Equifax has been hacked - Page 2 - SLUniverse Forums
Navigation » SLUniverse Forums > Off Topic Discussion > Politics, Religion & Society » Equifax has been hacked


Politics, Religion & Society Topics pertaining to politics, religion, philosophy, and social issues. Not for the faint of heart. Also, do not post while drunk, suffering from food poisoning, or while on a low carb diet. You have been warned.

 
Sponsor:
LIONHEART - We Have Your Land
Reply
 
LinkBack Thread Tools Display Modes
Old 09-08-2017, 11:27 PM   #26 (permalink)
子猫女王
 
Katheryne Helendale's Avatar
(Loading...)
 
Join Date: Oct 2009
Location: Right... behind... you...
Posts: 5,904
My Mood:
SL Join Date: 5/20/2008
Client: LL Viewer V3

Awards: 1
SLU Creepy Avatar Competition 2014 Participant 
Quote:
Originally Posted by Wanda Belinda View Post
Yes, although as one article pointed out, some text from their marketing department means nothing legally. All that matters is if they have actually removed the text from their tos.
That's a good point. So far, the Terms of Use have not been revised. However, this part looks intriguing, and looks to provide an out if you find yourself subject to the arbitration clause:

Quote:
Right to Opt-Out of this Arbitration Provision. IF YOU DO NOT WISH TO BE BOUND BY THE ARBITRATION PROVISION, YOU HAVE THE RIGHT TO EXCLUDE YOURSELF. Opting out of the arbitration provision will have no adverse effect on your relationship with Equifax or the delivery of Products to You by Equifax. In order to exclude Yourself from the arbitration provision, You must notify Equifax in writing within 30 days of the date that You first accept this Agreement on the Site (for Products purchased from Equifax on the Site). If You purchased Your Product other than on the Site, and thus this Agreement was mailed, emailed or otherwise delivered to You, then You must notify Equifax in writing within 30 days of the date that You receive this Agreement. To be effective, timely written notice of opt out must be delivered to Equifax Consumer Services LLC, Attn.: Arbitration Opt-Out, P.O. Box 105496, Atlanta, GA 30348, and must include Your name, address, and Equifax User ID, as well as a clear statement that You do not wish to resolve disputes with Equifax through arbitration. If You have previously notified Equifax that You wish to opt-out of arbitration, You are not required to do so again. Any opt-out request postmarked after the opt-out deadline or that fails to satisfy the other requirements above will not be valid, and You must pursue your Claim in arbitration or small claims court.
__________________
When the power of love overcomes the love of power,
the world will know peace.
-J. Hendrix

Katheryne Helendale is offline   Reply With Quote
1 User Said Thanks:
Old 09-09-2017, 01:56 AM   #27 (permalink)
SUPER BANNED

*SLU Supporter*
 
Free Xue's Avatar
I'm just a girl, with some horns
 
Join Date: May 2009
Posts: 52,472
My Mood:
SL Join Date: May 2008
Blog Entries: 11

Awards: 2
SLU Creepy Avatar Competition 2014 Participant 
Equifax Is Proving Why Forced Arbitration Clauses Ought to Be Banned
__________________
Mass starvation of virtual bunnies due to a cease and desist order. Now THAT is Second Life!
la lucha sigue...
Free Xue is offline   Reply With Quote
1 User Likes This:
Old 09-09-2017, 02:29 AM   #28 (permalink)
SUPER BANNED

*SLU Supporter*
 
Free Xue's Avatar
I'm just a girl, with some horns
 
Join Date: May 2009
Posts: 52,472
My Mood:
SL Join Date: May 2008
Blog Entries: 11

Awards: 2
SLU Creepy Avatar Competition 2014 Participant 
Our entire credit bureau system is broken
Quote:
Beyond the immediate damage, the breach reveals some deep absurdities in Equifax’s business model. The company was one of the central stores of personal data, the place you checked to make sure you weren’t writing a mortgage to an impostor. But now the impostors have the same data as everyone else. If you can’t keep it secure, why stockpile the data in the first place?
Excellent question.
Free Xue is offline   Reply With Quote
Old 09-09-2017, 02:46 AM   #29 (permalink)
SUPER BANNED

