Your browser isn't supported
It looks like you're using an old web browser. To get the most out of the site and to ensure guides display correctly, we suggest upgrading your browser now. Download the latest:

Welcome to the MSE Forums

We're home to a fantastic community of MoneySavers but anyone can post. Please exercise caution & report spam, illegal, offensive or libellous posts/messages: click "report" or email forumteam@.

Search
  • FIRST POST
    • tenchy
    • By tenchy 8th Sep 17, 9:22 PM
    • 142Posts
    • 27Thanks
    tenchy
    Equifax hack
    • #1
    • 8th Sep 17, 9:22 PM
    Equifax hack 8th Sep 17 at 9:22 PM
    Oh dear. What's going on here - see Telegraph article on front page. One of the world' biggest hacks.


    Can we really trust our data with these companies?
Page 1
    • Nebulous2
    • By Nebulous2 8th Sep 17, 11:18 PM
    • 1,624 Posts
    • 985 Thanks
    Nebulous2
    • #2
    • 8th Sep 17, 11:18 PM
    • #2
    • 8th Sep 17, 11:18 PM
    Do you have an option?
    • sourcrates
    • By sourcrates 8th Sep 17, 11:46 PM
    • 12,402 Posts
    • 11,816 Thanks
    sourcrates
    • #3
    • 8th Sep 17, 11:46 PM
    • #3
    • 8th Sep 17, 11:46 PM
    Do you have an option?
    Originally posted by Nebulous2
    Unfortunately not no !!
    I'm a Board Guide on the Debt-Free Wannabe, Credit File And Ratings, and
    Bankruptcy And Living With It, boards. "I volunteer to help get your forum questions answered and keep the forum running smoothly".
    Board guides are not moderators and don't read every post. If you spot an abusive or illegal post then please report it to forumteam@moneysavingexpert.com. Any views are mine and not the official line of MoneySavingExpert.com.

    For free debt advice, contact either : Stepchange, National Debtline, or, CAB.
    For Legal advice see : http://legalbeagles.info/
    • nic_c
    • By nic_c 9th Sep 17, 5:24 AM
    • 1,078 Posts
    • 611 Thanks
    nic_c
    • #4
    • 9th Sep 17, 5:24 AM
    • #4
    • 9th Sep 17, 5:24 AM
    Another reason not to pay a subscription to get your credit report, as credit card details could have been stolen - the report seems unclear what was accessed and stolen.

    What needs to be asked, is are credit card details taken for the security check when you sign up for clearscore kept or disposed after the check is complete?
    • RG2015
    • By RG2015 9th Sep 17, 8:51 AM
    • 457 Posts
    • 205 Thanks
    RG2015
    • #5
    • 9th Sep 17, 8:51 AM
    • #5
    • 9th Sep 17, 8:51 AM
    Another reason not to pay a subscription to get your credit report, as credit card details could have been stolen - the report seems unclear what was accessed and stolen.

    What needs to be asked, is are credit card details taken for the security check when you sign up for clearscore kept or disposed after the check is complete?
    Originally posted by nic_c
    Good question and also do banks disclose account details to the CRAs?
    • inflationbuster
    • By inflationbuster 9th Sep 17, 7:31 PM
    • 126 Posts
    • 28 Thanks
    inflationbuster
    • #6
    • 9th Sep 17, 7:31 PM
    • #6
    • 9th Sep 17, 7:31 PM
    No easy way to delete the user ID that i've had for years...

    I've been told on the phone l can't delete my userID/password which contains my home address/email etc and have to create a support account first!!!

    FFS
    Last edited by inflationbuster; 09-09-2017 at 7:35 PM.
    • tomhass
    • By tomhass 9th Sep 17, 8:31 PM
    • 2 Posts
    • 2 Thanks
    tomhass
    • #7
    • 9th Sep 17, 8:31 PM
    • #7
    • 9th Sep 17, 8:31 PM
    OK - my 2 pence worth on Equifux cockup (hack):

    1. Regardless of whether you are a paying Equifax customer or not, they hold information about you on behalf of the credit world (banks and so on). By being a customer you just open a little bit of a windows on to that information. So if you cancel your Equifax subscription it might not help...although you may choose to do so if you no longer trust them.

