Go Back  DVD Talk Forum > General Discussions > Other Talk
Reload this Page >

Giant Equifax data breach: 143 million people could be affected

Other Talk "Otterville" plus Religion/Politics

Giant Equifax data breach: 143 million people could be affected

Old 09-14-17, 10:26 PM
  #126  
DVD Talk Legend
 
Vibiana's Avatar
 
Join Date: Jan 2006
Location: Living in a van down by the river
Posts: 13,831
Re: Giant Equifax data breach: 143 million people could be affected

Originally Posted by Bandoman View Post
I hate the digital age. Old school here. I had to handwrite my drivers license application. FUCK MODERNITY!

Also, get off my lawn.
We all heard the wise words of the attorney.

Also, after spending half of last year on disability, resulting in a loss of nearly 1/4 of my income, anybody who wants my credit can fuckin' HAVE it.
Vibiana is online now  
Old 09-15-17, 07:52 AM
  #127  
DVD Talk Legend
 
Join Date: Feb 2000
Posts: 12,907
Re: Giant Equifax data breach: 143 million people could be affected

Originally Posted by Michael Corvin View Post
My brother works for ID Shield if anyone's looking to add a layer of protection.
I've been ID Shield for a while myself. Not that I really understand it. They send me an alert when my E-mail is used somewhere and I'm not sure what to do with that information.
Timber is offline  
Old 09-15-17, 11:49 AM
  #128  
DVD Talk Godfather
Thread Starter
 
Giantrobo's Avatar
 
Join Date: Apr 1999
Location: South Bay
Posts: 57,204
Re: Giant Equifax data breach: 143 million people could be affected

Originally Posted by Troy Stiffler View Post
Lifelock signups are 1000% up after the breach. I signed up. It got me to finally do it.

https://www.bloomberg.com/news/artic...s-jump-tenfold
A year or two ago my company added Lifelock as part of it's Benefits Package alongside Dental, Eye, Medical. Didn't sign up for it but it looks like I'll have to think harder about it when it's time to re-up benefits later this year.
Giantrobo is offline  
Old 09-15-17, 04:41 PM
  #129  
DVD Talk Legend
 
Bronkster's Avatar
 
Join Date: Aug 2002
Location: AnaheimLand, SoCal
Posts: 15,425
Re: Giant Equifax data breach: 143 million people could be affected

So, what happens when Lifelock gets hacked?
Bronkster is offline  
Old 09-15-17, 05:38 PM
  #130  
DVD Talk Legend
 
Obi-Wan Jabroni's Avatar
 
Join Date: Nov 2008
Location: Detroit
Posts: 10,661
Re: Giant Equifax data breach: 143 million people could be affected

You'd almost think that the person in charge of information security had no education in the matter.

Obi-Wan Jabroni is offline  
Old 09-15-17, 05:58 PM
  #131  
DVD Talk Hero
 
D.Pham4GLTE (>60GB)'s Avatar
 
Join Date: Jul 2001
Location: Stick out your tongue!
Posts: 39,276
Re: Giant Equifax data breach: 143 million people could be affected

Originally Posted by Bronkster View Post
So, what happens when Lifelock gets hacked?
One year free Lifelock!
D.Pham4GLTE (>60GB) is offline  
Old 09-15-17, 09:44 PM
  #132  
DVD Talk Platinum Edition
 
Join Date: Oct 2003
Posts: 3,499
Re: Giant Equifax data breach: 143 million people could be affected

And, drumroll... Any moment now, Lifelock will be increasing its rates 1000%. Of course, the bastards.

And, thanks to Mr. Corvin for posting some very useful links. Might help in reducing some of the bullshit in this worldly existence. Just maybe, perhaps.
zyzzle is offline  
Old 09-15-17, 09:55 PM
  #133  
DVD Talk Legend
 
Nick Danger's Avatar
 
Join Date: Mar 2001
Location: Albuquerque
Posts: 22,284
Re: Giant Equifax data breach: 143 million people could be affected

I tried to freeze my account at Equifax. There were errors. Then when I pushed the button again, in the third or fourth attempt, it asked me if I wanted a temporary unfreeze or a permanent unfreeze. Both of those require a PIN. I hope the password comes by mail, because I certainly didn't get it online.
Nick Danger is offline  
Old 09-15-17, 10:01 PM
  #134  
DVD Talk Ultimate Edition
 
Join Date: May 2010
Posts: 4,443
Re: Giant Equifax data breach: 143 million people could be affected

Great article from yesterday.

