In September 2017, Equifax announced that hackers stole the personal data of 143 million U.S. consumers, making it the biggest data breach in 2017 and the fifth largest breach on record. Here is what you need to know about this massive breach.
During May through July 2017, hackers accessed Equifax’s computer systems by exploiting a vulnerability in a website application. Although Equifax immediately stopped the intrusion when it was discovered on July 29, the damage had already been done. The hackers got away with the names, Social Security numbers, birthdates, addresses, and, in some cases, driver license numbers of 143 million U.S. consumers. Plus, the hackers stole credit card numbers (209,000 U.S. consumers impacted) and dispute documents containing sensitive data (182,000 U.S. consumers affected). They also accessed a limited amount of personal information about certain Canadian and U.K. residents.
After Equifax discovered the data breach, it hired an independent cybersecurity firm to forensically investigate the incident, conduct a security assessment, and recommend ways to help prevent this type of incident from happening again. Obtaining these recommendations, though, does not guarantee that another breach won’t occur. Equifax did not seem to learn from two previous data breaches. In 2016, cybercriminals stole U.S. W-2 tax information from an Equifax website. And, between April 2016 and March 2017, hackers accessed W-2 tax information from Equifax’s TALX subsidiary (now called Equifax Workforce Solutions), which provides online payroll, human resources, and tax services.
To keep the public informed about the 2017 data breach, Equifax established the Cybersecurity Incident & Important Consumer Information website. It contains detailed information about the incident as well as a tool that consumers can use to determine if their personal information was potentially involved in the breach. However, ZDNet reported that the tool is basically useless since it is giving out incorrect results.
To answer people’s questions about the data breach, Equifax set up a dedicated call center at 866-447-7559. It is available 7 days a week and nearly 24 hours a day. The only time it is closed is between 1 a.m. and 7 a.m.
Equifax is also offering a free one-year subscription to the TrustedID Premier service for all U.S. consumers, even if they have not been impacted by this breach. The service includes identity theft insurance and monitoring of Equifax, Experian, and TransUnion credit files. You can learn more about the TrustedID Premier service in the What Can I Do? page of the Cybersecurity Incident & Important Consumer Information website.
In the Equifax data breach, hackers obtained sensitive data — including Social Security and credit card numbers — for a massive number of U.S. consumers. Thus, the potential for identity theft and credit card fraud is high for many Americans. Until you know whether or not your data was stolen, it is a good idea to be proactive and take some or all of the following precautions to protect yourself:
About CHIPS Computer Services
CHIPS Computer Services is an award winning Managed Services Provider specializing in help businesses increase efficiencies and profits by levering properly managed technology. To learn how CHIPS can help your business, email us at firstname.lastname@example.org to schedule no cost business technology assessment.