Friday, September 8, 2017

Equifax Data Breach...

Sorry it has been a while since I last posted. As you can imagine – the world of a cybersecurity guy can be slightly busy at times!

I did want to take a moment and warn everyone about the Equifax data breach.

For those that may not have heard yet, the credit repository Equifax suffered a massive data breach, losing 143,000,000 records.  The hack began in May, and was finally terminated in late July.

Equifax notified the public yesterday, but presumably they have been working with the federal law enforcement community and the various states attorneys general about the breach (as required by law.  I know that their incident response procedure specifically directs that they work with the FBI to determine the source and impact of the breach before notifying the general public – I can only hope that they followed their own procedures.

I won’t go into specifics about the breach, or the failed procedures on the part of Equifax the allowed this to happen. But I did want to share a few tidbits that are important to the general public, that may help get a better understanding of the breach and how the public is affected.

  • - Equifax has credit information on pretty much every American. They are one of three major credit repositories.  In most cases of a data breach, the consumer would have had to do business with the retailer to have been exposed (such as the Home Depot credit card breach, or a records breach at a hospital or school). Not so with Equifax.  You may have never heard of Equifax before today, but they have ALL of your information as one of the credit repositories.  
  • - There are about 325,000,000 people in the US, and the Equifax breach lost 143,000,000 records. For simplicity’s sake, that means that 1 out of every 2 people had their credit information stolen as part of this breach. That means that it was you OR your spouse. Your Mom OR your Dad. You OR your siblings. You OR your child. 

Point being, YOU or someone close to you was certainly affected by this breach. So please spread the word.

Equifax has posted this report:

You can see if you were among those that were breached, and they will give you instructions. Ironically, if you were affected, they will sign you up for credit monitoring, but not until next week (shrug?).

Please pass this along to 
anyone / everyone you know.


Post a Comment