• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

Congrats, you did a credit freeze. Joke is on you!

Elixer

Elixer

Lifer
So, you go out and pay for a credit freeze... then you find out that anyone with your info can get your PIN.
🙄

An alert reader recently pointed my attention to a free online service offered by big-three credit bureau Experian that allows anyone to request the personal identification number (PIN) needed to unlock a consumer credit file that was previously frozen at Experian.
...
In short: Crooks and identity thieves broadly have access to the data needed to reliably answer KBA questions on most consumers. That is why this offering from Experian completely undermines the entire point of placing a freeze.

After discovering this portal at Experian, I tried to get my PIN, but the system failed and told me to submit the request via mail. That’s fine and as far as I’m concerned the way it should be. However, I also asked my followers on Twitter who have freezes in place at Experian to test it themselves. More than a dozen readers responded in just a few minutes, and most of them reported success at retrieving their PINs on the site and via email after answering the KBA questions.
Click to expand...

https://krebsonsecurity.com/2017/09/experian-site-can-give-anyone-your-credit-freeze-pin/
 
Knowledge-based authentication the way it is implemented here is a major flaw in the entire credit system. It's definitely not secure in the current internet age, whether it was ever a good idea or not.
 
  • Like
Reactions: IEC
Why the heck they don't do 2-factor authorization (heck, 3 factor would be better, and that is by snail mail) is pretty darn stupid.
Origin / Steam / Blizzard accounts are more secure than your credit. 😵
 
Everyone should just get a couple grand for their troubles, That money should come straight from Equifax's pockets. Then all the execs should be put in jail for 25 years with no parole. It would set an example. They do this "set an example" shit all the time with software piracy. It's time we do it with stuff that actually matters.
 
Red Squirrel said:
Everyone should just get a couple grand for their troubles, That money should come straight from Equifax's pockets. Then all the execs should be put in jail for 25 years with no parole. It would set an example. They do this "set an example" shit all the time with software piracy. It's time we do it with stuff that actually matters.
Click to expand...

While we can negotiate the specifics of the punishment, I think punishment with some actual penalties is long overdue for this kind of gross incompetence.

So consider my pitchfork sharpened and my torches lit.
 
This goes to show that the whole credit situation in the US needs to be torn down and rebuilt. Hopefully this dick kick to Equifax will bring them to their knees to the point where they are forced to close shop altogether.

The fact that we still don't have chip-card readers all-around along, we sitll ID people based on their SSN#, and the authentication is complete shit tells you what a sham it is.
 
Red Squirrel said:
Everyone should just get a couple grand for their troubles, That money should come straight from Equifax's pockets. Then all the execs should be put in jail for 25 years with no parole. It would set an example. They do this "set an example" shit all the time with software piracy. It's time we do it with stuff that actually matters.
Click to expand...

I can't fault all the execs. The Cheif Security Officer is the one who reports to the other higher-ups, and if she said everything was peachy with her fucking joke music degrees, then it should be pegged squarely on her.
 
s0me0nesmind1 said:
I can't fault all the execs. The Cheif Security Officer is the one who reports to the other higher-ups, and if she said everything was peachy with her fucking joke music degrees, then it should be pegged squarely on her.
Click to expand...

I think there should be just as much fault laid on the idiots that decided to hire her.
 
Red Squirrel said:
Everyone should just get a couple grand for their troubles, That money should come straight from Equifax's pockets. Then all the execs should be put in jail for 25 years with no parole. It would set an example. They do this "set an example" shit all the time with software piracy. It's time we do it with stuff that actually matters.
Click to expand...
Dividing Equifax's net worth by 140 million victims, I get a maximum of less than $50 per victim, even if they are liquidated.
 
s0me0nesmind1 said:
I can't fault all the execs. The Cheif Security Officer is the one who reports to the other higher-ups, and if she said everything was peachy with her fucking joke music degrees, then it should be pegged squarely on her.
Click to expand...
I feel like you should be able to pin this straight on Equifax as a whole, if not also the executives. It's their job to make sure their company is running properly. As it was put in the NYT the other day:

Many of those who have tried to protect themselves in the wake of the breach have been left feeling as though they are not in good hands. Consider the revelation that the president of Equifax’s information solutions unit in the United States and its chief financial officer sold stock after the breach was discovered but before it was made public. If they knew about the break-in, they violated insider trading laws. The company says they did not know.

