LuxSci

The Equifax Breach: What you need to know

Published: September 8th, 2017

Update: Equifax’s lawyers have since updated their language on the use of Equifax services as it relates to being able to participate in a class action law suit.  While New York Attorney General Eric Schneiderman said the forced arbitration terms of service are “unenforceable” and should be removed, Equifax has added language to its “FAQs for Consumers” that the arbitration clause in the “Terms of Use” does not apply to “the cybersecurity incident.”

Have a question?  Ask Erik

Links:

Transcript

Equifax, one of the three big credit reporting agencies has just announced it has experienced the biggest breach of any company yet this year. 143 million people are affected, and this breach is even more sensitive than others we have heard recently such as Yahoo, because it affects things such as social security numbers, birth dates, addresses, and in some cases, even driver’s license numbers.

US Senator Mark Warner said, “It’s not an exaggeration to suggest that a breach such as this represents a real threat to the economic security of Americans.” This is serious. This is a 10 on a scale of 1 to 10. Equifax set up a website for you to check and see if you are affected. www.equifaxsecurity2017.com. This domain does not instill trust in them as a company.

It’s not registered by them. It’s registered by their lawyers. It used WordPress, which isn’t very well known for security. It uses weak SSL certificates, not even EV certificates, and it comes five weeks after they found out about the breach. Equifax suggests you sign up for credit monitoring and identity theft protection that they offer, and they’re giving it free for one year to anyone who wants it, even if you’re not affected. But be wary if you do so. The terms and conditions make you ineligible for any class action lawsuit that may result if you sign up.

What should you be doing? First, you should see if you are affected. About half of Americans are. Then, check your credit report periodically. Pay attention to your bank and credit card statements for things that look suspicious, and be wary of phishing attacks and keep up security on your devices. All these things really you should be doing in any case due to all of the breaches that have been happening recently and due to the insecurity we’re seeing across the internet. They’re just standard steps to being diligent in today’s society.

Leave a Comment


You must be connected or logged in to post a comment. This is to reduce spam comments.

If you have not previously commented, you can connect using existing social media account, or register with a new username and password.