Equifax: Last Week Tonight with John Oliver (HBO)

Equifax. The company whose name sounds
like a theatrical production in which Daniel Radcliffe,
plays a horse -that fucks a fax machine.
-(AUDIENCE LAUGHING) Now Equifax, is one of the big three
credit reporting agencies. The companies who keep
financial data on all of us. So that people like uh, lenders
and landlords can decide, whether or not
we are trustworthy. So, Equifax controls some of our
most sensitive information and about a month ago,
we learned this. NEWSCASTER 1:
Breaking news from the
credit monitoring company,
Equifax.Cyber thieves making off
with private information
of 143 million Americans,nearly half the U.S. Population.It’s actually worse. It’s now 145 million Americans and I have got good news
and bad news there. The good news is that
by “private information” they don’t mean
your Google search history, so, nobody yet knows about the time
you searched for, “wario porn (real),” or “world’s richest dogs
looking for assistants,” or “can loneliness
cause the farts?” (AUDIENCE LAUGHING) But the bad news is,
the information they got, could well be all this. NEWSCASTER 2:It’s your name,
social security number,
birth date, driver’s license
and addresses where you lived,
information that
is mostly permanent
unless you’re in
federal witness protection.
-Wow! Okay, so, that does sound bad, but here’s a simple solution,
just move 145 million people into the witness
protection program. That means Jones’
uh, you are the Thompson’s, uh, Thompson’s
you’re the Campbell’s, Campbell’s
you’re the Mendoza’s, Mendoza’s, you’re the Jones’. Wait– wait hold on,
Jones’ you shouldn’t be there, I made you the Thompson’s. No, Thompson’s I made you
the Campbell’s. Campbell’s,
you’re the Mendoza’s. Mendoza’s, why are you there? You should be living
in the Jones’ house in Phoenix. Oh no, I shouldn’t have
said Phoenix. -Oh God, the Jones’ are dead!
-(AUDIENCE LAUGHING) -The Jones’ are dead!
-(AUDIENCE APPLAUDING) Forget the whole plan,
I was just trying to help! I’m sorry for trying!
-And– and I know– -I know there might be…
-(AUDIENCE APPLAUDING) …some younger people
watching this and, well hold on– who cares? We’re the first generation to routinely send pictures
of our junk to each other -over the internet.
-(AUDIENCE LAUGHING) Why should we give a shit about someone seeing
our social security numbers? But you should know, criminals can do a lot more
with that number than they can with a picture
of your dick. This information
is gonna be sold left and right
on the black market. People are gonna be
able to open up credit cards for the rest of your life
once they have that information. They can go out and purchase
a home in your name. They can open bank accounts,
take car loans. Someone who has your
social security number could actually take a job,
they could file taxes and even claim
your kids as dependents and be gone with your refund before you ever actually file
a tax return. No! No! No, the tax benefit, is the whole point
of having children. -(AUDIENCE LAUGHING)
-Without that, all you’re left with
is your actual children. -(AUDIENCE LAUGHING)
-Which, you know… -Ugh!
-(AUDIENCE LAUGHING) The point here is,
it’s a huge problem and in any other era, this would’ve been
the biggest news story for a month, but– but now that
every day’s headline is simply the words, “Everything batshit
bananas again today,” -(AUDIENCE LAUGHING)
-it slipped under the radar, but it is worth asking,
“How the hell did this happen?” Because the short answer is, the people in-charge have done
literally everything wrong. And let’s start with just– just the way that Equifax
told us about the hack. In early September,
their then CEO, Rick Smith, a man with a face and name
so bland he may as well be called,
“Human Person,” or “Frasier re-run.” -(AUDIENCE LAUGHING)
-He issued a taped apology, but his remorse seemed a little
less than heart felt. On July 29th of this year,
we discovered that attackers had gained unauthorized access
