Tech News

Equifax Hacking – A Personal Security Risk for 143 Million Americans

https://www.theatlantic.com/technology/archive/2017/09/the-equifax-breach-marks-the-end-of-shame-over-data-security/539202/
Equifax Hacking – A Personal Security Risk for 143 Million Americans
Bernadine Racoma

Equifax, one of the three main credit card reporting companies in the U.S. announced Thursday that they have become a victim of cyber-attack. About 143 million consumers in the U.S. could be affected, the company said.

Stolen by cybercriminals were names, birth dates, driver’s license numbers, addresses and Social Security numbers.

The company also said the credit card numbers of about 209,000 people had been stolen while data that could personally identify about 182,000 customers involved in credit report disputes were also breached.

Credit card bureaus track and rate the financial history of consumers in the U.S. They get their data from banks, credit card companies, lenders and retailers, without the knowledge of the consumers. Although they are not owned by the government, a legislation, called the Fair Credit Reporting Act, governs how they should operate.

According to Equifax, they will not contact all the consumers affected by the cyber theft but would send direct mail notices to consumers whose dispute records and credit card numbers were accessed.

Not the First Time

This is the third time since 2015 that Equifax had a major threat to data security. However this latest attack is one of the largest risks to sensitive personal information.

Equifax, as well as other credit card bureaus are prime targets for hackers as they can hit just one of the companies and they will be able to get all the data that would create the most damage.

Equifax Slow Response

Equifax was criticized by cybersecurity professionals for their slow response to the attack. In reality, Equifax discovered the attack back in July 29 but they waited five weeks before making a public announcement.

Company investigation and security consultants said that weak points in the website software were exploited by cybercriminals. They were able to access some files in the system of Equifax from the middle of May until July. The company said they have not found any other unauthorized activity on their databases after the discovery.

They published a link to the informational website that they created on Thursday. They also released a hotline number that concerned customers can call so they can check if their personal data were affected.

But thousands of customers who logged into the website were dismayed. Many of the early website visitors were not able to get through. Later, some people were finally able to access the site.

What the customers saw was the message that Equifax was offering ”TrustedID Premier,” a free credit monitoring and identity theft protection service for one year. But the fine print offers more surprises.

Consumers who agree to sign up for the free credit monitoring program would have to give up their right to sue the company or file a class action lawsuit over various types of damages resulting from the most recent cyber-attack.

The hotline number was managed by contractors and aside from several dropped calls consumers were irritated because the customer service people were not able to give them the right answers and were instead directed to the website.

For Equifax’s CEO Rick Smith, their offering is an ‘unprecedented step.’ But for Boston management consultant John Peterson, the offer is irrelevant because the hackers already got everything that can allow them to create bogus credit lines using the personal information they’ve stolen.

There are already class action suits filed against Equifax in Portland, Oregon. Moreover, several law firms have initiated investigations into possible violations of securities law by the company.

In terms of security breaches, the attack on Yahoo in 2016 was bigger. However, what occurred at Equifax was far more severe because aside from personal information, they were able to unlock employee accounts and consumers’ bank accounts and medical histories. Gartner fraud analyst Avivah Litan said it is a “10” in terms of risk to consumers, based on a scale of 1 to 10.

Cybersecurity professionals criticized Equifax for not improving its online security practices despite the recurring thefts. In 2016, salary and W-2 tax data were stolen from their site. In early 2017, TALX, a subsidiary of Equifax, had W-2 data stolen. TALX provides online human resources services, tax and payroll for some of the largest corporations in the U.S.

According to the Equifax website, it manages employee database for over 7,100 employers. It also handles data on more than 91 million businesses around the world as well as 820 million consumers.

Comment Below
Tech News

More in Tech News

Apple Park

Apple Park: One of Steve Jobs’ Major Dreams Unveiled

Bernadine RacomaSeptember 15, 2017
Face-Detecting Systems

KFC in China Introduces New Payment Method – With Your Face

Bernadine RacomaSeptember 4, 2017
iOS Update Not Police Friendly

iOS Update Won’t Make Any Friends With The Police

Christina CombenAugust 24, 2017
Samsung Galaxy Note 8

Images of Samsung Galaxy Note 8 Leaked Before Launch

Camilo AtkinsonAugust 2, 2017
Supersonic Air Travel

NASA Plans to Launch Commercial Supersonic Air Travel in the US

Brian OasterJuly 27, 2017
Sex-Trafficking

Tech Startup Innovating in the Fight Against the Sex-Trafficking Business

Camilo AtkinsonJuly 5, 2017
iPhone 8

iPhone 8 Rumored To Have Fastest Charging Capabilities

Bernadine RacomaJuly 3, 2017
Petya Ransomware

How To Protect Your PC From The Petya Ransomware

Camilo AtkinsonJune 28, 2017
Yahoo Becomes Verizon Company

Yahoo Officially Becomes a Verizon Company

Bernadine RacomaJune 16, 2017