These data breaches, that keep happening more and more, usually result in free credit monitoring for consumers. Home Depot's says you can sign up any time in the next year. But they aren't clear about when the actual free monitoring expires. They seem to imply it will expire in a year regardless of when you sign up for it. But is it a year from when you sign up, or a year from when they announced it?
Does the monitoring that results from each data breach usually follow the same rules about when you can sign up, when it will expire, etc.?
What if the Chinese government, or whoever is breaching the data, is saving it for the future, and doesn't intend to use most of it till several years in the future? Is it likely that all the free credit monitoring will have expired by then, and they can get away with massive corruption of millions of accounts, before people find out about them, because it would happen when they least expect it?
Companies have been generally offering credit monitoring for 1 year in these circumstances if I recall correctly.
I don't think hackers usually sit on stolen CCs for very long due to the fact that they are known to be stolen ( sometimes ) and likely to be cancelled. Also they may expire before being used illicitly.
The issue is not whether it's one year, but when that year is. Does it end a year after you can sign up? Or a year after you actually do sign up?