Now, the company is finally answering some of them. Here’s what I’ve learned about, among other things, Equifax’s credit freeze process, whereby people lock up their files so that no thief can get new credit by impersonating them. One cautionary lesson: The company doesn’t always get its answers right.

Do Equifax’s website and phone systems actually work at this point?

Yes, the company maintains, though barely if all the messages in my email are any indication. Some people are waiting until the middle of the night to try to use Equifax’s security freeze website and even failing then to get through. It’s like trying to get Bruce Springsteen tickets, except nobody wants to see this particular show.

Equifax told me that it is not deliberately throttling down its web servers to keep people from getting freezes. (It’s tempting to believe that they would do this, given that freezes make it harder for the company to make money off your personal data.)

“We are experiencing a high volume of requests for security freezes and have been experiencing some technical issues,” a company spokesman, Wyatt Jefferies, said, in an emailed statement. “We are working diligently to resolve those technical issues.”

In an earlier version of this column, I suggested using the company’s credit freeze phone line for now. But when many of you called, you found that you could not complete a credit freeze after all.

At this point, I’m not sure what to tell you except to keep trying via the website. While the Equifax systems are doubtless receiving exponentially more pings than usual, there is no excuse for the fact that their systems are not functioning seven days into all of this.

The company said it was indeed experiencing a high volume of requests for security freezes and promised that it was working hard to fix the technical issues.

I’ve received dozens of emails from people who are able to get freezes via the website but run into technical problems when their PIN (which they can use later to lift the freeze temporarily when they want to apply for credit) is supposed to appear on their screens. What is going on here?

The company is aware of this and believes that it has to do with some people’s browser settings. It is working on a fix, but again — you can avoid this by trying to call instead.

If you’re having trouble getting a PIN from Equifax’s website and you’re seeing error messages relating to Adobe, PDFs or printing, you may need to update your Adobe software.

I’ve asked Equifax what people should do if they did not get a PIN, and I’m waiting for a response. If you’ve requested the freeze online, Equifax said that it is not “currently” sending PINs via the United States Postal Service in this instance (apologies to readers who I emailed privately guessing that they would be mailing them — I guessed wrong).

Given the mess the company has made with these PINs, I think it ought to send PINs through the United States mail so that everyone affected by the breach does not have to take any further steps.

If you instead requested a security freeze over the phone or by mail, you will in fact get a notice through the mail that includes your new PIN.

Hackers broke into Equifax, accessing data for 143 million Americans. Here’s what happened, how it’s being handled and what you can do to protect your information:

About those PINs: Some people want new ones, given that older PINS were not randomly generated numbers and thus may be insecure. What should people do to request one?

“Our technology team is evaluating this issue. We will communicate with you as soon as a process has been defined,” Mr. Jefferies said.

In the interim, people who want to receive a new PIN must call 1-866-349-5191, speak to a live agent and provide identity verification information to receive a replacement PIN.

And about those phone representatives: Many of them seem know nothing, and others do not have up-to-date information. Care to comment?

“We are aware of issues with our call centers and we are working hard to provide additional training to our agents,” Mr. Jefferies said.

You’re refunding credit freeze fees to people who paid them before you decided to stop charging them. Will that happen automatically?

It will, Equifax promised. This applies to people who froze their files after 5 p.m. on Thursday, Sept. 7, using a credit card. The company is still working out the process for people who paid by check or money order.

Meanwhile, I’m still hearing scattered reports that people still have to pay for their freezes. Equifax, could you please, pretty please, update your site in this regard?

Now, for the questions that Equifax still has not answered:

• What made you think that people should have to pay to protect themselves from your mistake?

• Why not make freezes free forever?

• Why not arrange for free freezes forever at Experian and TransUnion, too, given that thieves could use information they stole from Equifax to set up accounts with lenders that only pull credit reports from those other two companies?

• What should people do who do not have United States addresses?