to certain Equifax data files. This is clearly
a disappointing event and one that strikes
at the heart… of who we are
and what we do. -Holy shit!
-(AUDIENCE LAUGHING) Rick Smith is so
alarmingly mechanical you probably have to put him
in rice every time he gets wet. -(AUDIENCE LAUGHING)
-Now, notably he mentioned there that Equifax
learned about the breach on July 29th, but even more notably that video
was uploaded in September, which is, and this is true,
after July. So, Equifax
knew about the breach for nearly six weeks before telling the public
and they claim that they needed that time
because the investigation was “complex and time consuming.” Although, that’s not all
that happened in that time span. NEWSCASTER 3:Three Equifax
sold nearly two million dollars
in company stock,
days after the data breach
was discovered.
Wow! Selling stock before the public
knows there’s a problem is one of those thing
that looks suspicious whether or not you’re
actually doing something wrong. It’s like, walking
into a petting zoo, with a bib on. What exactly are you planning -on messily devouring in there?
-(AUDIENCE LAUGHING) And Equifax defended
that saying, none of the executives
in question including their
Chief Financial Officer knew about the data breach,
which raises another question, -“How is that even possible?”
-(AUDIENCE LAUGHING) Did they just ignore emails
with the subject lines, “Breach!”
“Following up on breach!” “Where the fuck are you?
Breach, breach, breach!” And, “Just spoke to you
in person about breach and you just stared blankly
at me, and then said, ‘I’m gonna order
from the salad place.'” (AUDIENCE LAUGHING) And if you are getting
frustrated already with this kind of incompetence, you’re gonna need
to pace yourself, because this story,
gets a lot worse. Apparently,
there were multiple points where this hack
could have been prevented and one of them is incredible, because Equifax were alerted
by Homeland security, back in March, that they needed to fix
a critical vulnerability in their software. But as lawmakers discovered
at a recent hearing, that’s not what happened. There was one person apparently,
who forgot to tell somebody that they had a piece
of software that needed to be patched. Yeah, it is not ideal, that a company guarding
such valuable information leaves something that important
down to one person. It’s like finding out
that Chase Bank has a big red button labeled,
“Lose everyone’s money, and the only thing
stopping anyone from pushing it, -is Frank.”
-(AUDIENCE LAUGHING) And look, I love Frank. I love the guy,
but what if he has to pee? (AUDIENCE LAUGHING) A– and I want to tell you
that this is an anomaly, but Equifax has had multiple
headline-grabbing breaches over the years, and that is not even counting
smaller incidents like this. I checked my credit report
the other day online with Equifax… That was it, and next thing
I know I have 300 pieces of mail sittin’ in my mailbox. NEWSCASTER 4:Every single one
of these is addressed to her,
but they’re not hers.Instead, she got
other people’s credit reports.
Now, names,
social security numbers,
dates of birth, current
and previous addresses
bank and loan account numbers,all stacked up
on a kitchen table in Biddeford.
-Yeah, I mean, that not great, is it? And it really should have
set off red flags at Equifax, when hundreds of different
credit reports were being mailed
to the same address. What exactly did you think
had happened there that every single Fraggle
checks their credit at once, down at Fraggle Rock? -Down at Fraggle Rock?
-(AUDIENCE CLAPPING) -Now– very nice.
-(AUDIENCE LAUGHING) And I know that other companies
have had breaches but none remotely as damaging
as this new Equifax one, ’cause remember,
this isn’t Target exposing
customer’s credit cards. This is compromising
social security numbers the things that thieves
could use to open new credit cards
in your name and if your information
was stolen, which remember, is about a 50-50 chance,
