Up to 143M US consumers exposed in Equifax hack, could impact iPhone buyers

135

Comments

  • Reply 41 of 85
    mrboba1 said:
    That's not even possible. All you enter is a last name and partial SSN. If someone else checks your info there is no agreement to their terms. You'd have to sign up for their monitoring service.
    Yes it is. You are using a service on the website by checking to see if your information was hacked. The TOS applies to that. That's why people are reporting you can waive your rights to sue. 
    baconstang
  • Reply 42 of 85
    It sure did take them a while to disclose this info, probably more than enough time for he CEO to dump stock.
    I take your point about the CEO/CFO stock dump. But I think they went to the Feds right away and the Feds wanted to do some forensic work before letting the perps know they were aware of the hack. I may be wrong about all that! :)
  • Reply 43 of 85
    Soli said:
    Soli said:
    Soli said:
    Soli said:
    I'm not seeing that. I put in my surname, the last 6 of my SSN, and clicked the box to prove I'm not a robot. I don't recall agreeing to anything else.
    It's there. You agree to waive your rights using the website. When you go to the site to check if you were affected, there is terms of service section on the bottom. When you click on the terms of service, read section 4. 

    https://www.equifaxsecurity2017.com/potential-impact/
    I looked it over but I’m not seeing what you say exists. Can you not simply copy the sentence or paragraph that stated that says my rights are waived by simply “using the website” without even signing up for the service or agreeing to their terms of service? Can you also explain how “using the website” legally binds you to anything?
    It says this right at the top:

    What are the Terms of Use for Equifax?


    Below you will find our Product Terms of Use and the Site Terms of Use when using the Equifax website. You can also review our Privacy Policy, which provides information regarding our handling of any personal information that you may provide to us.

    On section 4, it says this:

    AGREEMENT TO RESOLVE ALL DISPUTES BY BINDING INDIVIDUAL ARBITRATION. PLEASE READ THIS ENTIRE SECTION CAREFULLY BECAUSE IT AFFECTS YOUR LEGAL RIGHTS BY REQUIRING ARBITRATION OF DISPUTES (EXCEPT AS SET FORTH BELOW) AND A WAIVER OF THE ABILITY TO BRING OR PARTICIPATE IN A CLASS ACTION, CLASS ARBITRATION, OR OTHER REPRESENTATIVE ACTION. ARBITRATION PROVIDES A QUICK AND COST EFFECTIVE MECHANISM FOR RESOLVING DISPUTES, BUT YOU SHOULD BE AWARE THAT IT ALSO LIMITS YOUR RIGHTS TO DISCOVERY AND APPEAL.

    I don't see how this would hold up in court if you are just simply checking to see if you were affected by the data breach. Signing up for the service, that could hold up in court. 
    Where does it say this? Why can’t you simply quote the sentence that says “using the website” protects them from being sued even without ever agreeing to their terms of service?
    It doesn't say that flat out but that's what it means reading the terms. You are agreeing to the terms of the website by using it. Terms of service on websites are enforceable. You technically don't have to agree to anything either. Legally enforcing the terms is another issue though. 
    Again, you still haven’t shown me any information that details what you claim. You said it’s posted at the top and posted something below which I can see nothing that claims I can’t use them for having even read the terms of agreement, since that’s located on their website.

    if this is so clear cut to you why can’t you detail any sentence that says I can’t sue them for “using the website”? What I read is that if I sign up for their service and agree to their terms that I also won’t be able to sue them.

    Look, this is a major hack and people should be concerned, and then you have the execs selling their stock days before which needs the SEC looking into it; and then terms of service saying that by getting the free credit check service for a year that you waive your right to sue, which is boiler plate yet still a dick move to include, but let's not add gasoline to this fire.
    By checking to see if you were hacked, you are essentially using a service on Equifax's website. TOS covers that and it does say you waive your right to sue. That's why not only me but other news sites are saying the same thing as well. I'm not talking about the monitoring service they are offering. I did see a lawyer chime in on Twitter and say those TOS are not enforceable and apparently he's contacted Equifax to remove that wording from the website. 
    baconstang
  • Reply 44 of 85
    SoliSoli Posts: 9,380member
    . . .
    edited September 2017
  • Reply 45 of 85
    SoliSoli Posts: 9,380member
    Soli said:
    Soli said:
    Soli said:
    Soli said:
    I'm not seeing that. I put in my surname, the last 6 of my SSN, and clicked the box to prove I'm not a robot. I don't recall agreeing to anything else.
    It's there. You agree to waive your rights using the website. When you go to the site to check if you were affected, there is terms of service section on the bottom. When you click on the terms of service, read section 4. 

