Affiliate Disclosure
If you buy through our links, we may get a commission. Read our ethics policy.

Up to 143M US consumers exposed in Equifax hack, could impact iPhone buyers

U.S. credit scoring agency Equifax has admitted that hackers gained access to the data of 143 million Americans earlier this year, something that could be particularly relevant to people in Apple's iPhone Upgrade Program.

Hackers had access to files between May and July of this year, though the problem was only discovered on July 29, Equifax said. In addition to names, birthdays, and addresses, other compromised data includes driver's license and Social Security numbers. About 209,000 people had credit card numbers stolen, and 182,000 had documents used in disputes taken.

The situation is being investigated by both the FBI and a security firm hired by Equifax. Those worried they may be affected can visit equifaxsecurity2017.com to check, but the company is asking for the last six digits of a person's Social Security number, and not necessarily giving any confirmation other than when they can enroll in planned protection service, which will be free for a year for anyone who signs up by Nov. 21. People can separately ask to have their credit reports frozen.

Apple's U.S. loan partner for the iPhone Upgrade Program is Citizens Bank, which is believed to perform at least some credit checks with Equifax. The situation could also impact iPhone buyers in general, since carriers like AT&T and Verizon also perform checks on postpaid subscribers.

It may be vital that people check whether they were impacted, because the compromised data could be used to gain access to things like bank accounts and medical records.

The iPhone Upgrade Program costs at least $32.41 per month after an initial purchase, but guarantees a new iPhone once a year after a trade-in, and includes AppleCare+. It could see a rush of people this year, given the "iPhone 8's rumored $999-plus pricetag.



85 Comments

nht 14 Years · 4491 comments

Well that's pretty bogus...you need to wait for an "enrollment date" to enroll for their identity theft protection.  Im guessing they hope you forget to do so.

SoundJudgment 7 Years · 187 comments

If they don't tell you that your name *WASN'T* involved in the attack the moment you make inquiry... then your name ***WAS*** involved in the breach. You will only be given the chance to enroll in their monitoring program Free for a year...and told nothing more about it. In other words... no news is bad news.

arybaryba 10 Years · 15 comments

nht said:
Well that's pretty bogus...you need to wait for an "enrollment date" to enroll for their identity theft protection.  Im guessing they hope you forget to do so.

Pretty ironic that a company that few, if any of us actually do business with and charged with telling the banks that we're "credit worthy" is involved in such an enormous screw up. You're absolutely right though. They DO hope you'll forget. They even tell you to make a note to sign up, because you won't get another notice reminding you to do so. Then on top of that, as SoundJudgment points out, all you get is a "yup, you're screwed" without any additional information and a year of monitoring, is ridiculous. You're data is out there forever. This is way worse than Target, Home Depot, etc.

magman1979 11 Years · 1301 comments

I would tell people NOT to go to that new Equifax 2017 site, as it's going to be responsible for even more data theft:

https://arstechnica.com/information-technology/2017/09/why-the-equifax-breach-is-very-possibly-the-worst-leak-of-personal-info-ever/

I can't believe their incompetence! Also, AI should update this article to tell people NOT to go to that new site, review above link for background...

anton zuykov 9 Years · 1056 comments

arybaryba said:
nht said:
Well that's pretty bogus...you need to wait for an "enrollment date" to enroll for their identity theft protection.  Im guessing they hope you forget to do so.
Pretty ironic that a company that few, if any of us actually do business with and charged with telling the banks that we're "credit worthy" is involved in such an enormous screw up. You're absolutely right though. They DO hope you'll forget. They even tell you to make a note to sign up, because you won't get another notice reminding you to do so. Then on top of that, as SoundJudgment points out, all you get is a "yup, you're screwed" without any additional information and a year of monitoring, is ridiculous. You're data is out there forever. This is way worse than Target, Home Depot, etc.

It would be nice if there was...I don't know...a lawsuit from 10-20M "clients".