*SLU Supporter*
 
Free Xue's Avatar
I'm just a girl, with some horns
 
Join Date: May 2009
Posts: 52,472
My Mood:
SL Join Date: May 2008
Blog Entries: 11

Awards: 2
SLU Creepy Avatar Competition 2014 Participant 
On that arbitration point, seems Equifucked is waiving the waiver when it comes to the breach.

https://www.equifaxsecurity2017.com/
Quote:
A Progress Update for Consumers

...

2). NO WAIVER OF RIGHTS FOR THIS CYBER SECURITY INCIDENT
In response to consumer inquiries, we have made it clear that the arbitration clause and class action waiver included in the Equifax and TrustedID Premier terms of use does not apply to this cybersecurity incident.
EDIT: Oops. Missed Katheryne's post on this, previous page. But I like my new name for the company!
Free Xue is offline   Reply With Quote
1 User Said Thanks:
Old 09-09-2017, 08:55 AM   #30 (permalink)
Crazy Cat Lady
 
Rose Karuna's Avatar
Flor-i-duh
 
Join Date: Aug 2007
Location: Fort Lauderdale
Posts: 2,009
My Mood:
This is not Equifax's first rodeo, they are a VERY SLIMY! They have had previous data breaches: Equifax data breach breaks the mold | KRNV

This one was in 2015 where they were letting anyone who could pay, access anyone's information. It was like an open invite to identity thieves and they did not even have to hack for it.

After seeing that they sold stock before they announced the breach, OMG I am furious. I hope that the SEC jumps down on the executives and managers that did this with both feet. They deserve prison time. And while they are at it they should also arrest the CSO.

These bastards should not even be in business.
__________________
“True terror is to wake up one morning and discover that your high school class is running the country.”
—Kurt Vonnegut
Rose Karuna is offline   Reply With Quote
Old 09-09-2017, 01:16 PM   #31 (permalink)
state of non-being
 
Amber Guity's Avatar
The maple kind?
 
Join Date: Dec 2009
Location: Saner part of NC
Posts: 2,636
My Mood:
Client: Firestorm
We're considering freezing our credit reports with all 3 agencies since we aren't looking to get any new credit cards or loans in the near future. At this point, I'm not sure what else to do to safeguard.
Amber Guity is offline   Reply With Quote
1 User Agreed:
Old 09-09-2017, 01:47 PM   #32 (permalink)
Society's Lost Bird
 
WolfEyes's Avatar
DILLIGAFF
 
Join Date: Oct 2009
Location: See that big valley? Not there.
Posts: 11,964
SL Join Date: April 2004
Quote:
Originally Posted by Amber Guity View Post
We're considering freezing our credit reports with all 3 agencies since we aren't looking to get any new credit cards or loans in the near future. At this point, I'm not sure what else to do to safeguard.
https://www.consumer.ftc.gov/feature...identity-theft

https://www.identitytheft.gov/
__________________
This is the truth.
Mitakuye oyasin.
To all my relations, keep dancing.
Believe or you will not see.
WolfEyes is offline   Reply With Quote
2 Users Said Thanks :
Old 09-12-2017, 11:42 PM   #33 (permalink)
bunneh
 
Porsupah Ree's Avatar
 
Join Date: Aug 2007
Location: Probably near London or San Francisco.
Posts: 3,216
My Mood:
SL Join Date: February 2006
Client: Firestorm and Project Bento
Now, it's worth bearing in mind this isn't Equifax Argentina's credit report data, but complaints and disputes sent to them - but still..

https://krebsonsecurity.com/2017/09/...x-has-my-data/

Quote:
Earlier today, this author was contacted by Alex Holden, founder of Milwaukee, Wisc.-based Hold Security LLC. Holden’s team of nearly 30 employees includes two native Argentinians who spent some time examining Equifax’s South American operations online after the company disclosed the breach involving its business units in North America.

