic infrastructure going on 24/7. Just plain fact. Some state sponsored, some free lancers, but most are concerted efforts by criminal syndicates.

I deal with representatives of the finance sector on a regular basis. Some are sharp and aware of security risks both cyber and brick/mortar, but an alarming number of them I've interacted with are pretty clueless about security and fraud issues and are all about customer happiness and sales sales sales to the exclusion of all else. I've explained the m.o. of how mail theft and check counterfeiting rings engage in organized bank fraud using street people as runners, detailed various best practices for cyber security, and had good receptive attentive audiences and I've given same info in presentations to upper mgt bean counters and corp sales big wigs and received blank stares and yawns. My guess is Equifax likely has more than it's fair share of the latter.
 
Originally Posted By: Mr Nice
You can freeze your credit and set up a PIN when you get your free annual credit report online.



Yes-but if it's been less than 12 months since you got your free "annual" credit report-I'm not sure what your point is.

I spent 1 1/2 hours freezing both my wife's and I credit report. Equifax is not charging right now-the other sites are. However-there is a move going on in Washington with a bill that will provide free freezing and thawing-and refunds to those of us who already have spent money doing this. Of course-if the bill passes.

The point being that the credit agencies make a ton of money selling our info-yet we have no control over who sees it UNLESS WE PAY and when you consider this is all done online-the costs to freeze your credit is minimal to whatever agency.
 
Last edited:
Several years ago, I put a "fraud alert" on all three of my CR after an incident with my credit. This requires a phone call from any credit lending agency to my phone of record by a third party and to review some private information with them on file before the credit can be extended. It was free and does not seem to "fall off" after several years. I'm very glad I have it!

None the less, I plan on looking into LifeLock (for just in case).
 
Originally Posted By: Reddy45
Feel free to link me to something that tells us the information is in malicious hands. Until then I will keep an open mind about the situation.


There *IS* a chance the info isn't in malicious hands.... it's just a VERY, VERY small one.

Like.... 100,000,000 to 1 (or greater)
 
Originally Posted By: Linctex
Originally Posted By: Reddy45
Feel free to link me to something that tells us the information is in malicious hands. Until then I will keep an open mind about the situation.


There *IS* a chance the info isn't in malicious hands.... it's just a VERY, VERY small one.

Like.... 100,000,000 to 1 (or greater)



Yes Reddy45's statement is the number one outlandish statement I have read on BITOG. Second place is when a poster stated his car has less rolling resistance (he could tell) when he changed the rear differential fluid.
 
Originally Posted By: WhizkidTN
Several years ago, I put a "fraud alert" on all three of my CR after an incident with my credit. This requires a phone call from any credit lending agency to my phone of record by a third party and to review some private information with them on file before the credit can be extended. It was free and does not seem to "fall off" after several years. I'm very glad I have it!


i did that too, but it's limited to 90 days (1 year if deployed overseas) and has to be renewed. Also you contact just 1 agency and they share the fraud alert.
 
Status
Not open for further replies.
Back
Top