    2. Equifax's response has been shockingly poor and slow. If you go to their main website there is NOTHING to indicate a problem or even a link to a problem page.

    3. In the USA, they at least created a new website (as normal one nor working/overloaded) to allow users to type in information like Social Security number to check if they have been hacked. This appear though to be a smoke screen as a few in the USA "tested" the system and put in random names and numbers and each type it advised "You may have been affected....".

    4. Equifax have provided no such checker (even though it appears useless) for non USA (e.g. UK) customer - a call to US customer support last night resulted in a (paraphrased) - "sod you mate, we are too busy looking after our American customers and we cannot be arsd to provide anything for UK"

    American customers have been criticising Equifax as their checker tries to get them sign up for a TrustID - to be fair it is 1 Year free when it is normally chargeable....but some are saying they have shamelessly used the incident as a marketing campaign.....after 1 year they will have a whole new bunch of people signed up (and paying) for TrustID because they forgot.
    Their Marketing Director is either a tw*t or a genius....customer retention will tell that tale !

    5. Equifax's UK support line were inconsistent (paraphrased)
    EQ: "We have no evidence any UK customer data was compromised or used maliciously"
    ME: "So how come media report saying 44 million UK customer might be affected"
    EQ: "Well you might have been affected"
    ME: "So which iit ?!!"
    EQ: "It is too early to be specific"
    ME: "OK, never mind that for now, it also appears your website login is not working - what is going on ? - I cannot even check that no new (malicious) credit arrangements have been made"
    EQ: "I was not aware our website had problems...maybe try another browser"
    ME: But I have tried both different browsers, 2 x 100Mb broadband connection and 4G connection - so I think it is not a problem at my end"
    EQ: "I will report the problem internally"
    ME: "Ok - so I beginning to understand no weekend IT support staff it seems - or you are deliberately keeping logins disabled for security until you are sure of breach details - which is okay, I understand but just tell me so I do not waste my time trying....and please put some notice on the home page ! It seems you have very poor Business Continuity and Crisis Management processes"
    EQ: "We will note your comments"

    All in all VERY unsatisfactory. I will be voting with my feet. Hello anyone else...maybe Experian, we will see.
    • DigForVictory
    • By DigForVictory 9th Sep 17, 9:21 PM
    • 7,148 Posts
    • 19,464 Thanks
    DigForVictory
    • #8
    • 9th Sep 17, 9:21 PM
    • #8
    • 9th Sep 17, 9:21 PM
    Can we really trust our data with these companies?
    Originally posted by tenchy
    Not really, but there aren't many other games in town that aren't as potentially vulnerable.

    As soon as we walk into the internet we walk into risk, the fun is trying to manage that.
    • cjv
    • By cjv 9th Sep 17, 9:34 PM
    • 104 Posts
    • 57 Thanks
    cjv
    • #9
    • 9th Sep 17, 9:34 PM
    • #9
    • 9th Sep 17, 9:34 PM
    Would having a Clearscore account add any further chance of information being stolen? I think I had to give my card details when I signed up to them, but am not 100% sure.
    • Sledgehead
    • By Sledgehead 11th Sep 17, 4:35 PM
    • 124 Posts
    • 50 Thanks
    Sledgehead
    This thread tells you all you need to know about Britain.

    A paltry 10 posts about an issue that could affect everyone of us in a devastating manner.

    Meanwhile the threads on getting your credit score improved, show a nerd-like thirst for knowledge that would put Trekkies to shame.

    As somebody who has no desire to spend beyond my ways and means, I struggle to understand why I need to waste hours researching this field, just because some stupid credit reference agency, that incidentally purports to be an expert in data breaches (well, it sure is now!) couldn't be bothered to employ somebody with more tech ability than sales spiel.

