The Equifax Breach: What you need to know
Have a question? Ask Erik
Equifax, one of the three big credit reporting agencies has just announced it has experienced the biggest breach of any company yet this year. 143 million people are affected, and this breach is even more sensitive than others we have heard recently such as Yahoo, because it affects things such as social security numbers, birth dates, addresses, and in some cases, even driver’s license numbers.
US Senator Mark Warner said, “It’s not an exaggeration to suggest that a breach such as this represents a real threat to the economic security of Americans.” This is serious. This is a 10 on a scale of 1 to 10. Equifax set up a website for you to check and see if you are affected. www.equifaxsecurity2017.com. This domain does not instill trust in them as a company.
It’s not registered by them. It’s registered by their lawyers. It used WordPress, which isn’t very well known for security. It uses weak SSL certificates, not even EV certificates, and it comes five weeks after they found out about the breach. Equifax suggests you sign up for credit monitoring and identity theft protection that they offer, and they’re giving it free for one year to anyone who wants it, even if you’re not affected. But be wary if you do so. The terms and conditions make you ineligible for any class action lawsuit that may result if you sign up.
What should you be doing? First, you should see if you are affected. About half of Americans are. Then, check your credit report periodically. Pay attention to your bank and credit card statements for things that look suspicious, and be wary of phishing attacks and keep up security on your devices. All these things really you should be doing in any case due to all of the breaches that have been happening recently and due to the insecurity we’re seeing across the internet. They’re just standard steps to being diligent in today’s society.
- Oh S*#@! You’ve Been Breached: What Should You Do?
- The HIPAA Breach Notification Rule: What it Really Means to Providers and Insurers
- HIPAA and Heartbleed … Are you automatically in breach?
- 2018 Cybersecurity: Breaches, Online Trends & What Lies Ahead
- HIPAA FAX Breach: Why health care should finally stop faxing