it could haunt you forever. You don’t change
your birth date, you don’t change your
social security number. Those who’ve been, uh,
jeopardized by this hackwill have to protect themselves
for years, until they’re dead.
It’s true and just
think about that. There is only one other thing that you have to
constantly protect yourself from until you’re dead. -And that’s fucking death!
-(AUDIENCE LAUGHING) And you would hope that Equifax
would do a decent job of mitigating the damage. After all, they did have nearly six weeks
to work on a response, but instead,
their fuck ups continued. For instance, they created
a website for concerned consumers
to go to, but then this happened: The site that Equifax started
is called Equifax Security 2017.But a developer named
Nick Sweeting,
wanted to show,
how easy it is
to create a similar fake site,
so he did.
He called it,
Security Equifax 2017.
(AUDIENCE GROANING) Exactly, someone created
a fake site and if you’re thinking,
“Well, who would be dumb enough to fall for that?” Equifax! That’s who! Because they tweeted links
to that fake site at least eight times! (AUDIENCE LAUGHING
IN DISBELIEF) Despite the fact that site had
a couple of tiny clues that it might be fake
from the headline reading, “Why did Equifax use a domain that’s so easily impersonated
by phishing sites?” to the fact that when you
clicked on their
Frequently Asked Questions, this happened. ♪ (“NEVER GONNA GIVE YOU UP”
AND CHEERING) Well played pranksters,
you have my respect. But look, don’t worry. Equifax says that they are
tightening up their operation. And to see how well
that they’ve done on that, You– you can just go to,
equifaxfraudprevention.com, not because it’s their site
but because it’s our site. We bought it two days ago, and if you’ll go there
you’ll find the message, “How were we still able
to do this? Why haven’t you learned
anything?” (AUDIENCE LAUGHING) But wait– wait!
Because there is even more. ‘Cause Equifax
also offered consumers a year of free credit monitoring but when people tried to sign-up
for the service, they noted something. Guess what? You lock into
Equifax terms of service -when sign-up for it,
-Ah! which means that you
can’t sue the company. You’ve gotta resolve any
disputes in forced arbitration. Exactly! You’ll be giving up
your right to sue. So legally, your best recourse
at that point would be, shaking your fist at the heavens
while shouting, “Equifax!” (AUDIENCE LAUGHING) Now, they– they’ve since
rescinded that clause, although many frustrated people
are now signing up for third party credit
monitoring services like, LifeLock, who’ve been
advertising everywhere. And they’ve seen a real surge
in business in the wake
of this breach, although, if you’re considering LifeLock
because you are mad at Equifax, there is something
you’re gonna need to know. According to filings
with the SCC, LifeLock purchases
credit monitoring services from -Equifax.
-(AUDIENCE LAUGHING NERVOUSLY) And that means someone buys
credit monitoring through LifeLock. LifeLock turns around
and passes some of that revenue directly along to Equifax. Is that right Mr. Smith? That is correct. (AUDIENCE LAUGHING
-(AUDIENCE APPLAUDING) some of the money that you pay
to LifeLock goes right back
to fucking Equifax, which could only be
more infuriating if you then found out that
the rest of it goes to Toys For Todds. A charity that purchases
sex toys -for grown men named Todd.
-(AUDIENCE LAUGHING) Buy your own sex toys Todd,
we can’t carry you on this one. (AUDIENCE LAUGHING) And look, Equifax
connections aside, LifeLock has had
repeated issues itself, including settlements
with the FTC and a truly disastrous
ad campaign a few years back. I’m Todd Davis, and I’m here
to prove just how safe your identity can be
with LifeLock. That’s my real
social security number. Yeah, LifeLock’s then-CEO
Todd Davis, actually put his real
social security number, 457-55-5462, on a truck and billboards. For a time, it was impossible
to escape his social security number, -457-55-5462.