    https://www.equifaxsecurity2017.com/potential-impact/
    I looked it over but I’m not seeing what you say exists. Can you not simply copy the sentence or paragraph that stated that says my rights are waived by simply “using the website” without even signing up for the service or agreeing to their terms of service? Can you also explain how “using the website” legally binds you to anything?
    It says this right at the top:

    What are the Terms of Use for Equifax?


    Below you will find our Product Terms of Use and the Site Terms of Use when using the Equifax website. You can also review our Privacy Policy, which provides information regarding our handling of any personal information that you may provide to us.

    On section 4, it says this:

    AGREEMENT TO RESOLVE ALL DISPUTES BY BINDING INDIVIDUAL ARBITRATION. PLEASE READ THIS ENTIRE SECTION CAREFULLY BECAUSE IT AFFECTS YOUR LEGAL RIGHTS BY REQUIRING ARBITRATION OF DISPUTES (EXCEPT AS SET FORTH BELOW) AND A WAIVER OF THE ABILITY TO BRING OR PARTICIPATE IN A CLASS ACTION, CLASS ARBITRATION, OR OTHER REPRESENTATIVE ACTION. ARBITRATION PROVIDES A QUICK AND COST EFFECTIVE MECHANISM FOR RESOLVING DISPUTES, BUT YOU SHOULD BE AWARE THAT IT ALSO LIMITS YOUR RIGHTS TO DISCOVERY AND APPEAL.

    I don't see how this would hold up in court if you are just simply checking to see if you were affected by the data breach. Signing up for the service, that could hold up in court. 
    Where does it say this? Why can’t you simply quote the sentence that says “using the website” protects them from being sued even without ever agreeing to their terms of service?
    It doesn't say that flat out but that's what it means reading the terms. You are agreeing to the terms of the website by using it. Terms of service on websites are enforceable. You technically don't have to agree to anything either. Legally enforcing the terms is another issue though. 
    Again, you still haven’t shown me any information that details what you claim. You said it’s posted at the top and posted something below which I can see nothing that claims I can’t use them for having even read the terms of agreement, since that’s located on their website.

    if this is so clear cut to you why can’t you detail any sentence that says I can’t sue them for “using the website”? What I read is that if I sign up for their service and agree to their terms that I also won’t be able to sue them.

    Look, this is a major hack and people should be concerned, and then you have the execs selling their stock days before which needs the SEC looking into it; and then terms of service saying that by getting the free credit check service for a year that you waive your right to sue, which is boiler plate yet still a dick move to include, but let's not add gasoline to this fire.
    By checking to see if you were hacked, you are essentially using a service on Equifax's website. TOS covers that and it does say you waive your right to sue. That's why not only me but other news sites are saying the same thing as well. I'm not talking about the monitoring service they are offering. I did see a lawyer chime in on Twitter and say those TOS are not enforceable and apparently he's contacted Equifax to remove that wording from the website. 
    YOU MUST ACCEPT THE TERMS OF THIS AGREEMENT BEFORE YOU WILL BE PERMITTED TO REGISTER FOR AND PURCHASE ANY PRODUCT FROM THIS SITE.

    Loading a URL, or as you call it "using a website" is not accepting any terms of the agreement and not registering for anything. You can't be that fucking dense about boilerplate legalese. You should also know that legal documents that aren't clear lean toward the one that didn't write the damn document. They are fucking clear and you have still not shown a single sentence that that says that "using the website" means that you can't sue them even if you've never agreed to any terms or conditions. Do you even understand why there are checkboxes for digital agreement that won't let you proceed until they are checked? Why the fuck are you trying to make a bad situation even worse? What the fuck do you get embellishing an already concerning issue?
    StrangeDays
  • Reply 46 of 85
    You all may be interested in reading Ars Technica's excellent analysis of this, including their reporting that the website Equifax has set up for people to check their status is, itself, insecure and eminently hackable!

