Massive Data Breach At Equifax  

Equifax has suffered a major breach of sensitive data since March 2017. Millions of Americans have been affected. The first intrusion was discovered in March, and this agency’s central clearinghouse for sensitive data like driver’s license numbers and social security numbers has been stolen by hackers. It’s just another situation where the cybersecurity alarm bells are ringing off the hook.

The Chain of Events

The digital security company Mandiant was the forensic investigator for Equifax, hired to uncover exactly what happened and who was affected. The hack that took place in March had nothing to do with the Hacks from May through September. Regarding the investigation of the September breach, the report indicated that an additional 2.5 million Americans may have been affected. That brings the total amount of people who were impacted to 145.5 million. That is huge, and consumers need to be aware. Newly appointed CEO Paulino do Rego Barros stated, “I was advised Sunday that the analysis of the number of consumers potentially impacted by the cybersecurity incident has been completed, and I directed that the results be promptly released. Our priorities are transparency and improving support for consumers. I will continue to monitor our progress on a daily basis.

In written testimony, former CEO Richard Smith told the Energy and Commerce Committee, It appears that the breach occurred because of both human error and technology failures. Recently, adding insult to injury, the Equifax Twitter account recently sent customers to the site “securityequifax2017.com,” a bogus site that clearly plays off the real site’s web address: equifaxsecurity2017.com. The tweet, naturally, has since been removed, but this isn’t the first time the Equifax has sent people to the phishing site. Note that Google Chrome now flags the fake site as deceptive.”

What was Stolen and What’s Being Done?

So, what exactly was stolen and what’s being done about it? It appears that confidential personal information, such as bank accounts, medical information, credit card information were among the stolen data. This is about as bad as it gets. And if you had a credit report, the risk is high that you were in this breach. You actually have a 50 percent chance that some of your personal information was stolen. The investigation is ongoing, and Equifax is working closely with the FBI. It’s important to note that Equifax has been highly criticized for not revealing the breach soon that it did.

While Americans are getting used hearing about data breaches all the time now, the scope of this breach raises some serious questions. Many feel that the government should get involved. Some feel that Congress should create a universal data breach notification policy and increase data protection policies. Senator Mark Warner of Virginia will be pushing for legislation for stricter and broader consumer protections. In addition, Equifax plans to mail written notices to all consumers affected. Equifax’s current CEO, Barros, plans to take new steps to enhance its cybersecurity practices.

Steps to Take After the Breach

There are some steps consumers can take to protect themselves after the Equifax breach.

• Place a credit freeze on your files. This action makes it more difficult for a person to open a new account in your name.
• File taxes early. Do this before a scammer has the chance to. Tax identity theft is common today, especially when someone has your social security number.
• Keep track of bank accounts and credit cards for charges that are unfamiliar.
• Check your credit reports from Equifax, TransUnion and Experian. Activity may indicate identity theft.
• Place a fraud alert on your files. This will warn creditors to verify that it’s really you if someone is seeking credit in your name.

Why Identities Are So Vulnerable

As the scale of the Equifax breach sinks in, many wonder why our identities are so vulnerable. “It’s due to the fact that the triopoly of Equifax, Experian and TransUnion can collectively amass more than $9 billion collectively and even trade names without customers’ consent. Plus, consumers are largely powerless in being their own advocates. And the stark reality is that citizens and government are ill-prepared. Why are our identities such an insecure tradeable asset in the first place? If firms can make money on our identities, why are we not participating in the value captured? And the critical flaws in our identity analog system need to be fixed. Newer technologies and stronger data security standards need to emerge.” If not, the whole American economy could be adversely affected.

If you’d like to learn more about how to protect yourself or your company against cyberattack, contact Cat-Tec in Southern Ontario at (416) 840-6560 or email at info@cat-tec.com. They are always happy to answer any questions that you may have. The experts at Cat-Tec in Southern Ontario will help educate you and get you proactive in the solution.