Equifax Data Breach Puts Spotlight on How Credit Agencies Work

Cybele Weisser

Updated October 3, 2017 at 9:57 AM

Consumer Reports has no financial relationship with advertisers on this site.

The recent Equifax data breach exposed the personal financial information of millions of Americans, yet many consumers know relatively little about what credit reporting agencies do and how they operate.

The industry is somewhat shrouded in mystery because credit agencies collect vast amounts of information about you without your having ever signed up for their service.

Yet as the Equifax breach shows, these agencies know a great deal about you, including your bank accounts, credit cards, mortgages, and other financial transactions as well as your name, address, Social Security number and even your driver's license.

How can these agencies collect all this information without your even knowing about it? And what is being done to protect you? Below are some answers to these key questions.

Why Do the Credit-Reporting Agencies Exist?
When you apply for a loan or credit card, banks want to know if you are likely to pay them back. So they pay credit agencies to provide information about you and your financial history. The agencies also provide a credit score, which determines your overall creditworthiness. The higher the score, the better a risk you're considered to be.

What Kind of Information Do Credit Agencies Collect?
Just about every piece of information about you that relates to your credit history makes its way to at least one of the credit bureaus.

That might include: how much you owe on your credit cards and other debts, whether you’ve paid your bills on time, the credit limit on your cards, and how often you’ve applied for credit. That information, which is reported to the bureaus by lenders, is usually updated every month.

In addition, the credit agencies collect financial information that appears in public records, such as bankruptcies and tax liens. Some property rental firms also report on tenants’ payments.

Besides financial data, credit bureaus collect information to verify your identity, such as your birthday, Social Security number, and even addresses and phone numbers.

How Secure Is This Information and Who Oversees It?
The Equifax hack has made clear that data security is lacking in the industry. Credit bureaus aren’t subject to the same regulatory oversight that governs banks and subjects them to regular security audits.

Moreover, no single federal entity oversees data breaches, says Eva Velasquez, the president of the Identity Theft Resource Center, a national nonprofit victim-assistance group.

Depending on the circumstances, regulation could be handled by the FBI, the Federal Trade Commission, or the Securities and Exchange Commission. In the case of Equifax, the FTC has publicly said that it is investigating the breach.

Most states have laws stating that companies must notify customers about data breaches. But requirements about the time frame for notification and what kind of information they need to disclose vary widely.

Still, several state attorneys general have launched investigations into Equifax’s practices, and the company also faces a host of class-action lawsuits.

How Long Do You Need to Worry About the Equifax Breach?
Unfortunately, there’s no point at which you can assume you’re safe. That’s because the database that was hacked contained permanent identification information, such as Social Security numbers, which can’t be changed.

That means someone could apply for credit cards, take out loans, and potentially file for federal tax refunds or apply for government benefits under your name—five or 10 years or even decades from now. “You’re exposed in perpetuity,” says Velasquez.

What Is Being Done to Prevent This From Happening Again?
Given the publicity surrounding this incident, some legislators and representatives, such as Senator Elizabeth Warren of Massachusetts and Senator Brian Schatz of Hawaii, have called for investigation and increased regulation of the credit reporting industry.

Consumers Union, the policy and mobilization arm of Consumer Reports, has also outlined the steps it believes Equifax must take to remediate the situation.

This week, there will be a number of Congressional hearings to learn more about what happened, including one by the Subcommittee on Digital Commerce and Consumer Protection on Tuesday, two others by the Senate Banking Committee, and also the Senate Judiciary Subcommittee on Privacy, Technology and Law on Wednesday and another by the Financial Services Committee on Thursday.

For now, however, the onus is on you to protect yourself.

Start by freezing your credit with each of the four bureaus, though if you need access to credit it may cost you a few bucks to temporarily halt the freeze (for now, Equifax has agreed to waive all charges; there’s no cost to place a freeze at Innovis).

Then take other reasonable steps to protect your assets and credit. Finally, don’t forget to order your report once a year from each of the bureaus, which they must provide at no cost. Check those reports carefully for errors and signs of fraud.

Says Ulzheimer: “You’ll need to become engaged with your own protection—permanently.”

Consumer Reports is an independent, nonprofit organization that works side by side with consumers to create a fairer, safer, and healthier world. CR does not endorse products or services, and does not accept advertising. Copyright © 2017, Consumer Reports, Inc.