    See "Why the Equifax breach is very possibly the worst leak of personal info ever"

    longpathbaconstang
  • Reply 47 of 85
    arybaryba said:
    nht said:
    Well that's pretty bogus...you need to wait for an "enrollment date" to enroll for their identity theft protection.  Im guessing they hope you forget to do so.
    Pretty ironic that a company that few, if any of us actually do business with and charged with telling the banks that we're "credit worthy" is involved in such an enormous screw up. You're absolutely right though. They DO hope you'll forget. They even tell you to make a note to sign up, because you won't get another notice reminding you to do so. Then on top of that, as SoundJudgment points out, all you get is a "yup, you're screwed" without any additional information and a year of monitoring, is ridiculous. You're data is out there forever. This is way worse than Target, Home Depot, etc.
    Kinda like when you look for a job that you're perfectly qualified for and they tell you "we think you have great qualifications but we think you might be over qualified and you will get bored"
    longpath
  • Reply 48 of 85
    It's pretty clear that merely going to that webpage to check on your account commits you to nothing!

    The Terms of Usage quoted above clearly states that one is permitted to "register for and purchase any product from this site":

    "YOU MUST ACCEPT THE TERMS OF THIS AGREEMENT, INCLUDING THE ARBITRATION AGREEMENT CONTAINED IN SECTION 4 BELOW, BEFORE YOU WILL BE PERMITTED TO REGISTER FOR AND PURCHASE ANY PRODUCT FROM THIS SITE."

    It continues

    BY REGISTERING ON THIS SITE AND SUBMITTING YOUR ORDER..."

    If someone checks their status, they have NOT registered for or purchased any product from the Equifax site, they have not submitted any order, etc.

    In fact, anyone who goes to that website never receives any terms to agree to, so that nothing can be construed as a contract.  

    The more serious issue is that even that website is insecure!

    Has anyone seen the terms of the 1-year monitoring?  That's the scarier, more outrageous "solution" if, indeed, it includes waiving your right to sue!

    Freeze, baby, freeze!   Of course, even freezing an account can require agreeing to waive your right to sue.  If so, lawyers and Congress should get involved and put an end to it-- let's hope they do!

    longpathSoliStrangeDaysmrboba1
  • Reply 49 of 85
    RacerhomieXRacerhomieX Posts: 95unconfirmed, member
    Sue the Living crap out of them! They deserve no Mercy.
    They must have been using Windows 98 , and said ,Microsoft will protect us!
  • Reply 50 of 85
    Soli said:
    Soli said:
    Soli said:
    Soli said:
    Soli said:
    I'm not seeing that. I put in my surname, the last 6 of my SSN, and clicked the box to prove I'm not a robot. I don't recall agreeing to anything else.
    It's there. You agree to waive your rights using the website. When you go to the site to check if you were affected, there is terms of service section on the bottom. When you click on the terms of service, read section 4. 

    https://www.equifaxsecurity2017.com/potential-impact/
    I looked it over but I’m not seeing what you say exists. Can you not simply copy the sentence or paragraph that stated that says my rights are waived by simply “using the website” without even signing up for the service or agreeing to their terms of service? Can you also explain how “using the website” legally binds you to anything?
    It says this right at the top:

    What are the Terms of Use for Equifax?


    Below you will find our Product Terms of Use and the Site Terms of Use when using the Equifax website. You can also review our Privacy Policy, which provides information regarding our handling of any personal information that you may provide to us.

    On section 4, it says this:

    AGREEMENT TO RESOLVE ALL DISPUTES BY BINDING INDIVIDUAL ARBITRATION. PLEASE READ THIS ENTIRE SECTION CAREFULLY BECAUSE IT AFFECTS YOUR LEGAL RIGHTS BY REQUIRING ARBITRATION OF DISPUTES (EXCEPT AS SET FORTH BELOW) AND A WAIVER OF THE ABILITY TO BRING OR PARTICIPATE IN A CLASS ACTION, CLASS ARBITRATION, OR OTHER REPRESENTATIVE ACTION. ARBITRATION PROVIDES A QUICK AND COST EFFECTIVE MECHANISM FOR RESOLVING DISPUTES, BUT YOU SHOULD BE AWARE THAT IT ALSO LIMITS YOUR RIGHTS TO DISCOVERY AND APPEAL.