• Why exactly do you hate freezes so much?

https://www.nytimes.com/2017/09/14/y...ta-breach.html


Out of curiosity, has anyone ever been sent to death row for a white collar crime?
EinCB is offline  
Old 09-15-17, 10:51 PM
  #135  
DVD Talk Platinum Edition
 
Join Date: Oct 2003
Posts: 3,499
Re: Giant Equifax data breach: 143 million people could be affected

Those are some great questions, potent and penetrating. Of course, we'll probably never get any straight answers to them. Negotiating with Equifax is like trying to negotiate with the IRS: it can't be done, since they claim they're never at fault and are immune from any culpability.
zyzzle is offline  
Old 09-15-17, 11:28 PM
  #136  
DVD Talk Legend
 
Sonic's Avatar
 
Join Date: May 1999
Posts: 18,048
Re: Giant Equifax data breach: 143 million people could be affected

Originally Posted by zyzzle View Post
Those are some great questions, potent and penetrating. Of course, we'll probably never get any straight answers to them. Negotiating with Equifax is like trying to negotiate with the IRS: it can't be done, since they claim they're never at fault and are immune from any culpability.
Well they gonna learn the hard way cause people have lost faith in their system. People are revolting and this is a heinous crime. This isn't over it's far from it.
Sonic is offline  
Old 09-16-17, 11:00 AM
  #137  
DVD Talk Ultimate Edition
 
Join Date: May 2010
Posts: 4,443
Re: Giant Equifax data breach: 143 million people could be affected

400,000 British people have been affected.

http://www.bbc.com/news/technology-41286638
EinCB is offline  
Old 09-16-17, 06:53 PM
  #138  
DVD Talk Legend
 
Abob Teff's Avatar
 
Join Date: Aug 1999
Location: Not necessarily Formerly known as Solid Snake
Posts: 20,167
Re: Giant Equifax data breach: 143 million people could be affected

Originally Posted by EinCB View Post
Great article from yesterday.




https://www.nytimes.com/2017/09/14/y...ta-breach.html


And about those phone representatives: Many of them seem know nothing, and others do not have up-to-date information. Care to comment?

“We are aware of issues with our call centers and we are working hard to provide additional training to our agents,” Mr. Jefferies said.
Abob Teff is offline  
Old 09-16-17, 08:50 PM
  #139  
DVD Talk Hero
 
slop101's Avatar
 
Join Date: Mar 2001
Location: So. Cal.
Posts: 39,690
Re: Giant Equifax data breach: 143 million people could be affected

We hear these data-breach stories all the time, but we never really get any followup on any specific things that happened as a result of these breaches. Can ID thefts be traced to things like this? What was the fall out for individual accounts from the Yahoo hack? Did anything happen to the people who's CC#s got hacked through Target a few years back? etc. etc. etc. We hear all this shit, but I honestly have never heard what repercussions have come from these - not saying there isn't any, but I don't know because it's either not ever reported, or linked to anything.
slop101 is offline  
Old 09-16-17, 09:05 PM
  #140  
DVD Talk Legend
 
Troy Stiffler's Avatar
 
Join Date: Nov 1999
Location: Under an I-10 Overpass
Posts: 21,369
Re: Giant Equifax data breach: 143 million people could be affected

I'm a total novice about this stuff. But don't they swipe the encrypted data only? So it can take years until they'll be able to actually see the info. Or something like that... I feel like I read that back when Capital One (or one of those big guys) was hacked.
Troy Stiffler is offline  
Old 09-16-17, 09:11 PM
  #141  
DVD Talk Reviewer/ Admin
 
Adam Tyner's Avatar
 
Join Date: Sep 1999
Location: Greenville, South Cackalack
Posts: 21,522
Re: Giant Equifax data breach: 143 million people could be affected

Originally Posted by Troy Stiffler View Post
I'm a total novice about this stuff. But don't they swipe the encrypted data only?
If it were encrypted, I really think Equifax would've made it a point to mention that to minimize the blow.
Adam Tyner is online now  
Old 09-16-17, 09:26 PM
  #142  
DVD Talk Platinum Edition
 
Join Date: Oct 2003
Posts: 3,499
Re: Giant Equifax data breach: 143 million people could be affected

Originally Posted by slop101 View Post
We hear these data-breach stories all the time, but we never really get any followup on any specific things that happened as a result of these breaches. Can ID thefts be traced to things like this? What was the fall out for individual accounts from the Yahoo hack? Did anything happen to the people who's CC#s got hacked through Target a few years back? etc. etc. etc. We hear all this shit, but I honestly have never heard what repercussions have come from these - not saying there isn't any, but I don't know because it's either not ever reported, or linked to anything.
I agree with this. We hear all about breaches, but never is there closure on what happens after the fact. Has there been an attempt by companies who have been breached to beef up their security? Or is it just Business as Usual, without anything being done (except, of course for Damage Control, ie minimizing liability of the part of the companies hit?

