US Credit Reporting giant Equifax recently announced that they have been the victim of a data breach where hackers were able to obtain sensitive personal information on 143 million people.
US Credit Reporting giant Equifax recently announced that they have been the victim of a data breach where hackers were able to obtain sensitive personal information on 143 million people.
US Credit Reporting giant Equifax recently announced that they have been the victim of a data breach where hackers were able to obtain sensitive personal information on 143 million people.
The company also reported that a limited amount of data on UK and Canadian residents was also accessed.
The news comes a week after a major breach of 6 million users was reported by Instagram.
What is most concerning about the Equifax breach is a number of sensitive pieces of information were stolen including:
- Social Security Numbers
- Birth Dates
- Addresses
- Some driver’s license numbers
- Credit card numbers for 209,000 US consumers
- Dispute documents for 182,000 US consumers
Birth dates, social security numbers and addresses all make up the answers to various security questions that are asked by banks, phone companies, loyalty programs, insurers, utility companies and more.
What You Can Do
Equifax has published a tool that people can use to check if they have been exposed in the breach here.
The company also offers very limited advice on what to do for affected people. What’s interesting, and concerning, is the advice centres almost completely on using their own identity theft monitoring service and reviewing credit reports.
“In addition to enrolling in identity theft protection and credit file monitoring, please see the “Identity Theft Prevention Tips” below.”
The Identity Theft Prevention Tips then says “We recommend that you remain vigilant for incidents of fraud and identity theft by reviewing account statements and monitoring your credit reports.”
Where is the rest of the advice?
Checking for strange physical mail, reviewing social media privacy settings, watching for attempts to reset passwords, monitoring for strange messages sent to your phone, email, etc that might say “You’ve been approved for a new mortgage!”
There are far more things someone can do to protect themselves than simply enrol in a service provided by the breached company.
Many people may not realise this but after the free monitoring period for victims is over, Equifax may try to convert these people into paying customers by encouraging them to purchase the service at renewal.
Lets hope the company takes the moral high ground and doesn’t try to turn their breach into a money making opportunity at the expense of victims.