    I don't see how this would hold up in court if you are just simply checking to see if you were affected by the data breach. Signing up for the service, that could hold up in court. 
    Where does it say this? Why can’t you simply quote the sentence that says “using the website” protects them from being sued even without ever agreeing to their terms of service?
    It doesn't say that flat out but that's what it means reading the terms. You are agreeing to the terms of the website by using it. Terms of service on websites are enforceable. You technically don't have to agree to anything either. Legally enforcing the terms is another issue though. 
    Again, you still haven’t shown me any information that details what you claim. You said it’s posted at the top and posted something below which I can see nothing that claims I can’t use them for having even read the terms of agreement, since that’s located on their website.

    if this is so clear cut to you why can’t you detail any sentence that says I can’t sue them for “using the website”? What I read is that if I sign up for their service and agree to their terms that I also won’t be able to sue them.

    Look, this is a major hack and people should be concerned, and then you have the execs selling their stock days before which needs the SEC looking into it; and then terms of service saying that by getting the free credit check service for a year that you waive your right to sue, which is boiler plate yet still a dick move to include, but let's not add gasoline to this fire.
    By checking to see if you were hacked, you are essentially using a service on Equifax's website. TOS covers that and it does say you waive your right to sue. That's why not only me but other news sites are saying the same thing as well. I'm not talking about the monitoring service they are offering. I did see a lawyer chime in on Twitter and say those TOS are not enforceable and apparently he's contacted Equifax to remove that wording from the website. 
    YOU MUST ACCEPT THE TERMS OF THIS AGREEMENT BEFORE YOU WILL BE PERMITTED TO REGISTER FOR AND PURCHASE ANY PRODUCT FROM THIS SITE.

    Loading a URL, or as you call it "using a website" is not accepting any terms of the agreement and not registering for anything. You can't be that fucking dense about boilerplate legalese. You should also know that legal documents that aren't clear lean toward the one that didn't write the damn document. They are fucking clear and you have still not shown a single sentence that that says that "using the website" means that you can't sue them even if you've never agreed to any terms or conditions. Do you even understand why there are checkboxes for digital agreement that won't let you proceed until they are checked? Why the fuck are you trying to make a bad situation even worse? What the fuck do you get embellishing an already concerning issue?
    You are wrong. Lets set this Equifax issue aside for a moment. If you using a website that has terms of service, you are agreeing to the terms of service just by using that site. You don't actually have to click on something that you agree for it to be legally binding. In legal terms, that's called a browsewrap agreement. Of course each website which has a TOS has different terms so by using the site, you might not actually be agreeing to anything significant. Back to Equifax, I'm not trying to embellish anything. I read articles saying you could waive your rights to sue just by checking to see if you are a victim. The TOS applies to products and services. Checking to see if you are a victim could potentially mean you are using a service. Either way, Equifax has updated their site and says the terms of use does not apply to "the cybersecurity incident". 
    edited September 2017 baconstang
  • Reply 51 of 85
    sog35 said:
    This is a real shitstorm.


    One of the 'best' ways to counter this attack is to put a freeze on your credit.  You would need to do this with the 3 agencies.  And for most states that will cost you between $5-$10 per agency.  So a couple would have to pay $60 to freeze their credit because of the stupidity and gross negligence of Equifucks.

    But it gets better.  With your credit frozen you can't apply for any loans or new accounts. To do so you need to unfreeze your credit. Which will again cost you $60.  And once you get the loan you need to shell out another $60 to freeze the account again.

    But WAIT!!! IT GETS BETTER!!!

    When you freeze your credit you are give a PIN number that will allow you to unfreeze your credit.

    If somehow you lose the PIN you can request a new PIN by furnishing them information.

    AND GUESS WHAT INFORMATION THAT IS?????

    THE SAME FUCKING INFORMATION THAT WAS STOLEN IN THE BREACH.

    So theorectically you could pay $60 to freeze your account and some low life can request a new PIN to unfreeze your account by using the same information that was stolen.

    FUCK.