-(AUDIENCE CHUCKLING) And that was a very cocky move and one that resulted in him
having his identity stolen -13 times.
-(AUDIENCE APPLAUDING) And I’m guessing,
that the defense for the people who took it was, “I didn’t steal his identity I literally got it off
the back of a truck.” -(AUDIENCE LAUGHING)
-So, to put it mildly, LifeLock, may not be your
best solution to the Equifax crisis,
which brings us to the question, “What is?” Well, consumer advocates told us that the one big step
everyone should take, is to go through all three large
credit reporting companies, that’s Equifax, Experian
and TransUnion, and freeze your credit. That way no one can access it,
including you, until you unfreeze it. Now the companies also offer their own credit protection
products, with names like, Trusted ID or Credit Lock Plus. But, they are
often more expensive and offer fewer
consumer protection. So, if you need a way
to remember this, locks, are something
you don’t want. Think of Justin Bieber’s
dreadlocks. -(AUDIENCE LAUGHING)
-A terrible decision to be avoided! Whereas freezes are great. Uh, think of this tiny penguin
losing its frozen mind. ♪ (UPBEAT MUSIC PLAYING) ♪ See! So, to recap, -locks, oof, freezes, wee!
-(AUDIENCE LAUGHING) Now– now, here is the thing–
here’s the thing on this. Freezing and unfreezing
of your credit can cost money which will go back to these
companies, because seemingly, they just can’t
fucking lose on this. And if you need any more
proof of that, on the very same day that Congress was yelling at
Equifax’s former CEO, it emerged that the company
had just been awarded a seven-million-dollar contract
by the IRS, to prevent fraud, which led one senator to make
a pretty brutal comparison. You realize, to many Americans
right now, that looks like uh… we’re giving Lindsay “Lohawn”
the keys to the mini bar. (AUDIENCE LAUGHING IN SHOCK,)
APPLAUDING) I understand your point. That was the pause of man
thinking, “Do I let that pass?” “Do I correct him
on how to pronounce Lohan?” -(AUDIENCE LAUGHING)
-Or do I double down and pronounce her name,
“Lingonberry Lahoni Baloney.” (AUDIENCE LAUGHING) And you should know–
you should know that IRS deal
has been suspended, not cancelled by the way,
just suspended. And that might make you angry
but the problem is, that anger won’t have
much impact on Equifax. Because they make
most of their money selling our data to businesses,
like banks. So, in their eyes, we are not the consumer,
we’re the product. To think of it in terms of KFC. We are not the guy buying
the ten-piece buckets, -we’re the fucking chickens!
-(AUDIENCE LAUGHING) So, for the time being, businesses are the only ones
who can exert influence here and as one colorfully dressed
expert pointed out, that’s not gonna happen
anytime soon. I haven’t heard any big company
came out– come out yet and say, “We’re not gonna use
Equifax anymore” -for their credit scores.
-STUART VARNEY:Good point.So far, everybody’s been quiet, and I don’t know what they’re
waiting to hear. This is outrageous,
they should be done but I bet you, because it’s America,
they’ll be okay. -(AUDIENCE LAUGHING)
-Here’s the truth, that angry business casual
farm animal on Fox Business -is talking sense.
-(AUDIENCE LAUGHING) And that sentence alone
shows just how bad things are. So, in the long term, there should clearly be
major reform to this industry and how it’s regulated, but that is going to take time,
so until then you need to freeze
your credit reports with all three
of these companies, and only unfreeze them when you need to apply
for credit. And because the freeze option can be hard to find
on their sites if you go to our twitter feed, we will give you exact links
to do that, and when you do, they will give you a PIN number
that you need to unfreeze it. So, do not lose that number,
or at the very least, make it something memorable. I don’t know, like… -457-55-5462.
-But not that, ’cause of course that’s Todd Davis’s
social security number.