What, to me is MOST bothersome about all of these hacks has been the delay in reporting, which in almost all cases has happened MONTHS after the hacks occurred. Where does liability lie in the immediate days and weeks after the attacks (ie, before they were reported?). Were any peoples' identites actually stolen during this time, and if so, how was the compensation / mediation of those cases handled by the companies?

This is a big point, and the new hack of Equifax's data takes this to another plane of accountability, because those persons affected did not have a choice of NOT being in Equifax's databases...
zyzzle is offline  
Old 09-16-17, 09:30 PM
  #143  
DVD Talk Hero
 
Join Date: Aug 1999
Posts: 27,280
Re: Giant Equifax data breach: 143 million people could be affected

I think some of it is they don't want to reveal the new security measures put in place after a breach, which makes sense.
fujishig is offline  
Old 09-16-17, 10:11 PM
  #144  
Political Exile
 
grundle's Avatar
 
Join Date: Jun 2005
Posts: 16,232
Re: Giant Equifax data breach: 143 million people could be affected

Ha ha ha!

This person was obviously hired for something other than her ability to actually do the job.

This entire thing would been prevented if they had hired someone who was actually qualified.

Now the company is trying to remove all traces of this information from the internet. Good luck with that!


http://www.marketwatch.com/story/equ...cer-2017-09-15

Equifax hired a music major as chief security officer and she has just retired

September 15, 2017

When Congress hauls in Equifax CEO Richard Smith to grill him, it can start by asking why he put someone with degrees in music in charge of the company’s data security.

And then they might also ask him if anyone at the company has been involved in efforts to cover up Susan Mauldin’s lack of educational qualifications since the data breach became public.

It would be fascinating to hear Smith try to explain both of those extraordinary items.

If those events don’t put the final nails in his professional coffin, accountability in the U.S. is officially dead. And late Friday Equifax said both Mauldin and the company’s chief information officer have retired effective immediately.

Equifax “Chief Security Officer” Susan Mauldin has a bachelor’s degree and a master of fine arts degree in music composition from the University of Georgia. Her LinkedIn professional profile lists no education related to technology or security.

This is the person who was in charge of keeping your personal and financial data safe — and whose apparent failings have put 143 million of us at risk from identity theft and fraud. It was revealed this week that the massive data breach came due to a software vulnerability that was known about, and should have been patched, months earlier.

I emailed Equifax’s EFX, -3.81% multiple media relations people but have not heard back.

I was tipped off to this by a contact on Twitter. There has been very little coverage so far of Susan Mauldin’s background and training. Given the ongoing disaster of the hack and Equifax’s handling of the affair, the media spotlight has so far been elsewhere.

Reporting by a few tech-savvy blogs has found that as soon as the Equifax data breach became public, someone began to scrub the internet of information about Mauldin.

Her LinkedIn page was made private and her last name replaced with “M.” Two videos of interviews with Mauldin have been removed from YouTube. A podcast of an interview has also been taken down.

Unhappily for the scrubbers, the internet archives some material and a transcript of one interview has survived.

To play devil’s advocate, Mauldin does at least have 14 years’ private-sector experience since getting her degrees. Music, to stretch the point as far as possible, is an academic subject that can be highly mathematical.

The question is how far any of this can take you in this field if you don’t have a formal education in technology. Mauldin’s counterparts at Equifax’s two biggest competitors, TransUnion TRU, -3.41% and Experian EXPN, -0.89% studied computers and science, respectively.

In an interview I found, Mauldin said that in recruiting, “[w]e’re looking for good analysts, whether it’s a data scientist, security analyst, network analyst, IT analyst, or even someone with an auditing degree. ... Security can be learned.”

But she also said she focuses college recruitment, understandably, on “universities that have programs in security, cyber security, or IT programs with security specialties.” She did not mention music composition.

Everything about this fiasco just gets more and more surreal.