    There is a silver lining.  Hope this shit show FINALLY brings an end to relying so heavily on stupid ass information like SSN and DOB.  We need 2 factor authorization or some other biometric identity standard for opening up new accounts or loans.
    The cheapest solution is placing a fraud alert on your credit report. Doing that is free. A fraud alert is placed for 90 days, but you can extend that. With a fraud alert, if someone tries to open an account in your name, the business has to take more steps to verify your identity. 
  • Reply 52 of 85
    mrboba1 said:
    Soli said:
    Soli said:
    Soli said:
    I'm not seeing that. I put in my surname, the last 6 of my SSN, and clicked the box to prove I'm not a robot. I don't recall agreeing to anything else.
    It's there. You agree to waive your rights using the website. When you go to the site to check if you were affected, there is terms of service section on the bottom. When you click on the terms of service, read section 4. 

    https://www.equifaxsecurity2017.com/potential-impact/
    I looked it over but I’m not seeing what you say exists. Can you not simply copy the sentence or paragraph that stated that says my rights are waived by simply “using the website” without even signing up for the service or agreeing to their terms of service? Can you also explain how “using the website” legally binds you to anything?
    It says this right at the top:

    What are the Terms of Use for Equifax?


    Below you will find our Product Terms of Use and the Site Terms of Use when using the Equifax website. You can also review our Privacy Policy, which provides information regarding our handling of any personal information that you may provide to us.

    On section 4, it says this:

    AGREEMENT TO RESOLVE ALL DISPUTES BY BINDING INDIVIDUAL ARBITRATION. PLEASE READ THIS ENTIRE SECTION CAREFULLY BECAUSE IT AFFECTS YOUR LEGAL RIGHTS BY REQUIRING ARBITRATION OF DISPUTES (EXCEPT AS SET FORTH BELOW) AND A WAIVER OF THE ABILITY TO BRING OR PARTICIPATE IN A CLASS ACTION, CLASS ARBITRATION, OR OTHER REPRESENTATIVE ACTION. ARBITRATION PROVIDES A QUICK AND COST EFFECTIVE MECHANISM FOR RESOLVING DISPUTES, BUT YOU SHOULD BE AWARE THAT IT ALSO LIMITS YOUR RIGHTS TO DISCOVERY AND APPEAL.

    I don't see how this would hold up in court if you are just simply checking to see if you were affected by the data breach. Signing up for the service, that could hold up in court. 
    Where does it say this? Why can’t you simply quote the sentence that says “using the website” protects them from being sued even without ever agreeing to their terms of service?
    It doesn't say that flat out but that's what it means reading the terms. You are agreeing to the terms of the website by using it. Terms of service on websites are enforceable. You technically don't have to agree to anything either. Legally enforcing the terms is another issue though. 
    Bro. That's to purchase their products.
    "THIS PRODUCT AGREEMENT AND TERMS OF USE ("AGREEMENT") CONTAINS THE TERMS AND CONDITIONS UPON WHICH YOU MAY PURCHASE AND USE OUR PRODUCTS THROUGH THE WWW.EQUIFAX.COM, WWW.IDENTITYPROTECTION.COM AND WWW.IDPROTECTION.COM WEBSITES AND ALL OTHER WEBSITES OWNED AND OPERATED BY EQUIFAX AND ITS AFFILIATES ("SITE"). YOU MUST ACCEPT THE TERMS OF THIS AGREEMENT, INCLUDING THE ARBITRATION AGREEMENT CONTAINED IN SECTION 4 BELOW, BEFORE YOU WILL BE PERMITTED TO REGISTER FOR AND PURCHASE ANY PRODUCT FROM THIS SITE. BY REGISTERING ON THIS SITE AND SUBMITTING YOUR ORDER, YOU ARE ACKNOWLEDGING ELECTRONIC RECEIPT OF, AND YOUR AGREEMENT TO BE BOUND BY, THIS AGREEMENT. YOU ALSO AGREE TO BE BOUND BY THIS AGREEMENT BY USING OR PAYING FOR OUR PRODUCTS OR TAKING OTHER ACTIONS THAT INDICATE ACCEPTANCE OF THIS AGREEMENT."

    If people are going to quote an agreement, they really should read the entire agreement. This above is the very first thing in their terms of use, in which you quote #4.

    I did read that. If you are looking to see if you were hacked, that means you are using their services, which the terms of service applies too. 
    I think you're incorrect. I'm fairly certain they're referring to the purchased product accessed through their web properties which require sign-up, authentication, click agreement, etc.

    As has been noted, anybody can enter a last-lame and partial SSN, so there's absolutely no way this simple tool can be covered in that agreement since it doesn't identify the user. 