It took almost no time for them to discover that an online portal designed to let Equifax employees in Argentina manage credit report disputes from consumers in that country was wide open, protected by perhaps the most easy-to-guess password combination ever: “admin/admin.”
Read on to find out how carefully each employee's password was guarded..
__________________
"Separated lovers cheat absence by a thousand fancies which have their own reality. They are prevented from seeing one another and they cannot write; nevertheless they find countless mysterious ways of corresponding, by sending each other the song of birds, the scent of flowers, the laughter of children, the light of the sun, the sighing of the wind, and the gleam of the stars - all the beauties of creation." -- Victor Hugo
Porsupah Ree is online now   Reply With Quote
1 User Laughed:
2 Users Said Thanks :
Old 09-12-2017, 11:51 PM   #34 (permalink)
Senior Member
 
Dillon Levenque's Avatar
 
Join Date: Dec 2011
Posts: 2,563
SL Join Date: Sept 2008
Quote:
Originally Posted by Porsupah Ree View Post
Now, it's worth bearing in mind this isn't Equifax Argentina's credit report data, but complaints and disputes sent to them - but still..

https://krebsonsecurity.com/2017/09/...x-has-my-data/



Read on to find out how carefully each employee's password was guarded..
Amateurs. I'm Netgear trained. I always use admin/password.
__________________
Quote:
Originally Posted by Maggie
I remember once when I tried to interact with one of her buses with my exploding pigeons. The result was less than desirable.
Dillon Levenque is offline   Reply With Quote
Old 09-13-2017, 02:38 AM   #35 (permalink)
Emergency Mustelid
 
Argent Stonecutter's Avatar
 
Join Date: Sep 2009
Posts: 19,489
root/password123
__________________
Argent Stonecutter -- Skyhook Station -- Coonspiracy Store

"And now I'm going to show you something really cool."


The previous is a cybernetic datum published - in direct contravention of DoD Regulation #229RR3X3 - as being conducive to the physical, psychological and/or social well-being of the population.
Argent Stonecutter is offline   Reply With Quote
2 Users Laughed:
Old 09-13-2017, 07:34 PM   #36 (permalink)
Senior Member
 
DanielRavenNest's Avatar
Building Better Worlds since 1979
 
Join Date: Sep 2009
Location: In UR Internetz
Posts: 8,394
My Mood:
SL Join Date: Jun 27, 2006
Client: 7 of them (I like testing)
Quote:
Originally Posted by Argent Stonecutter View Post
root/password123
If Marvel Universe fan:

iam/groot

If Star Wars fan:

iam/yourfather
DanielRavenNest is offline   Reply With Quote
2 Users Laughed:
Old 09-13-2017, 08:57 PM   #37 (permalink)
子猫女王
 
Katheryne Helendale's Avatar
(Loading...)
 
Join Date: Oct 2009
Location: Right... behind... you...
Posts: 5,904
My Mood:
SL Join Date: 5/20/2008
Client: LL Viewer V3

Awards: 1
SLU Creepy Avatar Competition 2014 Participant 
I use P@$$w0rd123. Nobody will ever hack that!

Oh, wait...
Katheryne Helendale is offline   Reply With Quote
Old 09-13-2017, 09:05 PM   #38 (permalink)
Senior Member
 
Wanda Belinda's Avatar
 
Join Date: Oct 2016
Posts: 2,974
When I lived in apartments I used the letter X for my windows login. Just enough to keep the rare maintenance person from snooping.
Wanda Belinda is offline   Reply With Quote
Old 09-13-2017, 09:33 PM   #39 (permalink)
OccupyE9 Sluni-Goon
 
Kara Spengler's Avatar
Hail Woz, the great and powerful!
 
Join Date: Dec 2008
Location: SL: November RL: DC
Posts: 21,204
SL Join Date: March, 2006
Client: Phoenix & Firestorm
Send a message via Skype™ to Kara Spengler
Strange. My spouse said she was not affected but gave her an enroll button (and no other options). When she clicked enroll the screen redrew (including having the button) and said she was impacted.

