krebsonsecurity.com

My Identity got leaked, scared please help So my Tiktok account got hacked (I'm working with Tiktok to secure my account it looks like the person paid someone at TT to reset my acc login info) and because I was making money from it my SSN number, home address, date of birth, and full name could be accessed from my account. This person who had access to my account I think is now trying to open creditcards/other things in my name and I'm kind of scared on what to do. I understand that I need to now make accounts, add 2fa, freeze and order reports from Equifax, Experian, TransUnion, ChexSystems, Early Warning Services, LexisNexis, NCTUE, Innovis, Factor Trust, and Clarity Services. As well as getting a pin on my SSN with the IRS. But what else can I do to secure myself? I feel so vulnerable right now and like my life is completely at the whim of this malicious hacker. For example I was reading about [https://krebsonsecurity.com/2022/07/experian-you-have-some-explaining-to-do/](https://krebsonsecurity.com/2022/07/experian-you-have-some-explaining-to-do/) and I just feel so defeated. Am I gonna just be in a constant battle to secure my Experian account? Does this security bug work with credit agencies (ik they say it doesnt with Transunion and Equifax but theres just so many)? I saw that a few people say if you pay for Experian this security bug doesn't work anymore. Should I just pay for it? What happens if this hacker manages to add a credit card / loan that I don't find out about till months later because all the systems for checking this stuff is so broken? Am I just screwed, I'll have to pay for it? I know I can dispute it but it seems like such a long process based on what I've read and that it barely works. Please help I feel like my life is ending.

Experian PSA: You are not safe This is fucking ridiculous and everyone needs to know. My experian account got hacked today for the 4th time and I know exactly how they did it because I used the same method to recover it. If you sign up for a new account at experian with the same user info, as long as you can answer questions about your credit, have the ssn, dob, and other basic info, it OVERWRITES the old account. It does not ask for password It does not ask for security pin. I recovered my account by literally doing just that. Their entire security model relies on your credit report data being a secret, yet once you've been compromised the attacker KNOWS all of that information and none of it can be changed. This is catastrophic. This is the same thing as discovered here https://krebsonsecurity.com/2022/07/experian-you-have-some-explaining-to-do/ and I was able to verify for myself.

Experian PSA: You are not safe This is fucking ridiculous and everyone needs to know. My experian account got hacked today for the 4th time and I know exactly how they did it because I used the same method to recover it. If you sign up for a new account at experian with the same user info, as long as you can answer questions about your credit, have the ssn, dob, and other basic info, it OVERWRITES the old account. It does not ask for password It does not ask for security pin. I recovered my account by literally doing just that. Their entire security model relies on your credit report data being a secret, yet once you've been compromised the attacker KNOWS all of that information and none of it can be changed. This is catastrophic. This is the same thing as discovered here https://krebsonsecurity.com/2022/07/experian-you-have-some-explaining-to-do/ and I was able to verify for myself.

Experian PSA: You are not safe This is fucking ridiculous and everyone needs to know. My experian account got hacked today for the 4th time and I know exactly how they did it because I used the same method to recover it. If you sign up for a new account at experian with the same user info, as long as you can answer questions about your credit, have the ssn, dob, and other basic info, it OVERWRITES the old account. It does not ask for password It does not ask for security pin. I recovered my account by literally doing just that. Their entire security model relies on your credit report data being a secret, yet once you've been compromised the attacker KNOWS all of that information and none of it can be changed. This is catastrophic. This is the same thing as discovered here https://krebsonsecurity.com/2022/07/experian-you-have-some-explaining-to-do/ and I was able to verify for myself.

Experian PSA: You are not safe This is fucking ridiculous and everyone needs to know. My experian account got hacked today for the 4th time and I know exactly how they did it because I used the same method to recover it. If you sign up for a new account at experian with the same user info, as long as you can answer questions about your credit, have the ssn, dob, and other basic info, it OVERWRITES the old account. It does not ask for password It does not ask for security pin. I recovered my account by literally doing just that. Their entire security model relies on your credit report data being a secret, yet once you've been compromised the attacker KNOWS all of that information and none of it can be changed. This is catastrophic. This is the same thing as discovered here https://krebsonsecurity.com/2022/07/experian-you-have-some-explaining-to-do/ and I was able to verify for myself.

Experian PSA: You are not safe This is fucking ridiculous and everyone needs to know. My experian account got hacked today for the 4th time and I know exactly how they did it because I used the same method to recover it. If you sign up for a new account at experian with the same user info, as long as you can answer questions about your credit, have the ssn, dob, and other basic info, it OVERWRITES the old account. It does not ask for password It does not ask for security pin. I recovered my account by literally doing just that. Their entire security model relies on your credit report data being a secret, yet once you've been compromised the attacker KNOWS all of that information and none of it can be changed. This is catastrophic. This is the same thing as discovered here https://krebsonsecurity.com/2022/07/experian-you-have-some-explaining-to-do/ and I was able to verify for myself.

Experian PSA: You are not safe This is fucking ridiculous and everyone needs to know. My experian account got hacked today for the 4th time and I know exactly how they did it because I used the same method to recover it. If you sign up for a new account at experian with the same user info, as long as you can answer questions about your credit, have the ssn, dob, and other basic info, it OVERWRITES the old account. It does not ask for password It does not ask for security pin. I recovered my account by literally doing just that. Their entire security model relies on your credit report data being a secret, yet once you've been compromised the attacker KNOWS all of that information and none of it can be changed. This is catastrophic. This is the same thing as discovered here https://krebsonsecurity.com/2022/07/experian-you-have-some-explaining-to-do/ and I was able to verify for myself.

Experian PSA: You are not safe This is fucking ridiculous and everyone needs to know. My experian account got hacked today for the 4th time and I know exactly how they did it because I used the same method to recover it. If you sign up for a new account at experian with the same user info, as long as you can answer questions about your credit, have the ssn, dob, and other basic info, it OVERWRITES the old account. It does not ask for password It does not ask for security pin. I recovered my account by literally doing just that. Their entire security model relies on your credit report data being a secret, yet once you've been compromised the attacker KNOWS all of that information and none of it can be changed. This is catastrophic. This is the same thing as discovered here https://krebsonsecurity.com/2022/07/experian-you-have-some-explaining-to-do/ and I was able to verify for myself.

Experian PSA: You are not safe This is fucking ridiculous and everyone needs to know. My experian account got hacked today for the 4th time and I know exactly how they did it because I used the same method to recover it. If you sign up for a new account at experian with the same user info, as long as you can answer questions about your credit, have the ssn, dob, and other basic info, it OVERWRITES the old account. It does not ask for password It does not ask for security pin. I recovered my account by literally doing just that. Their entire security model relies on your credit report data being a secret, yet once you've been compromised the attacker KNOWS all of that information and none of it can be changed. This is catastrophic. This is the same thing as discovered here https://krebsonsecurity.com/2022/07/experian-you-have-some-explaining-to-do/ and I was able to verify for myself.

Experian PSA: You are not safe This is fucking ridiculous and everyone needs to know. My experian account got hacked today for the 4th time and I know exactly how they did it because I used the same method to recover it. If you sign up for a new account at experian with the same user info, as long as you can answer questions about your credit, have the ssn, dob, and other basic info, it OVERWRITES the old account. It does not ask for password It does not ask for security pin. I recovered my account by literally doing just that. Their entire security model relies on your credit report data being a secret, yet once you've been compromised the attacker KNOWS all of that information and none of it can be changed. This is catastrophic. This is the same thing as discovered here https://krebsonsecurity.com/2022/07/experian-you-have-some-explaining-to-do/ and I was able to verify for myself.