    You said Equifax even clarified to that effect, that clearly your initial interpretation is incorrect.
    edited September 2017 mrboba1
  • Reply 53 of 85
    nhtnht Posts: 4,496member
    sog35 said:
    This is a real shitstorm.


    One of the 'best' ways to counter this attack is to put a freeze on your credit.  You would need to do this with the 3 agencies.  And for most states that will cost you between $5-$10 per agency.  So a couple would have to pay $60 to freeze their credit because of the stupidity and gross negligence of Equifucks.

    But it gets better.  With your credit frozen you can't apply for any loans or new accounts. To do so you need to unfreeze your credit. Which will again cost you $60.  And once you get the loan you need to shell out another $60 to freeze the account again.

    But WAIT!!! IT GETS BETTER!!!

    When you freeze your credit you are give a PIN number that will allow you to unfreeze your credit.

    If somehow you lose the PIN you can request a new PIN by furnishing them information.

    AND GUESS WHAT INFORMATION THAT IS?????

    THE SAME FUCKING INFORMATION THAT WAS STOLEN IN THE BREACH.

    So theorectically you could pay $60 to freeze your account and some low life can request a new PIN to unfreeze your account by using the same information that was stolen.

    FUCK.

    There is a silver lining.  Hope this shit show FINALLY brings an end to relying so heavily on stupid ass information like SSN and DOB.  We need 2 factor authorization or some other biometric identity standard for opening up new accounts or loans.
    Putting a freeze on is like buying a burglar alarm. It won't stop the pros but it may make you annoying enough to skip and just hit the next victim.
  • Reply 54 of 85
    SoliSoli Posts: 9,380member
    nht said:
    sog35 said:
    This is a real shitstorm.


    One of the 'best' ways to counter this attack is to put a freeze on your credit.  You would need to do this with the 3 agencies.  And for most states that will cost you between $5-$10 per agency.  So a couple would have to pay $60 to freeze their credit because of the stupidity and gross negligence of Equifucks.

    But it gets better.  With your credit frozen you can't apply for any loans or new accounts. To do so you need to unfreeze your credit. Which will again cost you $60.  And once you get the loan you need to shell out another $60 to freeze the account again.

    But WAIT!!! IT GETS BETTER!!!

    When you freeze your credit you are give a PIN number that will allow you to unfreeze your credit.

    If somehow you lose the PIN you can request a new PIN by furnishing them information.

    AND GUESS WHAT INFORMATION THAT IS?????

    THE SAME FUCKING INFORMATION THAT WAS STOLEN IN THE BREACH.

    So theorectically you could pay $60 to freeze your account and some low life can request a new PIN to unfreeze your account by using the same information that was stolen.

    FUCK.

    There is a silver lining.  Hope this shit show FINALLY brings an end to relying so heavily on stupid ass information like SSN and DOB.  We need 2 factor authorization or some other biometric identity standard for opening up new accounts or loans.
    Putting a freeze on is like buying a burglar alarm. It won't stop the pros but it may make you annoying enough to skip and just hit the next victim.
    That's all any internet security measure does. No gazelle is ever safe from attack, but if you're not the slowest of the herd you're much less likely to become prey.
  • Reply 55 of 85
    sog35 said:
    sog35 said:
    This is a real shitstorm.


    One of the 'best' ways to counter this attack is to put a freeze on your credit.  You would need to do this with the 3 agencies.  And for most states that will cost you between $5-$10 per agency.  So a couple would have to pay $60 to freeze their credit because of the stupidity and gross negligence of Equifucks.

    But it gets better.  With your credit frozen you can't apply for any loans or new accounts. To do so you need to unfreeze your credit. Which will again cost you $60.  And once you get the loan you need to shell out another $60 to freeze the account again.

    But WAIT!!! IT GETS BETTER!!!

    When you freeze your credit you are give a PIN number that will allow you to unfreeze your credit.

    If somehow you lose the PIN you can request a new PIN by furnishing them information.

    AND GUESS WHAT INFORMATION THAT IS?????

    THE SAME FUCKING INFORMATION THAT WAS STOLEN IN THE BREACH.

    So theorectically you could pay $60 to freeze your account and some low life can request a new PIN to unfreeze your account by using the same information that was stolen.

    FUCK.