Yahoo Sports
Dolphins owner Stephen Ross reportedly declined $10 billion for team, stadium and F1 race
The value of the Dolphins and Formula One racing is enormous.
Yahoo Sports
MVP Nikola Jokić headlines All-NBA teams alongside Shai Gilgeous-Alexander, Luka Dončić
The All-NBA selection was the sixth for Jokić, who was awarded his third MVP trophy in four seasons on May 8.
Yahoo Finance
Under Armour is collapsing — And Kevin Plank has to take the blame
The Under Armour meltdown continues.
Yahoo Sports
Yankees owner Hal Steinbrenner says team's payroll, 3rd in MLB, 'not sustainable for us financially'
Maybe not what Yankees fans want to hear ahead of Juan Soto's free agency.
Yahoo Sports
UFC Vegas 92: Piera Rodríguez DQ'd for multiple illegal headbutts vs. Ariane Carnelossi
Rodríguez was warned by the ref to watch her head. She responded by headbutting her opponent even harder.
Yahoo Sports
Report: Fanatics files lawsuit against Cardinals rookie WR Marvin Harrison Jr. for breach of contract
Marvin Harrison Jr., Fanatics said, “rejected or ignored every request” from the company while refusing to fulfill obligations of their contract that was signed last May.
Yahoo Sports
PGA Championship: Will Zalatoris says group of players considered asking for postponement after death, Scottie Scheffler arrest
It was a surreal day at the PGA Championship.
Yahoo Sports
The Spin: Making a call on 5 slumping fantasy baseball stars
All five of these hitters were drafted highly in fantasy baseball leagues. So far, they have not lived up to their ADPs — and that's an understatement. Scott Pianowski analyzes.
Yahoo Sports
Tied for the most bets for No. 1 overall pick in NBA Draft is ... Bronny James?
The co-leader in bets for the No. 1 overall pick is a stunner.
Yahoo Sports
Best and worst NFL offseasons with the Ringer's Steven Ruiz | The Exempt List
Charles McDonald is joined by Steven Ruiz of The Ringer to break down which teams had the best and worst offseasons in the NFL
Yahoo Finance
'Demand is just so strong': Nvidia CEO Jensen Huang tells Yahoo Finance supply can't keep up
Nvidia's quarterly results blew away estimates again on Wednesday, and as the company moves to its next-generation chips its CEO sees supply, not demand, serving as its biggest challenge.
Yahoo Finance
Tesla stock pops after company reveals new details, deliveries for its semitruck program
Robotaxis, low-cost cars, and the Cybertruck aren't stopping Tesla from pushing ahead with its new semitruck, which is set to reach customers by 2026.
Autoblog
2025 Honda Civic Hybrid revealed, plus Civic-wide design and tech updates
The 2025 Honda Civic is here, and it lands as the 11th generation’s mid-cycle refresh.
Yahoo Sports
Mother sues LaMelo Ball after he allegedly drove over 11-year-old son's foot and broke it at a fan event
LaMelo Ball allegedly drove away and ran over an 11-year-old's foot when he was trying to get Ball's autograph at a Hornets fan event last fall.
Yahoo Sports
Are the Phillies really this good? Or has their schedule just been easy?
With largely the same group of players as the past two seasons, the answer for Philadelphia can be both.
Yahoo Sports
Struggling Cardinals, Blue Jays among 3 teams that could spark life into the MLB trade deadline
If teams like St. Louis and Toronto decide to pull the plug on this season, some big names could become available on the trade market this summer.
Yahoo Sports
The Mavericks' major gambles pay off as Luka Dončić, Kyrie Irving lead charge to West finals
Shrewd moves and timely deals have the aggressive Mavericks moving on in the postseason — and perhaps to an even better tomorrow.
Yahoo Sports
Preakness Stakes 2024 winner, payouts, results: Seize the Grey wins at Pimlico, Mystik Dan finishes 2nd, ending Triple Crown bid
Live updates from the 149th Preakness Stakes at Pimlico Race Course in Baltimore
Yahoo Sports
Auburn RB Brian Battie critically wounded in Sarasota shooting
Battie's older brother Tommie was killed and three others were shot early Saturday morning .
Yahoo Sports
Oneil Cruz hitting angry, Shohei Ohtani leading the league, the Royals are turning heads with Jake Eisenberg
Jake Mintz & Jordan Shusterman talk about Oneil Cruz's smashing night at the dish, Kyle Tucker and Shohei Ohtani leading the league and are joined by Royals broadcaster Jake Eisenberg to talk about Kansas City’s success in 2024.

News

Life

Entertainment

Finance

Sports

New on Yahoo

Equifax Data Breach Puts Spotlight on How Credit Agencies Work

Recommended Stories

Dolphins owner Stephen Ross reportedly declined $10 billion for team, stadium and F1 race

MVP Nikola Jokić headlines All-NBA teams alongside Shai Gilgeous-Alexander, Luka Dončić

Under Armour is collapsing — And Kevin Plank has to take the blame

Yankees owner Hal Steinbrenner says team's payroll, 3rd in MLB, 'not sustainable for us financially'

UFC Vegas 92: Piera Rodríguez DQ'd for multiple illegal headbutts vs. Ariane Carnelossi

Report: Fanatics files lawsuit against Cardinals rookie WR Marvin Harrison Jr. for breach of contract

PGA Championship: Will Zalatoris says group of players considered asking for postponement after death, Scottie Scheffler arrest

The Spin: Making a call on 5 slumping fantasy baseball stars

Tied for the most bets for No. 1 overall pick in NBA Draft is ... Bronny James?

Best and worst NFL offseasons with the Ringer's Steven Ruiz | The Exempt List

'Demand is just so strong': Nvidia CEO Jensen Huang tells Yahoo Finance supply can't keep up

Tesla stock pops after company reveals new details, deliveries for its semitruck program

2025 Honda Civic Hybrid revealed, plus Civic-wide design and tech updates

Mother sues LaMelo Ball after he allegedly drove over 11-year-old son's foot and broke it at a fan event

Are the Phillies really this good? Or has their schedule just been easy?

Struggling Cardinals, Blue Jays among 3 teams that could spark life into the MLB trade deadline

The Mavericks' major gambles pay off as Luka Dončić, Kyrie Irving lead charge to West finals

Preakness Stakes 2024 winner, payouts, results: Seize the Grey wins at Pimlico, Mystik Dan finishes 2nd, ending Triple Crown bid

Auburn RB Brian Battie critically wounded in Sarasota shooting

Oneil Cruz hitting angry, Shohei Ohtani leading the league, the Royals are turning heads with Jake Eisenberg