Photo Credit: © turbomotion046 - stock.adobe.com
Equifax is one the largest consumer credit agencies in America. It is the Fort Knox in the financial crime world, consisting of the complete financial DNA — the Personally Identifiable Information (“PII”) — of its customers. Equifax failed its customers as the custodian of this valuable information and was breached by what appears to be a sophisticated attack on one of its U.S. servers. Now, the hacker community is feasting on, trading, selling and exploiting the PII of millions, which reportedly includes information such as names, dates of birth, social security numbers, addresses and in some cases, prior home addresses, credit card information and actual disputed transactions. Indeed, the hacking community just advanced their position in the war on cybersecurity and just took their most valuable beachhead to date, easily and swiftly. Moreover, at least 143 million of us are in the crosshairs of the financial attacks that have likely already ensued.
Purely in terms of scale, the Equifax Credit data breach of potentially 143 million U.S. customers is dwarfed by other recent high-profile data breaches like those against Yahoo and the Adult Friend Finder network. Yahoo email’s data breach, which occurred during 2013-2014 and was announced in September 2016, affected over 1.5 billion users. The Adult Friend Finder Network in 2016 had over 412.2 million accounts. However, it’s the quality of the information that was stolen from Equifax that makes this data breach an attack of cyber-geddon proportions.
The facts so far:
Equifax is one of three nationwide credit-reporting companies that tracks and rates the financial history of U.S. customers. The companies calculate credit scores based on information supplied to them on data regarding loans and credit cards, and data covering a vast range of sensitive information from employment history, to missed payments and home addresses.
The data stolen from Equifax will enable identity thieves and hackers to impersonate individuals with lenders, creditors and service providers, who rely on PII from Equifax, to make financial decisions regarding customers. Unlike other data breaches, some of the individuals affected by the Equifax breach are not even aware that they are customers of the company. Equifax acquires its data from financial institutions including credit card companies, banking, retailers, and lenders who report on the credit activity of individuals to credit reporting agencies.
The Equifax data breach comes less than three months after the global Non-Petya ransomware attack, which spread through computers in over 65 countries. Additionally, the cyber-attack comes on the heels of the widespread “WannaCry” ransomware virus, which infected computers globally this past May. Unfortunately, this most recent attack highlights the evolving threat landscape and the general state of unpreparedness in both the corporate and personal contexts. Now more than ever, all consumers must also evolve, and learn how to protect their personal financial information and consumer credit profiles.
Align Cybersecurity™ offers an unparalleled suite of Cybersecurity Risk Management services. Combining solutions around technology, governance and education, Align Cybersecurity is the only end-to-end solution in the world that creates a triple threat to hackers.
For more information about our services, contact cyber@align.com or visit www.aligncybersecurity.com.