    There is a silver lining.  Hope this shit show FINALLY brings an end to relying so heavily on stupid ass information like SSN and DOB.  We need 2 factor authorization or some other biometric identity standard for opening up new accounts or loans.
    The cheapest solution is placing a fraud alert on your credit report. Doing that is free. A fraud alert is placed for 90 days, but you can extend that. With a fraud alert, if someone tries to open an account in your name, the business has to take more steps to verify your identity. 
    but what are those extra steps?  
    When you put a fraud alert on, you have to supply a phone number. If someone tries to open an account in your name, the creditor will see the fraud alert and will have to call the number associated with the fraud alert to verify that it is actually you applying for a loan. 
  • Reply 56 of 85
    mrboba1 said:
    Soli said:
    Soli said:
    Soli said:
    I'm not seeing that. I put in my surname, the last 6 of my SSN, and clicked the box to prove I'm not a robot. I don't recall agreeing to anything else.
    It's there. You agree to waive your rights using the website. When you go to the site to check if you were affected, there is terms of service section on the bottom. When you click on the terms of service, read section 4. 

    https://www.equifaxsecurity2017.com/potential-impact/
    I looked it over but I’m not seeing what you say exists. Can you not simply copy the sentence or paragraph that stated that says my rights are waived by simply “using the website” without even signing up for the service or agreeing to their terms of service? Can you also explain how “using the website” legally binds you to anything?
    It says this right at the top:

    What are the Terms of Use for Equifax?


    Below you will find our Product Terms of Use and the Site Terms of Use when using the Equifax website. You can also review our Privacy Policy, which provides information regarding our handling of any personal information that you may provide to us.

    On section 4, it says this:

    AGREEMENT TO RESOLVE ALL DISPUTES BY BINDING INDIVIDUAL ARBITRATION. PLEASE READ THIS ENTIRE SECTION CAREFULLY BECAUSE IT AFFECTS YOUR LEGAL RIGHTS BY REQUIRING ARBITRATION OF DISPUTES (EXCEPT AS SET FORTH BELOW) AND A WAIVER OF THE ABILITY TO BRING OR PARTICIPATE IN A CLASS ACTION, CLASS ARBITRATION, OR OTHER REPRESENTATIVE ACTION. ARBITRATION PROVIDES A QUICK AND COST EFFECTIVE MECHANISM FOR RESOLVING DISPUTES, BUT YOU SHOULD BE AWARE THAT IT ALSO LIMITS YOUR RIGHTS TO DISCOVERY AND APPEAL.

    I don't see how this would hold up in court if you are just simply checking to see if you were affected by the data breach. Signing up for the service, that could hold up in court. 
    Where does it say this? Why can’t you simply quote the sentence that says “using the website” protects them from being sued even without ever agreeing to their terms of service?
    It doesn't say that flat out but that's what it means reading the terms. You are agreeing to the terms of the website by using it. Terms of service on websites are enforceable. You technically don't have to agree to anything either. Legally enforcing the terms is another issue though. 
    Bro. That's to purchase their products.
    "THIS PRODUCT AGREEMENT AND TERMS OF USE ("AGREEMENT") CONTAINS THE TERMS AND CONDITIONS UPON WHICH YOU MAY PURCHASE AND USE OUR PRODUCTS THROUGH THE WWW.EQUIFAX.COM, WWW.IDENTITYPROTECTION.COM AND WWW.IDPROTECTION.COM WEBSITES AND ALL OTHER WEBSITES OWNED AND OPERATED BY EQUIFAX AND ITS AFFILIATES ("SITE"). YOU MUST ACCEPT THE TERMS OF THIS AGREEMENT, INCLUDING THE ARBITRATION AGREEMENT CONTAINED IN SECTION 4 BELOW, BEFORE YOU WILL BE PERMITTED TO REGISTER FOR AND PURCHASE ANY PRODUCT FROM THIS SITE. BY REGISTERING ON THIS SITE AND SUBMITTING YOUR ORDER, YOU ARE ACKNOWLEDGING ELECTRONIC RECEIPT OF, AND YOUR AGREEMENT TO BE BOUND BY, THIS AGREEMENT. YOU ALSO AGREE TO BE BOUND BY THIS AGREEMENT BY USING OR PAYING FOR OUR PRODUCTS OR TAKING OTHER ACTIONS THAT INDICATE ACCEPTANCE OF THIS AGREEMENT."

