After announcing millions of people were impacted by an unprecedented hack on its systems, Equifax faced a customer service nightmare as panicked masses turned to a website and customer service line set up to answer whether their most sensitive information had leaked.
Equifax first learned of the breach in late July, but announced the issue affecting as many as 143 million people on Thursday evening. Some of the main ingredients for identity theft-including Social Security numbers, addresses, birth dates, and driver’s license data-were compromised in the hack. Some credit card information was also put at risk.
In revealing this 21st century catastrophe, the credit reporting service set up a website so users could quickly assess if their information had been made vulnerable. Users, however, were asked to enter the kind of information they’re often warned not to reveal online, in this case a combination of their last name and the last six digits of their Social Security number.
The request was met with skepticism, as many already shaken consumers felt unsafe giving up crucial identity data to a company that just admitted being penetrated. A malfunctioning “captcha,” a program used to distinguish humans from bots, added irony to insult.
Three senior executives, Chief Financial Officer John Gamble, President of U.S. Information Solutions Joseph Loughran, and Rodolfo Ploder, president of workforce solutions, sold stock worth almost $1.8 million in the days following the company’s discovery of the hack, potentially the largest in history.
A spokeswoman for Equifax said the men “had no knowledge that an intrusion had occurred at the time.” After news of the hack broke, the company’s shares fell 13 percent and “Equifax” became the number one trending topic on Twitter.
If a user chose Thursday night to enter their information on the Equifax website to see if they had been affected, one of three messages appeared: that the user had indeed been impacted by the cyberattack, that they hadn’t been impacted, or an unclear message listing a date at which the user could enroll in Equifax’s “TrustedID Premier” service without further information as to whether their identity had been stolen. The third option listed a date and said: “Please be sure to mark your calendar as you will not receive additional reminders. On or after your enrollment date, please return to faq.trustedidpremier.com and click the link to continue through the enrollment process.”
Not Equifax’s finest hour, users complained. After receiving this message, one less-than-satisfied Twitter denizen wrote: “Great customer service: put all burden on me.” Another criticized the company for only offering one year of their “TrustedID” service.
Customer service agents contacted by phone on the emergency telephone line said they couldn’t provide further clarity on the matter. One agent, who identified himself as Kevin, said he worked for a third party customer service agency hired by Equifax.
Though the telephone line was set up to help customers determine whether they had been put at risk by the breach, the operator said he had no access to such information.
“At this time, we do not have a database of impacted individuals. I am unable to tell you whether you are impacted,” Kevin explained. Another customer service agent, reached via phone according to an account in Fast Company, said they weren’t familiar with the hack at all.
Equifax didn’t immediately respond to a request for comment made outside normal business hours.
Subscribe to the Morning Review newsletter
Get the day's top headlines delivered to your inbox every morning by subscribing to our newsletter