First, while Equifax is offering a free year of credit monitoring for anyone who wants it, this isn’t a philanthropic gesture. Equifax owns Trusted ID. Furthermore, the ToS associated with the product states that customers who sign up for the service will be billed for it thereafter unless they call the company to cancel the product. Equifax has stripped out other clauses in its ToS that deal with service billing in the last 48 hours, but it left the clauses about automatically renewing the service for those who do not cancel.

And let’s be clear: At least some people are going to feel as if they need this kind of monitoring for longer than 12 months. Equifax leaked both social security numbers and birth dates, meaning identity thieves now have everything they need to launch credit-destroying attacks against much of the US population at any point over the next few decades. Neither your social security number or your birth date are going to change, after all. But wait, there’s more!

Let’s say you want to lock your credit file anyway, even though it’ll only protect you from one-third of potential searches. Equifax requires you to input a 10-digit PIN to request an account unlock. A 10-digit code would typically be difficult to break, if Equifax didn’t auto-generate PIN numbers that corresponded to the date and time you requested the lock. If you locked your credit file on September 10th at 11:45 AM, your PIN number would be 0910171145. That’s September 10 2017, at 11:45 AM. It’s also the kind of security one might expect in a Mel Brooks movie, and it’s a horrifying choice for a company whose own servers were just aggressively penetrated and robbed.

Eoin Treacy's view

Since I moved to the USA three years ago my personal details have been stolen four times. Breaches at Target, Home Depot, Anthem and now Equifax suggest that a significant cross section of the US population’s data is now to be found somewhere on the web. 

What’s funny is that none of this was ever an issue when I lived in Europe. That is either because European companies have not adopted cloud services to nearly the same extent as in the US, or they are more diligent about protecting data. I suspect it is the former because European authorities take a more proactive approach to privacy than is evident in the USA. 

Generally speaking US firms prefer to carry cyber insurance rather than incur the cost of implementing the protocols and services necessary to avoid a hack. In Equifax’s case, the insurance may not be enough to cover the costs of the breech and the share fell aggressively again today to extend its decline. 

This pullback represents a clear example of a Type-2 massive reaction against the prevailing trend top formation. A clear upward dynamic will be required to check the downward bias but a sustained move above the trend mean would be needed to begin to repair damage already incurred to what had been an impressive 7-year uptrend. 

Elsewhere in the credit monitoring sector Transunion remains in a consistent medium-term uptrend. 

UK listed Experian hit a medium-term peak near 1700p in May and has since pulled back to test the 1500p level. It will need to hold that area if the medium-term uptrend is to be given the benefit of the doubt.