    If people are going to quote an agreement, they really should read the entire agreement. This above is the very first thing in their terms of use, in which you quote #4.

    I did read that. If you are looking to see if you were hacked, that means you are using their services, which the terms of service applies too. 
    I think you're incorrect. I'm fairly certain they're referring to the purchased product accessed through their web properties which require sign-up, authentication, click agreement, etc.

    As has been noted, anybody can enter a last-lame and partial SSN, so there's absolutely no way this simple tool can be covered in that agreement since it doesn't identify the user. 

    You said Equifax even clarified to that effect, that clearly your initial interpretation is incorrect.
    Maybe I am wrong. Many people such as myself interpreted it as the TOS applied when you were using the site to check if you were a victim in the data breach. News sites reported the same thing. Apparently after attorneys had been contacting Equifax, they updated their FAQ section on the website to say it doesn't apply. Equifax also updated the TOS to give you an option to opt out of agreeing not to sue if you sign up for credit protection. 
    baconstang
  • Reply 57 of 85
    This is basically a scam by Equifax.  Think about things in this form:

    Equifax:  Do you want to sign up for Identity Theft Protection, etc? No.

    Equifax Internal:
    A.  We need to update our systems.
    B.  It's too expensive.
    C.  Well what if we get hacked?
    B.  Well if they didn't pay for protection, then it's not our fault.
    B.  And if they did pay then we'll give them the "coverage" and fix their problems.
    B.  Other than that, f-um, if they don't pay for protection, that's not our fault.
    C.  We did give them the chance, I suppose.
    B.  Exactly!

    I think there is a legal term for what this kind of scam is called?
  • Reply 58 of 85
    Soli said:
    I'm not seeing that. I put in my surname, the last 6 of my SSN, and clicked the box to prove I'm not a robot. I don't recall agreeing to anything else.
    It's there. You agree to waive your rights using the website. When you go to the site to check if you were affected, there is terms of service section on the bottom. When you click on the terms of service, read section 4. 

    https://www.equifaxsecurity2017.com/potential-impact/
    Depending on which state you're in, that limitation may be unenforceable. California, for example, doesn't allow this limitation (as far as I'm aware).
  • Reply 59 of 85

    longpath said:
    lkrupp said:
    Hopefully there will be a massive class action brought against Equifax. We should be compensated for the fear, uncertainty, and doubt this we will have to deal with. If our identities are stolen Equifax should be forced to fix it and compensate us even more. We're not dealing with some retailer who's data was hacked. This is one of the largest credit reporting agencies in the world and has data on us that no retailer would ever have. Equifax needs to pay dearly for its incompetence. The CEO can start off by resigning. Imagine the financial carnage this will cause. You want to buy a new car, or home, or iMac Pro, and your credit rating is in shambles.
    CEOs already started... by selling whole bunch of stock last month, that is, between the day they could have potentially known about the breach and before the day the breach was announced.. And, of course, that stock dump was not part of any investment plan... Yeah, just a coincidence, you know. Just three high level guys decided to dump a lot of shares for no reason.
    In addition to a class action suit, that also names those exec personally, they should be investigated for insider trading, as there is certainly probable cause to justify an investigation.
    I just read that they will be hauled before Congress for questioning.

    The real problem here is that Social Security numbers are treated in a cavalier manner and tied to everything from "A" to "Z" in our society... job applications, credit applications, loan applications, medical records, utility bills, etc.

    Individual records should instead be controlled by US, not THEM. We should be able to lock out or allow the review of our personal information at any time for any purpose. And we should be able to issue alternative numbers for single-purpose cases, such as getting a loan or whatever. 

    I think it's time to retire the Social Security number completely and open this up to blockchain innovation. In fact, this kind of thing is being addressed right now with IPFS:  https://ipfs.io/#uses
    edited September 2017 Soli
  • Reply 60 of 85
    apple2c said:
    I read a comment elsewhere that if you sign up for the 1-year monitoring, the fine print also says that you give up the right to sue Equifax! If true, that's scandalous! I hope Apple Insider investigates and reports back to us on that! In the meantime, just freeze your credit reports at each of the Big Three!
    Actually, it looks like you agree to one-on-one arbitration instead of joining a class-action lawsuit. For most people, they would be unable to spend the time and work with a lawyer for this. As I wrote before, I think this limitation does not hold water in every state.
Sign In or Register to comment.