100 thoughts on “Equifax: Last Week Tonight with John Oliver (HBO)”

  1. Don't forget – every parent should freeze the credit reports of their children with all three bureaus. Check out https://creditparent.com for an easy way to get the credit freeze done for a child. It's much harder to do for a child than for yourself and Credit Parent makes it real easy.

  2. No one is screwed. Take control and get your remedy. Stand up and do something. https://www.moziahcorporation.com/product-page/data-breach-private-administrative-remedy

  3. Ate it dog ate it perhaps hmmm maybe are lying hmm is shame bet thiefs stole all money trying hide it ahum wow so do they go to jail now??? I think is necessary because this is illegal and they did so… Busted! Idk lol

  4. The greatest line of this segment is: everyone in charge has done literally everything wrong. You are a true peoples champion oliver. We may have failed this city, but not you. Never change you blessed god of a man.

  5. Hate to ruin everyone feeling all self righteous about hating Equifax, but in a BIG way, it is not really their fault.
    They were compelled to hire certain individuals to be are higher levels because of government mandated diversity quotas.
    In this case, they had to hire a woman in a senior position.
    They apparently couldn't find a qualified woman, so they hired a woman named Susan Mauldin as their "Chief Security Officer" who must have been thought of as qualified because she did have a both an undergraduate and graduate degree.
    BUT, those degrees were in MUSIC!
    Another thing is, she was told that these break ins were taking place over a four month period and she did nothing about it, nor did she tell anyone.
    So instead of screaming at the moon about how this could happen, try asking yourself why are we willingly and eagerly doing this to ourselves.
    Next time you hear that Diversity is our Strength, remember this, because it really isn't.

    Want more, google Susan Mauldin Equifax and just see what a train wreck she is.

  6. Can someone use equinox data to hack elections? Register people who don’t vote, and use them to sway elections in swing states with absentee ballots?

  7. 6:44, when the live audience groans loud enough for you to hear it on YouTube, you know you've fucked up.

  8. MyEquifax.com is yet another security disaster…. XD

  9. Sue credit bureaus for lack of proof that YOU took out the loan, not some chimpanzee who happened to have your info. Defamation lawsuit.

  10. How about breaking up all 3 credit bureaus and make it a government function where people can check their OWN credit for no fees as many times as they want, which is the way it should be. This is proof that private corporations can screw up much more than governments.

  11. I'd be angry, except I'm Swedish and we have a national public registry of names, personal numbers (which include your birth date), and address of every citizen. You can walk into any tax office and ask for any individuals information (you'd have to know their name though) and they're required to provide you with it. Why I'm not angry? That info's pretty useless anyway, since without me and my ID there's not much they can do with it.
    Credit reporting agencies are also required to inform you any time someone checks your credit, so as soon someone tries to sign you up for anything you'd find out any way.

  12. This was the segment I’ve been waiting for since September.

    Honestly, it might not have been as cathartic as I wanted it to be, but I’m glad that John covered some of the biggest points and warned others that probably didn’t hear about it. It’s just frustrating that a company that most of us had little to no contact with breach some of our most important information.

    The sad thing is, I’m not quite sure what should be the game plan in the long run. Many people suggest moving away from using SSNs as an all-around identifier, and I agree, but how long will it take to develop the plan (and possibly the technology) to do that?

  13. john dont has kids but a wife? ok i wouldnt want them to grow up in this world either kids are nice and inocent unless you show them the world then they become what they see…. shit

  14. Never thought I'd be thankful to be a college student with debt and terrible credit. If you're hoping to open a credit card in my name, have fun getting told you're too "high risk" for a Starbucks card.

  15. Well, at least we won't have to live with this bullshit for very much longer, what with Western society getting ready to collapse in 6.7 years.

  16. Freezing your credit is not smart…you will be declined every time you apply for credit. It is a giant headache.

  17. To make things worse, none of that customer data has been offered for sale on the dark web which is highly unusual considering that this was the mother load of all breaches. How is that worse? That means that whoever did this wasn't after financial gain. The leading theory now is that a state actor (the cyber-espionage forces of another nation) are behind the hack and now have extremely detailed personal information on literally half of the US population including presumably politicians, industry and business leaders, and key figures in the government. What good is that information? You could use it to financially extort someone, to fake official documents, or to wreak havoc on our financial institutions through a massive coordinated attack at a time of their choosing. Bottom line is: all that permanent info is out there and no one knows who has it or what they plan on doing with it.

