Equifax said the attack began in May and exposed personal data such as social security numbers, driver's license numbers, birth dates and addresses.
Maine's Bureau of Consumer Credit Protection is urging Mainers to consider temporarily freezing their credit report information to protect sensitive information such as their Social Security numbers that might have been comprised in a huge security breach at the credit reporting agency Equifax Inc.
"You need to take more action", one consumer wrote on Twitter to Equifax.
Last week, the company revealed a massive data breach involving as many as 143 million people. "Your credit worthiness is associated with records Equifax obviously keeps and it is an Atlanta-based company so it's not quite a great thing for the city of Atlanta".
If you haven't pulled a copy of your credit report lately, now is the time.
Fortunately, there are defensive steps you can take.
Place a credit freeze at all three credit bureaus.
Freezes can be done online at the websites of the three credit reporting agencies - Equifax, Experian and TransUnion. (NYSE:EFX) hack is bad news for anyone with credit. The danger is that cyber hoods will use the data to make purchases or establish credit that get billed to victims - people like you, perhaps you yourself. This prevents any new accounts from being opened in your name while the freeze is in effect unless you provide a designated 10-digit PIN.
Stephens wins US Open title
Williams has the opportunity to enter into her third major final of the season. "I've known her for a long time ". Williams's level lifted as she stormed through the second set, her power helping her level the match.
You may not be charged a fee if you can prove that you're a victim of identity theft.
"It's far from a flawless solution - freezing and unfreezing isn't slick - but short of changing your SSN and date of birth it's probably your best protection".
Corporate culture could also be a factor. Such PINs could potentially be brute-forced by someone attempting to unlock a credit report for the goal of identity theft.
That might also be the case at Equifax, said DHR's Metzger.
With a security breach of this magnitude, it is easy to imagine the difficulties organizations will face in mobilizing an incident response plan in time to meet the 72-hour notice under GDPR.
The chairmen of at least two U.S. House committees say they want to hold hearings.
Following criticism from many in the infosec sphere, Equifax told The New York Times that it will be changing the PIN generation and request process: "While we have confidence in the current system, we understand and appreciate that consumers have questions about how PINs are now generated". Several state attorneys general have also said they would investigate, which could result in fines at the state level.
When Equifax came forward with the news last Thursday, it set up a website, equifaxsecurity2017.com, to help consumers find out if their data may have been compromised. The company has since told Business Insider by email that the executives had no knowledge that an intrusion had occurred at the time they sold their shares.