    But who cares what savers like me think? This is after all a site devoted to money SPENDING, despite what is written on the tin.

    And of course there is not a mention of it on the home page. Instead I can tell MSE whether or not I've had a tummy tuck. So presumably plastic surgery affects more people than this hack? 44m boob jobs? Wow! Remind me to leave the country before they all rock up at A&E in 20 years for the inevitable corrective surgery.

    And yes, I am very angry.
    Last edited by Sledgehead; 11-09-2017 at 4:46 PM.
    • RG2015
    • By RG2015 11th Sep 17, 5:09 PM
    • 457 Posts
    • 205 Thanks
    RG2015
    This thread tells you all you need to know about Britain.

    A paltry 10 posts about an issue that could affect everyone of us in a devastating manner.
    Originally posted by Sledgehead
    Some of the ten posts are good and extremely comprehensive. Not sure that there is much more to be said other than some more angry rants.

    Peace and long life! As a trekkie might say.
    • Sledgehead
    • By Sledgehead 11th Sep 17, 7:17 PM
    • 124 Posts
    • 50 Thanks
    Sledgehead

    Peace and long life! As a trekkie might say.
    Originally posted by RG2015
    I thought it was "live long and prosper"?
    • cjv
    • By cjv 11th Sep 17, 7:27 PM
    • 104 Posts
    • 57 Thanks
    cjv
    Would having a Clearscore account add any further chance of information being stolen? I think I had to give my card details when I signed up to them, but am not 100% sure.
    Originally posted by cjv
    Quoting myself

    For anyone that is concerned, I contacted Clearscore and received a prompt reply:

    Thanks very much for your message, and I appreciate your concern.

    ClearScore is unaffected by the Equifax US data breach.

    We’ve posted full details about this issue in an FAQ on our site: https://help.clearscore.com/index.php?/Knowledgebase/Article/View/336/0/information-for-clearscore-customers-about-equifax-us-data-breach

    We’ll keep this page regularly updated if/when we find out further information.
    • Sledgehead
    • By Sledgehead 11th Sep 17, 7:53 PM
    • 124 Posts
    • 50 Thanks
    Sledgehead
    I contacted Clearscore and received a prompt reply:

    ClearScore is unaffected by the Equifax US data breach.

    ...
    We’ll keep this page regularly updated if/when we find out further information.
    Originally posted by cjv
    Great work!

    But what a curious reply from ClearScore.

    "Unaffected" eh? If that's what they think maybe they should head on over to TheRegister, where some pretty furious IT sorts are calling for Equifax's blood. Wonder where they'd be if their only business partner collapsed???

    Moreover I simply don't believe a word they say. Head over to Equifax and you will see them bragging how they are security authorities. Why should I trust ClearScore any more than I'd trust Equifax, and why now would I trust them?

    And then they [worryingly] admit to be just as ignorant as to what is going on as the rest of us. You'd have thought, if Equifax truly valued their relationship, they would have thrown them a crumb or two by now. We are talking at least 6 weeks since the hack, after all!

    What a shower! And these are the people borrowers are supposed to bow and scrape to for their very livelihood. Grief. We're in a deeper poop pot than even I'd imagined.

    When are people gonna get live to this?
    • RG2015
    • By RG2015 11th Sep 17, 8:31 PM
    • 457 Posts
    • 205 Thanks
    RG2015
    And then they [worryingly] admit to be just as ignorant as to what is going on as the rest of us. You'd have thought, if Equifax truly valued their relationship, they would have thrown them a crumb or two by now. We are talking at least 6 weeks since the hack, after all!

    What a shower! And these are the people borrowers are supposed to bow and scrape to for their very livelihood. Grief. We're in a deeper poop pot than even I'd imagined.

    When are people gonna get live to this?
    Originally posted by Sledgehead
    I agree but what can we do? I will remain vigilant and check my financial data frequently.

    It would have been worse if it had been Experian as they are used more than Equifax and also are an accredited partner for HM Govt ID Verify.