Even if you take Equifax at its word, despite its complete lack of credibility at this point, you are still left to wonder this: In what sort of company would Mr. Information Systems and Mr. Money not be in the loop on a problem like this? “That’s also horrifying,” said Cristi Page of San Diego. “They’re either unethical or they’re incompetent. Neither of those inspire much confidence.”
Click to expand...
https://www.nytimes.com/2017/09/22/your-money/equifax-breach.html
 
Ken g6 said:
Dividing Equifax's net worth by 140 million victims, I get a maximum of less than $50 per victim, even if they are liquidated.
Click to expand...

Oh I'm sure you can get way more if you also go after their Swiss bank accounts and all the other hiding tricks corporations tend to use to hide money. 😉

But yeah really there needs to be serious penalties in general for this type of gross neglect. This is equivalent to constructing a building that is not safe and it collapses.
 
If you do it right there's no fee for the freeze and I just did the other day. As for Equifax and their profiteering execs they should have to forfeit anything they made from selling their stocks just before the breach announcement plus pay a fine as well as compensate anyone who was harmed by their failure to protect sensitive information.
 
Where do you go to freeze anyway? Your bank? I am considering this. One of my coworkers recently got hit with like 25k of fraud on his card... I hate that it's up to us to protect ourselves from these incompetent pieces of shit.
 
I put freezes on my credit a decade ago. It is kind of a pita when I want to open a CC or get a loan. But havent had an issue with fraud yet.
 
Genx87 said:
I put freezes on my credit a decade ago. It is kind of a pita when I want to open a CC or get a loan. But havent had an issue with fraud yet.
Click to expand...
how do you do it?
the one that scares me is title fraud. could you imagine coming home and having a eviction notice on your home that you own?
 
OutHouse said:
how do you do it?
the one that scares me is title fraud. could you imagine coming home and having a eviction notice on your home that you own?
Click to expand...

I recall reading a story where this happened to someone. They basically lost everything and had to start their life from scratch. They could not even enter their house to get their stuff because it was not theirs anymore. Just like that. I don't recall the exact context, if it was fraud or some kind of accounting error or other BS like that. That stuff scares the crap out of me. It's a piss off that it's even possible for it to happen and shows how terrible the system is.
 
Red Squirrel said:
Where do you go to freeze anyway? Your bank? I am considering this. One of my coworkers recently got hit with like 25k of fraud on his card... I hate that it's up to us to protect ourselves from these incompetent pieces of shit.
Click to expand...
You can do it at the credit agency and your individual banks to prevent anyone from opening any accounts in your name.
 
Puffnstuff said:
If you do it right there's no fee for the freeze and I just did the other day. As for Equifax and their profiteering execs they should have to forfeit anything they made from selling their stocks just before the breach announcement plus pay a fine as well as compensate anyone who was harmed by their failure to protect sensitive information.
Click to expand...
Once frozen does that mean you can't open new credit? How hard is it to unfreeze? Didn't look into it because I had a refi going on when this stuff went down. Once settled considering it.
 
HomerJS said:
Once frozen does that mean you can't open new credit? How hard is it to unfreeze? Didn't look into it because I had a refi going on when this stuff went down. Once settled considering it.
Click to expand...
Here, S.C ., I just called the automated system, put in my 14(?) digit pin and the dates to un freeze and re freeze. No charge.
 
OutHouse said:
how do you do it?
the one that scares me is title fraud. could you imagine coming home and having a eviction notice on your home that you own?
Click to expand...

Went to the three credit agencies and placed a lock on on my credit. They send unlock information which I keep in a safe. Hope I don't lose that safe.

One side benefit of it is a massive drop in junk mail.
 
HomerJS said:
Once frozen does that mean you can't open new credit? How hard is it to unfreeze? Didn't look into it because I had a refi going on when this stuff went down. Once settled considering it.
Click to expand...

When opening credit they run a report it comes back as unavailable or something. So no respectable lender would extend credit. But it doesn't make it impossible to open credit. Just a lot more difficult.
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top