01 October 2017

You, Identity Theft Victim

by Leigh Lundin

Today’s article outlines the massive Equifax identity theft that’s still surfacing today. For the first steps in protecting yourself, you can jump to the distant section on discovering whether you have been targeted and obtaining security features that have been made free for you.

Equifax investigated
Monetizing Your Body

Commercial law can be a peculiar thing, who owns what and why companies have certain rights you don’t. For example, you enter a hospital for surgery. Doctors snip out some piece of you. Likely, you never question who owns that removed bit of flesh or bone and you’re happy just to get rid of it.

Suppose doctors discover something unique and potentially highly profitable in that tonsil or toenail, your appendix or gall bladder. Your DNA might save millions of lives around the planet and earn billions of dollars… none of which you’re entitled to. Unless you signed an agreement otherwise, the physician or hospital owns that biological bit of you including the rights to exploit it. One woman actually applied for a patent on her own body for such a circumstance.

Monetizing Your Life


Financially successful corporations make tidy profits collecting information about you, not merely your earning and spending habits, but where you live, work, school, shop (or shoplift), if you’ve been to court and why. The peculiarity is you don’t own that data. Huge companies do and often their information is wrong and sometimes misused.

A few years ago, credit bureaus were finally forced to hand out credit reports to those who demanded them (a) no more than once a year or (b) if you were turned down for credit. But… odds are high you’ve never seen your full report, because it can contain information the bureaus don’t want you to know. When a mortgagee or a banker or employer receives your credit report, a line at the top might instruct them not to show the report to the subject (you or me), followed by information or opinions they don’t want shared with the… well, victim.

For example, the redacted secret part on my own credit report read “suspected of using false address.” This came about in two ways. First, I had been buying property, a dozen addresses were associated with my name, so I relied on a post office box, much as my grandmother had done. Second, the US Postal Service allows post box renters to use the post office’s physical address, quite handy for imprinting on checks. Such an address looks like:
Chandler Hammett
1201 Post Industrial Drive #107707
Los Angeles, Ca 90210-7707
In my case, the comment didn’t particularly affect me, but imagine someone applying for a sensitive job. The HR department reads the line “suspected of using false address,” and suddenly the potential employee is rejected with no reason given. The applicant should have a right to know about that careless assessment, but has no way of learning of or correcting the report. Why? The bureaus own the reports, you and I don’t.

Monetizing Miscreants

In a past article, I pointed out that curious hackers– the benign exploring kind– can receive severe prison sentences for merely poking around in data warehouses and behind the scenes in web databases. I argued that bankers and merchants who fail to secure vaults, leave doors unlocked, and don’t hire a watchman should be punished as well. If any major office didn’t lock its doors, could you blame kids for wandering in and looking around?

Let’s discuss Equifax, which has suffered an extraordinary data loss to a ‘state actor’… presumably China, North Korea, or Russia. Stolen is your name, social security number, credit card numbers, drivers licence, address, and all the minutia that makes you you. With this kind of data, thieves can lie low for years before springing into action.

I say that as fact, because thieves (state actors) stole the records of the vast majority of working and retired citizens in two separate breaches. The second theft (the first was acknowledged only after the second came to light) affects between ¾ and ⅞ of American adults. Equifax admissions have edged upwards from 153-million stolen files to 182-million; outside assessments estimate as high as 200-million or more.

Note: Canadian and British records have been stolen in the same breach. Equifax says they’re “working with UK regulators,” whatever that means.

Monetizing Misfortune


Equifax executives cashed in stock before the breach became public, attempting to option their knowledge for their personal profit. Then after the big reveal, the company offered to help protect user accounts through a subsidiary— for a fee. Equifax and their security pet since had their arms twisted into providing the services free.

Political response has been as antithetical as you might expect. Congressional members of one political party sent a demand letter to Equifax with a deadline for explaining details and corrective actions. Contrarily, in defense of Equifax and in fear of impacting deregulation, the other major party is working a bill through Congress to limit the liability of credit bureaus and other companies.

Have You Been Hit?   866-447-7559

Here Equifax estimates whether or not your data has been sucked overseas. Be cautious of similar links, because identity thieves are working those, trying to snatch whatever data they can. Use this link:
☞  Has my data been stolen?
Note that updates may still be made, so it’s possible an all-clear this week might turn into a false negative next week. Tap that link to see if you’ve become a victim:

Once you receive an indication, you can decide what to do next. Equifax can take several days to email you about options (now free) that they provide. The FTC offers suggestions and guidelines.

