According to LifeLock's Twitter account, on Friday, its website and phone lines were experiencing technical issues because of increased interest after the Equifax breach.
On Thursday, Equifax reported that from mid-May to July, cyberattackers had accessed names, Social Security numbers, birth dates, addresses, and some driver’s license numbers through a website vulnerability. The company also said credit card numbers for around 209,000 consumers had been accessed. As many as 143 million people may have been affected, according to Equifax CEO Rick Smith.
"This is clearly a disappointing event and one that strikes at the heart of who we are and what we do," Smith said in a video message. "I deeply regret this incident and I apologize to every affected consumer and all of our partners."
James Van Steenhuyse, executive director for a Phoenix branch of UBS, said the Equifax website, where you can check to see if your data may have been stolen, is your best bet. But knowledge can be small comfort: “It doesn’t do anything for you — it might actually raise the fear level a little bit knowing," Van Steenhuyse told Phoenix New Times.
(Incidentally, Van Steenhuyse and his assistant were both victims of the data breach.) Van Steenhuyse added that a proactive step, such as enrolling in a credit-monitoring and fraud-alert program such as LifeLock could help consumers.
In a statement posted to its website dedicated to the hack, Equifax said the company is “offering free identity theft protection and credit file monitoring to all U.S. consumers, even if you are not impacted by this incident.” The service, called TrustedID, is complimentary for one year.
Due to the recent major breach, our phone lines have been very busy. We are aware of the website problem and are working to resolve it.-DV— LifeLock (@LifeLock) September 8, 2017
Sounds good, right? Just don’t sign on the dotted line without reading the fine print: The TrustedID terms of service includes a line where consumers must waive their right to bring or participate in a class-action lawsuit against the company.
Arizona happens to have a corporate office of one the more-recognizable names in the identity-theft protection industry: LifeLock, based in Tempe. However, New Times has previously reported on the shady nature of these purported identity-theft companies; in particular, the misadventures of company co-founder Robert J. Maynard, Jr., whose origin story was called into question in a 2007 exposé.
Around the same time, LifeLock spent millions on a campaign that plastered CEO Todd Davis' social security number on ads, a publicity stunt designed to showcase LifeLock's confidence in their data-protection methods.
When a call was placed to the LifeLock offices on Friday, an automated message told customers who are "calling regarding data security-related news stories recently making headlines” to stay on the line for more information — presumably, to sign up for their identity protection services, which start at $8.99 per month.
On Twitter, LifeLock's account was responding to users experiencing issues with their phone lines and website. "Due to the recent major breach, our phone lines have been very busy. We are aware of the website problem and are working to resolve it."
A request for comment to LifeLock's media department was not immediately returned. LifeLock was acquired by another cybersecurity firm, Symantec, in 2016.