Equifax Has a Stunningly Bad Web App for Signing Up for TrustedID
After Equifax finally revealed that they had been breached and personal credit information (and credit card numbers) on as many as 143 million Americans had been stolen, they created EquifaxSecurity2017.com for information and enrollment which, as it turns out, should have been named EquifaxINSECURITY.com.
Why? It’s because of trying to sign up and having their web application for TrustedID not come up, return an error, and then finally display after two minutes without a theme! As you will see from the screenshots below, someone like me with A LOT of cyber security knowledge is concerned, even though I did verify that their certificates were valid but my Equifax trust level is very, very low.
View five screenshots of why this failed and why even me, someone with the skills to determine if this is a real app loading from Equifax, don’t trust it:
I receive this activation email eight hours ago, verify the link is valid, and click on it to open my default web browser (Chrome).
First I get an error “Unable to connect” which, I assume, is their server-based application not loading but it keeps trying FOR OVER TWO MINUTES. WTF?
After about 1.5 minutes this comes up. No theme, just the barebones web application for TrustedID. There is absolutely NO way I would EVER enter my SS number and other critical information within this app.
Then I open up another browser but of course, the token in the email link no longer works and TrustedID assumes I successfully sign up (sigh…).
Who is running this Equifax shit-show? You would think after two key C-level executives resigned that someone in the organization would step-up their game, scale their servers, and ensure that these sorts of sign-ups actually work!
So I guess I’ll do what they say and “If you have any questions, please contact our call center at 877-742-1415.”
About Steve Borsch
Connecting the Dots Podcast
Podcasting hit the mainstream in July of 2005 when Apple added podcast show support within iTunes. I'd seen this coming so started podcasting in May of 2005 and kept going until August of 2007. Unfortunately was never 'discovered' by national broadcasters, but made a delightfully large number of connections with people all over the world because of these shows. Click here to view the archive of my podcast posts.