Reset Password
Existing players used to logging in with their character name and moo password must signup for a website account.
- Saruki 1m
- Ralph 56m
- notloose 1h
- FunkyMango 41s
a Mench 7h Doing a bit of everything.
And 20 more hiding and/or disguised

PSA: Equifax Data Breach
If you're an American, you're probably impacted

Hello -

Some of you may already be aware of the massive data breach which hit Equifax. Some of you may not. You can read more about it here:

What is Equifax

It's a credit bureau. One of three major ones.

What is a credit bureau?

They track a lot of things about you. Things like your credit card accounts, how much credit you've used on your cards, your college and auto loans, your loans for a home. They have your social security number. They have your credit card numbers. They have your name, your addresses (everywhere you've lived), your birthdate, your mothers maiden name. They have everything about you.

They profit by selling this information to qualifying companies and by providing a 'credit score'. Most people know what a credit score is, and most people know what a credit report it. Credit reports come from a credit bureau.

They are not governmental organizations. They are for profit companies.

I'm not and have never been an Equifax customer so I am safe, right?

Wrong. You are not safe. You didn't consent to give them all of this personal information about you but they have it. Credit Card Companies, Banks, and other financial institutions use your credit score and credit report to figure out if you qualify for loans/credit/apartments and more. Your information was mined or provided to these credit bureaus without your knowledge or consent. Even minors are in their databases. You almost certainly are too.


My sentiments exactly.

What do I do now?

Read the article above, Google around, figure out if you were affected (there is a website to check, but make sure you get there from a reputable source like because people are already domain squatting on similar domain names), put a CREDIT FREEZE on your credit report with all 3 companies. It costs a small fee, depending on your location. It's a racket, but it's your best protection.

Tweet at your Senators and Representatives.

Understand that your social security number is probably in the wild. You can't be sure at this point, so it's best to assume it is and start taking precautions.

This is such a dystopian thing, I don't even know what to say. However, I would plead with all of you affected or not, to make your voices heard on social media and to any state/local representatives. They are probably affected too! Holding companies responsible for irresponsible practices is the only way we are going to change things.

-- Slither

I work in a tangentially related field. This data breach is a huge deal, and I don't think it's being talked about quite enough. The relationship to possible stock manipulation as well is also damning. I expect there to be some fairly serious legal backlash on the executives involved.

As an American, I feel we need to sit down with our representatives and have a serious look into the entire system of citizen identification. The use of the social security system for things like this was never intended, and it is a notoriously insecure method for conducting things like identity verification. We need to figure this out, and secure ourselves in some fashion, and have legislation passed to help mitigate the impact of things like these data breaches.

I couldn't agree more TalonCzar. SSNs can be guessed with enough accuracy to make them a poor identification method. They also cannot be changed (without a lot of work), making them a poor GLOBAL IDENTIFICATION PASSWORD.

Not only do we need to have a discussion about better identifying ourselves, we need to start holding companies that have breaches accountable. If they want to hold DATA on all of us, in perpetuity, they need to be responsible for the costs of that data being exposed.

And as you mentioned in you original post, the idea of these companies being allowed to collect data on you without consent is something I'm not so sure about. I'd really be interested in how they gain that information in the first place.

If I still lived in the US I'd start looking over my paperwork. See if my banks, utilities, places of residence and all that have really asked my permission to send data about me to these people. They might have but I doubt it's being done in an open and clear way.

Credit reporting is an integral part of banking. It's not something that they do with individuals, but rather with every single party involved. Corporations, people, businesses, and very importantly, other banks. Without it, it's very difficult to properly calculate risk, which is basically the single most important factor in determining if the bank is going to conduct business with that individual, and what things like rates and restrictions might be placed on them. I don't believe it is something that is wrong, or even dangerous. As I mentioned before, the real issue is the one of identity and fraud. Right now, it's rather easy to accomplish identity theft--like Slither mentioned--and that is really the issue at stake. Luckily, with the use of AI in the financial sector, we have gained a strong tool to help fight against these crimes.
I don't know. I don't ever recall my bank telling me that they would be sending my data to a credit agency when I opened my account. Or my ISP when I signed up for service. Or any of the other entities that I do business with and send my data to these people. Sure, it might be important to have this credit score system but this passing along of data should be made clear to people up front.

I should know everyone my bank is sending my data too and have to opportunity to decide if I really want to do business with them. And maybe that means I don't do business with any banks (as if that's even reasonable anymore) but I should still know.

It should not simply be assumed that all these places I do business with have the right to pass my data along to anyone they feel like. It shouldn't be hidden in the small print either. And maybe it isn't but I just cant seem to recall ever noticing a clause ever stating that this was happening (though I knew it was).

Might be I'm alone in thinking this. I don't know.

I actually know about this, having worked for a bank dealing with its credit cards!

Under the Gramm-Leach-Bliley Act, a financial institution has to provide provide its customers with a notice of its privacy policies and practices. They send you out this information once a year, its a bunch of fine print that people usually throw away. Now, they aren't supposed to disclose non-PUBLIC personal information about their customers to nonaffiliated third parties... but they are not required to keep your information from affiliated services that the bank uses to do their job (Or even tell you about them). These services have contractual obligations to keep your information private.

Hero of the day: the person who dressed up as Rich Uncle Moneybags for the Equifax hearings.