People this dumb should not be in charge of protecting our personal data.
Who reset Equifax to factory defaults?
Unbelievable. When I see warnings about using 'password' as your actual password I always think who would be that stupid.
After this Equifax should no longer be one of the big 3 credit bureaus. The negligence here is absolutely disgusting.
Sony : We were stupid enough to put all sorts of passwords into an unprotected Excel spreadsheet.
Equifax : Pfft. Amateurs.
On NPR last night, they said "didn't they have a contingency plan for if this happened?" and I was yelling, "that *was* the contingency plan: don't tell anyone, get congress to protect them, and sell stock!"
Amazing. My passwords with them are required to be 40 characters and a blood sacrifice.
Password that nobody would guess:
Equifax has no way of reaching a human and they haven't responded to my emails (tomorrow will mark 5 business days.)
I should mention I am a paying customer who was billed as recently as 9/5 and I cannot access my account without re purchasing another product to verify with them.
Fuck this company
Edit- who knew just yesterday I'd be posting about hot cum and today have a post blow up about my shitty credit bureau! Reddit is so exciting!
15 years ago I was trying to get a mortgage on a house. There was a line item on my credit report from Equifax, and only on the Equifax copy. Bank was firm, that item was a deal killer. The item itself was bogus. An incorrect charge from a company I had not used in over a decade.
Even getting a human being to get the procedures to contest the charge, was hell. I had to get a /special/ phone number AND a PIN number, in the MAIL. Called the number I had previous with the pin, and I was told that I used the wrong phone number, that VOIDED my pin and I would have to wait for a new one. Waited AGAIN and called the number with the pin. I was told I had to have a number off the EQUIFAX report, not the bank's report. Start again. Get the report (AND the credit check ding) and get a NEW number, AND pin number (because my old ones were now voided.) This is a MONTH into the process at this point. Call them up, get the numbers right, contest the charge, they tell me that I just need to get the company to fax in a retraction. I was smart, I asked for a new phone/pin on the phone, and got one to use for the next call.
Track down the company, find out it hasn't existed in over a decade. Equifax says I need proof. How do you prove something doesn't exist? Yeah, I know. I ended up getting the Chamber of Commerce of the state the place was originally at. Got a "they no longer exist" note. Equifax wouldn't take it. I faxed it to them, they demanded the chamber of commerce fax it, not me. Fuck.. another day of phone calls and "No, I'm serious, I need you to fax that to them." and FINALLY, now /TWO/ months into the endeavor, got the item removed from my credit report.
Too late for the bank, the housing complex that was being built had filled up, I lost my shot.
The old Infocom/Douglas Adams game "Bureaucracy" went no where NEAR far enough to show just how evil paperwork can get.
Fuck You Equifax.
From what I was told (anecdotally, so I have no proof) To get an entry on my credit report, all I would have to do is call the right number up with my SSN, and a business ID, and state "He has taken a loan for $40,000" and that is that. No validation, no checking. Just Fuck The Consumer.
I understand the need/utility of a Credit Agency, but if Equifax disappeared off the face of the earth, I would dance on their grave.
To put this in perspective, when I'm trying to browse reddit on my ipad using stolen wifi from someone's router, I try the 3 or 4 default router logins I know on all 5-12 routers I can pick up, even printers...I have never hacked into someone's wifi.
I could have hacked Equifax. Equifax is dumber than stoners in apartment buildings and small businesses that don't let you use their wifi.
Also the day I hack a printer's wifi is the day that printer starts spitting out 100 copies of dickbutt.
How many accounts could you hack if you simply wrote a script that was fed login pages to try out the most common default username/password combinations?
I have a feeling it would make most security researches sad.