    PS: Peace and long life is the recognised response to live long and prosper.
    • nic_c
    • By nic_c 11th Sep 17, 8:59 PM
    • 1,078 Posts
    • 611 Thanks
    nic_c
    OK - my 2 pence worth on Equifux cockup (hack):

    American customers have been criticising Equifax as their checker tries to get them sign up for a TrustID - to be fair it is 1 Year free when it is normally chargeable....but some are saying they have shamelessly used the incident as a marketing campaign.....after 1 year they will have a whole new bunch of people signed up (and paying) for TrustID because they forgot.
    Their Marketing Director is either a tw*t or a genius....customer retention will tell that tale !
    Originally posted by tomhass
    Reported on Toms Hardware website:
    So the company said it would provide free credit monitoring, identity theft insurance, and other protections via its TrustedID Premier service. The problem was that Equifax will foot the bill for this service for only a year, after which people will either have to put their financial health at risk or pony up for the service themselves, and that TrustedID Premier's terms of service include an arbitration clause that waives users' right to sue.

    Waiving the right to sue!!
    • Sledgehead
    • By Sledgehead 11th Sep 17, 11:54 PM
    • 124 Posts
    • 50 Thanks
    Sledgehead
    I agree but what can we do? I will remain vigilant and check my financial data frequently.
    ...
    Originally posted by RG2015
    What indeed?

    CIFAS protective registration?

    As for regular checking, well, to do that you need to use credit reports from the very guys who are losing your data. That has to raise concerns. For instance, how can you have confidence in the way they are protecting your communication with them? Your very act of checking might be a vector of attack. We already know that Equifax, after losing millions of records, then went on to direct potential victims to a "checker" site with expired certificates. Isn't that all we need to know?

    Besides, if regularly communicating (checking your records) over supposedly secure links was the road to perfect security, cold-war spies would have been queuing ten deep next to those archetypal "drop" benches in Gorky Park.

    And the more you think about it, the more you wonder why you should be expected to take on the responsibility of screening for ID fraud. Or for that matter monitoring your bank account.

    During the financial crisis savers were told they were not necessarily entitled to all the money they had deposited, because the balance on their account was not really a record of their money, but merely an entry in a ledger that showed how much money they had given the bank - ie it was a kind of bank credit. The money was now the banks and all savers had was an iou. Fine. But now we are told to monitor "our" savings. So, when it comes to somebody raiding the account, the money is ours to be stolen. Wrong! The money is the banks. We lent it to 'em, and if stolen, it's their loss! And if it's their loss, let them look after it. they can't have it both ways.
    • ol1v33r
    • By ol1v33r 12th Sep 17, 5:45 AM
    • 35 Posts
    • 11 Thanks
    ol1v33r
    Often you can't delete accounts but you can change their details. Update them with fake details and job done.
    • RG2015
    • By RG2015 12th Sep 17, 7:45 AM
    • 457 Posts
    • 205 Thanks
    RG2015
    What a shower! And these are the people borrowers are supposed to bow and scrape to for their very livelihood. Grief. We're in a deeper poop pot than even I'd imagined.

    When are people gonna get live to this?
    Originally posted by Sledgehead
    Do you have any suggestions as to how this problem could be solved
    • RG2015
    • By RG2015 12th Sep 17, 7:47 AM
    • 457 Posts
    • 205 Thanks
    RG2015
    Often you can't delete accounts but you can change their details. Update them with fake details and job done.
    Originally posted by ol1v33r
    __________
Welcome to our new Forum!

Our aim is to save you money quickly and easily. We hope you like it!

Forum Team Contact us

Live Stats

398Posts Today

5,162Users online

Martin's Twitter
  • I believe I can boldly go where no twitter poll has gone before https://t.co/HA0jC92gAK

  • OK I'm wilting to public pressure and there will be a star trek captain's poll at some point next week

  • I can get that. My order is 1. Picard 2. Janeway 3. Kirk. Too early to say where Lorca will end up (or would you? https://t.co/kawtCOe9RA

  • Follow Martin