If the tool says your data may have been disclosed, it is probably time to ask for a security freeze, and possibly credit monitoring or an anti-identity-theft service. My suggestion would be to read the articles related to this data revelation on the krebsonsecurity.com Web site.
Equifax is offering a service, TrustedID, to everyone that is supposed to give you monitoring of misuse of your information for a year.
Is a year in this case really long enough?
I would not trust the “tool” on the Equifax site to tell me whether I was affected. If several hundred million people were involved you can just assume that you were. At the very least you can place a “fraud alert” on your credit report at all three agencies at no cost. This is good for ninety days and can be renewed. Here’s a link: https://www.experian.com/fraud/center.html
^Pretty much my thoughts too. In order to find out if I’m affected I have to enter lots of personal information into this website. They probably already have it, but maybe not, and I’ve no guarantees that the info I give them won’t be used in other ways. Besides, the only course of action suggested to affected individuals is to monitor your financial statements closely, which you should be doing anyway.
Better to just assume all your information is already in the hands of malicious parties and act accordingly. If your information wasn’t leaded in this breach, is was from one of dozens of reported leaks before this one, or one that we don’t even know about.