Consumer Credit Score Giant Equifax At The Center Of What May Be The Worst Data Breach In History.
Atlanta-based consumer credit score provider Equifax announced Thursday that the company had been the target of a major data breach. This breach is thought to have occurred between mid-May and July of this year, with the breach finally being discovered on July 29th. Equifax took immediate steps to determine exactly what had happened and how hackers were able to gain access to the affected files.
In a statement released by Equifax Chairman and CEO Rick Smith, the breach was confirmed, and an explanation was offered to the more than 143 million affected consumers. It’s been advised that Equifax has been in ongoing contact with law enforcement, and has been fully cooperative with their continued investigation into the incident in an effort to locate the offenders.
A comprehensive forensic review was completed by a top cyber security provider, which uncovered the source of the breach and the number of files involved in this incident. It appears that the hackers responsible exploited a US website application vulnerability to access information that includes names, Social Security Numbers, and drivers’ license numbers, as well as a few hundred thousand credit card numbers. While the bulk of the affected users are US residents, Equifax has stated that some Canadian and UK users were also impacted.
It was also discovered that while this is still one of the worst data breaches ever to have occurred, hackers were not able to gain access to any of Equifax’s core data bases.
In an attempt to protect their customers and put forth maximum effort where damage control is concerned, Equifax is offering a complete identity theft protection package to each affected US consumer completely free of charge. A dedicated call center and web page have been created for consumers to get updated information on the situation, and take advantage of the identity theft protection package. Consumers are advised to get in touch with Equifax as soon as possible to determine if they are among the 143 million users impacted by this data breach and start taking steps to protect themselves from any potential consequences.
Equifax has vowed to invest even more into their cyber security systems in order to stop an event like this from ever occurring again. They’ve stated that their focus is on looking after their customers and doing everything they can to keep any possible damage resulting from this incident to a minimum. While it may feel like too little, too late for some, Equifax has made a real effort to step up and take responsibility for what has happened.
That being said, for affected consumers, the nightmare is only beginning. Data that has been stolen more often than not finds its way onto the dark web, and even if the hackers responsible were so inclined, there is no getting that data back once it’s hit the criminal marketplace. As this breach gave hackers millions upon millions of Social Security numbers with vital information like full names, addresses, and dates or birth attached to them, they’ve been able to create neat little identity theft packages to be sold off to the highest bidder.
When a data breach involves passwords or login credentials, a victim can change that information with relative ease and put the breach behind them. When your entire identity has been compromised, that’s not so easy. And while Equifax is offering free protection to US data breach victims, that complementary protection – as mandated by regulators – only needs to be offered for a full year after the incident is made public. At the end of that year, victims are left hoping that nothing is done with their data from that point on. And that’s rarely the case.
Credit card numbers can be replaced, but your Social Security number and date of birth are tied to you permanently. You can’t change your identity. This means that consumers involved in this data breach will remain at risk of identity theft and all of the headaches that go along with it for years to come. Bank loans taken out under someone else’s name using your information, or credit cards activated under your own name to be used by a stranger are both very real possibilities for those who have had their information stolen during this massive Equifax data breach.
At its core, this incident serves as a stark reminder of the ongoing dangers we face in a digital world. Cyber security is constantly evolving, but so are the criminals who are in search of ways to circumvent that security. The smallest vulnerability can lead to a major catastrophe, and while a company like Equifax has the capital available to rebound from even this disaster, a smaller business would collapse under the financial and reputational damage.
Want to learn more about the steps your business needs to be taking to keep a data breach incident like this from happening to your customers? Contact the team at or today. We’re the cyber security experts businesses in trust.