Good luck explaining that one to someone who does not know about this. Just enroll the whole country equifuck.
__________________
"The debug setting for Gender in SL (AvatarSex) is an unsigned 32bit integer value. Not a boolean. I'm still waiting to see what our other options will be. =^-^=" Imnotgoing Sideways

"Ok, I have to ask, WTF is this thread even about and why is it hundreds of posts? I am out of vodka so I don't feel like reading it to find out." Cristiano

"Why? Don't like me ban me" Cathiee
Kara Spengler is offline   Reply With Quote
1 User Agreed:
Old 09-14-2017, 01:19 PM   #40 (permalink)
Senior Member
 
Join Date: Jan 2015
Posts: 457
Has anyone done the Equifax check to see if they are potentially compromised and have it come back to say "nope, you're cool bro"? Or something along those lines?

Almost seems like they have to tell everyone who checks, "Yep, you may be compromised" by default since they are still trying to figure out what data was accessed...

Or maybe it is just a ploy to get a shit-ton of new customers for the TrustedID thing...

Edit: Didn't see Kara's response above, now I am wondering if I just misread what my results were!

Last edited by Tranquility too; 09-14-2017 at 01:25 PM.
Tranquility too is offline   Reply With Quote
Old 09-14-2017, 01:54 PM   #41 (permalink)
OccupyE9 Sluni-Goon
 
Kara Spengler's Avatar
Hail Woz, the great and powerful!
 
Join Date: Dec 2008
Location: SL: November RL: DC
Posts: 21,204
SL Join Date: March, 2006
Client: Phoenix & Firestorm
Send a message via Skype™ to Kara Spengler
Quote:
Originally Posted by Tranquility too View Post
Has anyone done the Equifax check to see if they are potentially compromised and have it come back to say "nope, you're cool bro"? Or something along those lines?

Almost seems like they have to tell everyone who checks, "Yep, you may be compromised" by default since they are still trying to figure out what data was accessed...

Or maybe it is just a ploy to get a shit-ton of new customers for the TrustedID thing...

Edit: Didn't see Kara's response above, now I am wondering if I just misread what my results were!
My spouse's initial page saying she was okay looked pretty much the same except they removed (or was it added?) a negative in the sentence. When she clicked the button it redrew the window changing only that word.

It said I would receive an email that I would need to do something with to actually activate it. No email from them yet.
Kara Spengler is offline   Reply With Quote
Old 09-14-2017, 02:32 PM   #42 (permalink)
A Napoleon in rags

*SLU Supporter*
 
Briar Bing's Avatar
Becoming a ghost
 
Join Date: Jun 2007
Posts: 5,860
My Mood:
SL Join Date: May 2003
Quote:
Originally Posted by Argent Stonecutter View Post
I'm not talking about signing up for anything. I'm talking about checking if your information was in the exposed database. Using that service doesn't bind you to anything.
I checked and it came back with "We believe your information may have been compromised". Then, the sign-up page, which I'm not going to fill out.

"may have been"? Either it has or hasn't. WTF?
__________________
Stealin' kisses from the leopards' faces
Briar Bing is offline   Reply With Quote
1 User Hugged You:
1 User Agreed:
Old 09-14-2017, 03:48 PM   #43 (permalink)
Emergency Mustelid
 
Argent Stonecutter's Avatar
 
Join Date: Sep 2009
Posts: 19,489
They don't necessarily know whose data was copied, they just know whose data was potentially available to copy. "May have been compromised" means "it was in the exposed database" as opposed to "we saw someone copy it".
Argent Stonecutter is offline   Reply With Quote
1 User Said Thanks:
Old 09-14-2017, 04:48 PM   #44 (permalink)
Senior Member
 
Join Date: Jan 2015
Posts: 457
I signed up since I 'may have been' compromised. They have all my info anyway, not like I can give them anything new.