Equifax will provide ninety days of ‘fraud alert’ (notification of identity theft) and a year of monitoring, which can be renewed indefinitely. You may also choose to lock or freeze your account and ‘thaw’ it only when you apply for a loan or other use.

Use the phone number (866-447-7559) above if you have questions or need help you can’t find elsewhere. Contact the other credit bureaus to notify them your identity and data has been compromised.

Equifax Inc.
P. O. Box 740241
Atlanta, GA 30374-0241
800-685-1111
800-525-6285
1150 Lake Hearn Drive
Atlanta, GA 30342
fraud: 800-525-6285
web site
Experian
P. O. Box 2002
Allen, TX 75013-2002
888-397-3742
888-243-6951
701 Experian Parkway
Allen, TX 75013
fraud: 800-397-3742
web site
Trans Union Corp.
P. O. Box 1000
Chester, PA 19022-1000
800-916-8800
800-888-4213
2 Baldwin Place
Chester, PA 19022
fraud: 800-680-7289
web site

Let us know if you’ve been hit. In the meantime, be safe out there– state actors abound!

10 comments:

Paul D. Marks said...

Gee, how nice of Equifax to give us 90 days free when they screwed up. And I love how the exex tried to cash in. A couple resigned. And I haven't heard, but I'm sure with nice golden parachutes. What will they do for us if we've been compromised thanks to their lack of proper security?

janice law said...

A good column. I begin to wonder what was so bad about printed records!

Leigh Lundin said...

Janice, if we take much of a hit, we may be recording on stone tablets! Come to think of it, we're doing that anyway… silicon.

Paul, those people are real sweethearts. I believe there's a way to continue monitoring without charge. I'll try to find out more details.

Leigh Lundin said...

The monitoring situation is still unclear to me, because Equifax has been changing the rules due to public backlash. Originally the greedy credit bureau offered 90 days of monitoring subject to onerous provisos. At that time victims had to agree to
1. provide a credit card so the company could start billing after the initial ‘free’ period.
2. indemnify (agree not to sue) Equifax in case of loss.

An angry public forced Equifax to back down. At present, they will provide 90 days of ‘fraud alert’ (notification of identity theft) and a year of monitoring. To find out of your data was hacked and to apply for monitoring and fraud alert, visit the ‘Has my data been stolen’ link. A click takes users to TrustedIdPremier.com, a company Equifax acquired some time ago. Once it’s been determined you’ve been targeted, they provide provide the monitoring services.

Anyone with additional information is welcome to share the knowledge.

Melodie Campbell said...

I was park of the Yahoo hack late last fall. My Amazon account was hacked because of that, and I am unable to use the original account, as well as the kindle connected to it. No way around that. I've been hours on the phone to Amazon. This was a valuable column, Leigh!

Elizabeth said...

About two days ago I read that the president of Equifax suddenly decided to retire, with a golden parachute of $90 million. It wouldn't surprise me if he took a position in Drumpf's cabinet, but something tells me the job wouldn't last very long.

Vicki Kennedy said...

We checked our status right after the first reports and were told our info was safe, but it looks like we should check again. It's amazing how they can use our info in any way they want, without our permission and get away with it. It fits in well with all the other corruption going on.

Leigh Lundin said...

Melodie, that’s when your famed humour comes in handy. Modern life can be ridiculous, can’t it!

Elizabeth, you’re right on both points. I believe he’s one of the executives who’s under investigation by the SEC for insider trading, i.e, dumping Experian stock before it plummeted. Melodie mentioned Yahoo, and after numerous failures, their CEO bailed with a huge payout.

Vicki, I’m with you. It doesn’t set right with me that companies can exploit our personal information, particularly for profit. Let me know if your accounts are still safe.

Vicki Kennedy said...
This comment has been removed by the author.
Unknown said...

Please refer to Clarkhoward.com as well, he is livid about this and wants us all to weigh in with our Senators and Congressman. There is currently a bill in the Senate right now that would basically eliminate the crooked credit Bureaus of any liabilities when something like this happens or they screw up your credit with false information. Remember they make HUGE contributions to our corrupt officials in Washington. Thanks