I think Experian was hacked back in 2013.
Equifax Makes Hack Fallout Worse With Bad Credit Freeze PINs https://arstechnica.com/information-technology/2017/09/equifax-moves-to-fix-weak-pins-for-security-freeze-on-consumer-credit-reports/
more from Brian Krebs
https://krebsonsecurity.com/2017/09/ayuda-help-equifax-has-my-data/
more from Brian Krebs
https://krebsonsecurity.com/2017/09/the-equifax-breach-what-you-should-know/
I have reviewed the entire Terms of Use word for word and there is absolutely no mention of one giving up their rights to participate in a class action lawsuit by signing up for TrustedID. In fact, there is absolutely no mention of the phrases "waive their rights" nor "class action lawsuit" anywhere in the Terms of Use. I have attached the Terms of Use below for anyone's reference.
Here is a link for more information.
Sept 8 post.
2) No Waiver Of Rights For This Cyber Security Incident
In response to consumer inquiries, we have made it clear that the arbitration clause and class action waiver included in the Equifax and TrustedID Premier terms of use does not apply to this cybersecurity incident.
Sept 11 post.
5) Adjusted the TrustedID Premier and Clarified Equifax.com
We’ve added an FAQ to our website to confirm that enrolling in the free credit file monitoring and identity theft protection that we are offering as part of this cybersecurity incident does not waive any rights to take legal action. We removed that language from the Terms of Use on the website, www.equifaxsecurity2017.com. The Terms of Use on www.equifax.com do not apply to the TrustedID Premier product being offered to consumers as a result of the cybersecurity incident.
https://www.equifaxsecurity2017.com/
Jim 
...and I don't want to take this thread off-topic, but I've been following some threads in this Norton community about unwanted pop ups on some computers advertising Norton LifeLock and how this "free" identity theft protection service will be bundled with Norton subscriptions - see MountRushRob's thread Disable Pop Up Tray Marketing Notifications for one example.
After reading the details at https://www.lifelock.com/store and learning that the credit score monitoring for the basic LifeLock Standard service is based on data from Equifax I have even more concerns about the wisdom of giving the folks at Norton LifeLock any of my personal information like SSNs [a.k.a. social insurance numbers (SINs) here in Canada], credit card numbers, etc. for credit monitoring.
Woody Leonhard posted some interesting comments in his ComputerWorld article Equifax security breach debacle thickens with improbable denials about his personal experiences using the website Equifax has set up so that U.S. residents can check if their personal information might have been stolen. Out of an abundance of caution I won't re-post the URL in this thread (see my comment below) but Woody got the following message when he entered his last name and last six digits of his social security number (SSN):
I don't know if there's any truth to this, but a 09-Sep-2017 article in my local newspaper stated "Reports suggest that people who sign up for TrustedID Premier Security waive their rights to participate in a class action lawsuit", so be sure to read the fine print if you discover your personal information has been compromised and you're thinking of enrolling in this "free" identity theft protection offer.
I live in Canada, and it appears that an unspecified number of Canadian and UK residents were also affected by this security breach.
the first time bad credit has a positive side 
For those who may have been breached and are concerned- the way things work on the DarkWeb is like this- the credentials for sale are listed by both the State you live in and your credit score. The higher the credit score the more the price to purchase this information.
Note that there is no offering for the sub 700 credit score folks. So if your credit score sucks and you were breached, you are probably Golden.
I heard about this in passing on one of the major news networks, got disgusted (like with everything in the news these days) and stopped listening. Perhaps we can still rely on Experian or Transunion?
Sincerely,
H.B.
more from Brian Krebs
https://krebsonsecurity.com/2017/09/equifax-breach-response-turns-dumpster-fire/
Don't forget to change your name, date of birth, home address and social security number regularly.
The Difference Between a Security Freeze and Credit Monitoring
https://www.howtogeek.com/209396/how-to-prevent-identity-thieves-from-opening-accounts-in-your-name/
Consider placing a credit freeze on your files. A credit freeze makes it harder for someone to open a new account in your name. Keep in mind that a credit freeze won’t prevent a thief from making charges to your existing accounts.
https://www.consumer.ftc.gov/blog/2017/09/equifax-data-breach-what-do
Here is more info from Brian Krebs https://krebsonsecurity.com/2017/09/breach-at-equifax-may-impact-143m-americans/#more-40626
Three Equifax Managers Sold Stock Before Cyber Hack Was Revealed
Three Equifax Inc. senior executives sold shares worth almost $1.8 million in the days after the company discovered a security breach that may have compromised information on about 143 million U.S. consumers.
https://www.bloomberg.com/news/articles/2017-09-07/three-equifax-executives-sold-stock-before-revealing-cyber-hack