Last edited by grundle; 09-16-17 at 10:30 PM.
grundle is offline  
Old 09-16-17, 11:53 PM
  #145  
DVD Talk Legend
 
Abob Teff's Avatar
 
Join Date: Aug 1999
Location: Not necessarily Formerly known as Solid Snake
Posts: 20,167
Re: Giant Equifax data breach: 143 million people could be affected

Well, that looks terrible. However ... why am I defending these scumbags? ... somebody who is the chief security officer is not actually doing computer programming or defending against cyber-attacks. Most c-suite folks are not specialists in their assigned field, they are decision makers and managers of people, policies, and practices.
Abob Teff is offline  
Old 09-16-17, 11:55 PM
  #146  
DVD Talk Hero
 
Join Date: Aug 1999
Posts: 27,280
Re: Giant Equifax data breach: 143 million people could be affected

Still you'd like chief security officer of a corporation like this to at least have a more impressive resume. I'm more surprised that this ever came up before. Who are the chief security officers of the other two?
fujishig is offline  
Old 09-17-17, 12:38 AM
  #147  
DVD Talk Legend
 
Abob Teff's Avatar
 
Join Date: Aug 1999
Location: Not necessarily Formerly known as Solid Snake
Posts: 20,167
Re: Giant Equifax data breach: 143 million people could be affected

Originally Posted by fujishig View Post
Still you'd like chief security officer of a corporation like this to at least have a more impressive resume. I'm more surprised that this ever came up before. Who are the chief security officers of the other two?
Oh, I'm not knocking that at all! Agreed!

Here are the chief security officers of the other two:
Abob Teff is offline  
Old 09-17-17, 03:41 AM
  #148  
DVD Talk Platinum Edition
 
Join Date: Oct 2003
Posts: 3,499
Re: Giant Equifax data breach: 143 million people could be affected

Originally Posted by Abob Teff View Post
Well, that looks terrible. However ... why am I defending these scumbags? ... somebody who is the chief security officer is not actually doing computer programming or defending against cyber-attacks. Most c-suite folks are not specialists in their assigned field, they are decision makers and managers of people, policies, and practices.
Well, I think Bozo the clown could have done a better job with security.

Fuck, now I know we're all living in the Twilight Zone, when the misdeeds, ignorance, and hormones (?) of one CEO of one company can lead to such a massive fuck-up for SO many millions of people.

"Retired?" Yeah, man, let's "retire" them both to the firing squad, post haste! My outrage knows no bounds.
zyzzle is offline  
Old 09-17-17, 05:38 AM
  #149  
DVD Talk Godfather
 
Michael Corvin's Avatar
 
Join Date: May 1999
Location: Louisville, KY
Posts: 57,385
Re: Giant Equifax data breach: 143 million people could be affected

Yeah, music major isn't as bad as it sounds. I have a friend that was a music major but has been head of IT at a major insurance company for 20+ years. He got a full ride to college for his musical abilities but to keep those scholarships he had to major in music. It's kinda fucked up though when you think about it. Do scholarship athletes have to major in a sports related field? Of course not.
Michael Corvin is offline  
Old 09-17-17, 07:49 AM
  #150  
DVD Talk Reviewer/ Admin
 
Adam Tyner's Avatar
 
Join Date: Sep 1999
Location: Greenville, South Cackalack
Posts: 21,522
Re: Giant Equifax data breach: 143 million people could be affected

Originally Posted by grundle View Post
The question is how far any of this can take you in this field if you don’t have a formal education in technology.
As far as it gets. Plenty of enormously talented, successful people don't have degrees in the field they ultimately chose. The CTO I worked with most closely and the longest was a Psych major. I'm a Senior Software Engineer for a colossal media corporation, and while I did major in Comp Sci, 99.9% of what I've learned to do to excel at my job was self-taught or picked up from other developers. I could've majored in just about anything and it wouldn't have made a lick of difference.

She was demonstrably failing at her job, but that she was a music major at the turn of the century has little to no relevance to my mind.
Adam Tyner is online now  

Thread Tools
Search this Thread

Archive Advertising Cookie Policy Privacy Statement Terms of Service

Copyright © 2018 MH Sub I, LLC dba Internet Brands. All rights reserved. Use of this site indicates your consent to the Terms of Use.