Still haven't gotten a confirmation email back yet. I do hate the way email providers organize the mail these days. I've got: Inbox, Priority Inbox, Junk, Starred, Important, All Mail, and Spam. It's so convoluted.
Tranquility too is offline   Reply With Quote
1 User Agreed:
Old 09-14-2017, 05:48 PM   #45 (permalink)
Society's Lost Bird
 
WolfEyes's Avatar
DILLIGAFF
 
Join Date: Oct 2009
Location: See that big valley? Not there.
Posts: 11,964
SL Join Date: April 2004
Quote:
Originally Posted by Kara Spengler View Post
My spouse's initial page saying she was okay looked pretty much the same except they removed (or was it added?) a negative in the sentence. When she clicked the button it redrew the window changing only that word.

It said I would receive an email that I would need to do something with to actually activate it. No email from them yet.
It can take up to 72 hours for the email to go out. Be sure to check your junk folder too.
WolfEyes is offline   Reply With Quote
Old 09-14-2017, 05:49 PM   #46 (permalink)
Society's Lost Bird
 
WolfEyes's Avatar
DILLIGAFF
 
Join Date: Oct 2009
Location: See that big valley? Not there.
Posts: 11,964
SL Join Date: April 2004
Quote:
Originally Posted by Argent Stonecutter View Post
They don't necessarily know whose data was copied, they just know whose data was potentially available to copy. "May have been compromised" means "it was in the exposed database" as opposed to "we saw someone copy it".
Thank you.
WolfEyes is offline   Reply With Quote
Old 09-14-2017, 06:00 PM   #47 (permalink)
Society's Lost Bird
 
WolfEyes's Avatar
DILLIGAFF
 
Join Date: Oct 2009
Location: See that big valley? Not there.
Posts: 11,964
SL Join Date: April 2004
See this number?

866-447-7559

Please, Please, PLEASE do NOT call that number and ask for freezes or any other customer service type requests. They can NOT do these things! They can only give you information and it's spotty info at that thank you very fucking much Equifax. That number is the Equifax Incident Response line. It is NOT customer service!
WolfEyes is offline   Reply With Quote
2 Users Said Thanks :
Old 09-14-2017, 10:58 PM   #48 (permalink)
子猫女王
 
Katheryne Helendale's Avatar
(Loading...)
 
Join Date: Oct 2009
Location: Right... behind... you...
Posts: 5,904
My Mood:
SL Join Date: 5/20/2008
Client: LL Viewer V3

Awards: 1
SLU Creepy Avatar Competition 2014 Participant 
Quote:
Originally Posted by Tranquility too View Post
I signed up since I 'may have been' compromised. They have all my info anyway, not like I can give them anything new.

Still haven't gotten a confirmation email back yet. I do hate the way email providers organize the mail these days. I've got: Inbox, Priority Inbox, Junk, Starred, Important, All Mail, and Spam. It's so convoluted.
I very rarely access my email through the Gmail web app. I use the Thunderbird email client and manage my inbox my own way.

Both hubby and I got the "we do not believe your data has been compromised" message when we checked. We're breathing a little easier now.
Katheryne Helendale is offline   Reply With Quote
Old 09-14-2017, 11:21 PM   #49 (permalink)
Senior Member
 
Wanda Belinda's Avatar
 
Join Date: Oct 2016
Posts: 2,974
We tested Equifax's data breach checker — and it's basically useless
Wanda Belinda is offline   Reply With Quote
Old 09-15-2017, 12:10 AM   #50 (permalink)
子猫女王
 
Katheryne Helendale's Avatar
(Loading...)
 
Join Date: Oct 2009
Location: Right... behind... you...
Posts: 5,904
My Mood:
SL Join Date: 5/20/2008
Client: LL Viewer V3

Awards: 1
SLU Creepy Avatar Competition 2014 Participant 
Well... Shit. So much for breathing easier.
Katheryne Helendale is offline   Reply With Quote
1 User Agreed:
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are On




SEO by vBSEO