Equifax data breach reports that hackers compromised data for up to 143 million US consumers and 400,00 UK customers, including Social Security numbers and driver’s license numbers. Equifax is one of the 3 main consumer credit reporting agencies in the US together with TransUnion and Experian. As a result of this breach it is more than likely that every household in America will be affected by this breach in some capacity.
As reported from the New York Times this is now the third major cyber security threat to this agency since 2015 and one of the top breaches ever in terms of the breadth and number of households affected. The impact of this breach cannot be overstated. Anyone who has a credit card and therefore a credit report is exposed.
A recent report has suggested that Equifax was hacked almost 5 months before its most recent breach and by the same intruders.
What was exposed?
Hackers gained access to the company servers from mid-May to July by exploiting a flaw in the company’s web site and not only exposed Social Security and Drivers license numbers but also names, birth dates and addresses. Effectively everything a hacker needs to steal your identity all from one place. They were also able to steal credit card numbers from 209,000 people (presumably subscribers that paid Equifax for a credit report) and other documents with personal information that were used in credit report disputes for 182,000 people.
What Can you do?
The sheer volume of data collected with the associated personal details of the individuals makes this a very critical attack for everyone in the United States. So what can you do to protect yourself from the inevitable identity theft that will result from this.
A disturbing new development in the Equifax breach reported by TechCrunch
has revealed that the site for checking whether you have been affected is actually random and is only designed to sell their protection tools. A shameless if not questionably legal tactic to trick consumers into paying for protection services. If you need protection please see the details below to signup for your free credit report from an authorized agency.
The first thing you need to do is check if you have been affected by the breach. Amazingly, Equifax will not be contacting you to let you know this themselves, it is up to you to verify this on a special web site they have setup. The web site itself looks rather malicious on the surface but we have verified that it is legitimate. Navigate to the web site www.equifaxsecurity2017.com. This web site from Equifax gives you more information about the breach and will allow you to enroll in a free credit check service for 1 year if you desire. However, given the number of attacks and breaches they have had it is probably not wise to sign up to any service.
Next, click on “Potential Impact” option and then “Check Potential Impact” and enter you last name and the last 6 digits of your social security number. You will receive a response as shown below if you are affected (virtually everyone is).
Note that if you click Enroll to signup for protection you are are automatically agreeing to “waive your right to bring a class-action lawsuit against Equifax” as pointed out by TechCrunch. There are other providers and services available to help you monitor you credit activity. We recommend www.annualcreditreport.com as this is has been authorized by the FTC as the only site that fulfills the free annual credit report under the law.
Protect your Digital Assets
Now that your information has been broadly exposed by hackers it is crucial that you lock down your digital assets. BlackFog Privacy uses multivariant protection across your entire machine to ensure the data does not flow off your machine to unauthorized locations. We recommend that you download the latest edition to your computer and perform an immediate Privacy Clean and allow BlackFog to monitor all transactions on your machine.