  18. That one person
    Susan Mauldin
    Equifax “Chief Security Officer” Susan Mauldin has a bachelor’s degree and a master of fine arts degree in music composition from the University of Georgia. Her LinkedIn professional profile lists no education related to technology or security.

    This is the person who was in charge of keeping your personal and financial data safe — and whose apparent failings have put 143 million of us at risk from identity theft and fraud. It was revealed this week that the massive data breach came due to a software vulnerability that was known about, and should have been patched, months earlier.

  19. I used to work for consumer credit counseling and we always recommended checking your credit report at annualcreditreport.com. it is completely free. You can check it from all 3 credit bureaus once a year . Annualcreditreport.com is administered through the federal trade commission .

  20. Well, I mean, the fact his identity was stolen only 13 times is actually kind of impressive for such a moronic move.

  21. just want to say you have to protect yourself from larry untill death too because he will git you love the show

  22. Equifax issues corporate bonds and has a Baa1 credit rating from Moody's. Who the hell would lend money to someone with such a demonstrated history of irresponsibility?

  23. Apparently Equifax Cyborg Executive Officer Rick Smith neither patched and updated his program to emotionally function and convincingly disguise as a human.

  24. I want to correct Jon and NBC: the personal data Equifax collected is NOT only for Americans. Many VISA and green card holders have an SSN and their data are collected by Equifax as well. So when data leaks, the victims are not necessarily all Americans, but probably contain foreign nationals as well.

  25. I absolutely hate Equifax. It’s been two months I cannot get my annual report. They required me to mail my ssn and other sensitive information! I was able to see my annual report from the other two bureaus with no problem online. How can they still be here and active?!

  26. There needs to be a corporate equivallent to the death penalty, and Equifax should receive it. This sort of thing should be sufficient to take action to ensure they cannot cause so much harm through incompetence/apathy ever again.

  27. Your subjects are as boring as you are, but the content is as good as you are ugly. So…good job

  28. Man this is so fucked. I just turned 18 and I have nooo idea if my credit had been frozen by my parents or not. Anyone know how I can check which places have my info without my knowledge?

  29. That guy from equifax looks like deadpool if Ryan Reynolds stayed in that universe as a patient with terminal cancer

  30. Nobody is taking out a car loan or a credit card in my name lol if anyone stole MY identity they'd be BEGGING for me to take it back!

    I wouldn't be surprised if they showed it after getting pulled over and got arrested because I'm so likely to have a warrant sometimes hahaha

    And if someone is spying on me for the government or whatever they have the most BORING job on the planet and have probably considered suicide multiple times now!

  31. How the FUCK did Equifax get to control anything after this? How are they still allowed to be in business

  32. Overall a very informative piece. But I must point out that being able to register www.equifaxfraudprevention.com is not really Equifax's fault. Generally speaking, you cannot tell a domain name registrar "I want to buy every domain name containing 'equifax' in existence." Now, in a way it is their fault for letting it stay up, but it does require legal resources to dispute it. Well whatever, I don't really feel like defending them. EDIT: Nonetheless, there is absolutely no excuse for the "Tweeting the fraudulent links and deciding in the first place not to just put the damn service on the Equifax main site."

  33. If you care about this stuff and want to seriously fight back against these assholes, VOTE FOR ELIZABETH WARREN IN 2020!! She has been fighting these bastards for decades, and they are SCARED of her. Alternately, vote for Kamala Harris, who would hopefully make Warren Secretary of the Treasury.

  34. John Oliver cucked out and failed to mention that this was caused by feminist bullshit. Namely that the job of Cyber Security Director before this breach happened was given to a diversity hire with a background in women's studies and music composition. A pile of qualified men with backgrounds in IT security were turned down in favor of this incompetent twat … because vagina, of course!

  35. What’s the name of that company that sells safety on your social security and info? I think they have a hand in this issue to get people to buy their services

Leave a Reply

Your email address will not be published. Required fields are marked *