Equifax Just Suffered One of the Largest Data Leaks in History
Imagine waking up knowing that your credit information, your personal details, your property details have all been exposed. Imagine being in the 40% of Americans who had their security numbers, their credit card numbers leaked. Now imagine the company that was supposed to protect your data is now giving you an option to enroll in a free identity theft protection program, provided you agree not to indulge in a class-suit against the company. The Equifax data breach proves that when a company does not take its security seriously, does not upgrade its system and does not take accountability for a vulnerability, consumers suffer.
Equifax, one of the largest consumer credit reporting agency in the United States is among the three top credit agencies in line with Experian and the TransUnion. Operational since 1899, the company maintains an information database of over 800 million consumers and more than 88 million businesses worldwide. There have been data breaches before, but Equifax is perhaps the biggest and the most devastating yet.
How Did the Breach Happen?
Without going into the technicalities of it, a simple explanation given by Equifax was, ‘criminals exploited a U.S. website application vulnerability to gain access to certain files.’ But reports have now emerged stating that the vulnerability was in the Struts framework which is a web application used by at least 65% of Fortune 100 companies. Ironically, the vulnerabilities were NOT oblivious to the companies. Equifax had learned about the hack on July 29th, but it was only on Sept.7, that they announced to the public. It should be noted that this is not the first time the company has had data breaches. According to a report on Forbes, Equifax has been at the helm of security breaches for the past 2 years, one which resulted in the leak of 43,000 credentials.
How Widespread is the Breach?
Equifax said in its Sept. 7 statement that most of the consumer information accessed includes “names, Social Security numbers, birth dates, addresses, and in some instances, driver’s license numbers” as well as “credit card numbers for approximately 209,000 consumers. Additionally, 182,000 credit-dispute documents, which contain personal information, were also stolen.”
Five Steps You Need to Take Immediately to Protect Your Data
If you’re an Equifax customer and you believe you’ve been affected by the data breach, then here’s what you need to do immediately.
Step 1: Identify if You Have Been Affected
Following the breach, Equifax released a website, https://www.equifaxsecurity2017.com/ where you can check to see if your personal information has been stolen. Equifax will also be sending out notices to people whose data has been compromised. To do so, provide your last name and the six digits of your social security number. Once submitted, you’ll receive a confirmation on whether you’ve been affected.
Step 2: Enrollment in the Program
Now, here’s the tricky part. In the website, the company has created an Enrollment option for the TrustID Premier program and each customer who chooses the option will be given an enrollment date. The program is designed to help prevent identity theft so if you’re worried about your identity theft, join the program. The only caveat to this complimentary program is the fact that you agree to not sue Equifax. Luckily though, Equifax revised the condition after mounting public pressure. Now you can choose for an opt-out provision and get out of the arbitration requirement by notifying Equifax in writing within 30 days of accepting the monitoring service. Speak to your lawyer if you still want to sue Equifax. They can file a suit against the original hack if not over the credit monitoring.
Step 3: Stop All Your Cheques and Cards
If you’ve received confirmation that you’ve been hacked or have discovered that you’ve been hacked, then immediately stop all your cheques and cards. Contact the police and inform them if your social security number or if your personal information has been used.
Step 4: Monitor Your Accounts
If you’ve been hacked, don’t leave it up to Equifax to fix the problem. Be vigilant and begin monitoring your existing credit card and bank accounts closely for any unauthorized or suspicious activity. Even if you’ve not been hacked but have been an Equifax customer, monitor your account details regularly.
Step 5: Get Your Credit Report
Get your most-recent credit report and evaluate it to find any malicious activity. You can also freeze your credit and set up a free, 90-day fraud alert by following the instructions given here.
Although this is the severest data breach in modern digital history, Equifax has done little to mitigate the situation. It immediately launched a Wordpress website that looks more like a phishing platform than one suited for protecting of an identity theft data. It also makes the situation worse with the class-suit condition that does nothing to help frustrated people. Once more, the careless attitude of a giant corporate organization has led to millions of people from the US, UK and Canada feel immense anxiety and frustration. The fact that the company used a volatile platform, did not take its previous breaches seriously and gives a lackluster response makes this one of the worst data breaches ever.