The Equifax Breach
On Sept 7, 2017, Equifax announced that they were victims of a security breach. If you are unfamiliar with who they are, check out our page on them here. 143,000,000 Americans, 400,000 people in the UK and 100,000 Canadians had their information stolen from their servers. The information stolen included: Names, addresses, birthdates, SIN/SS#s and in some cases- Credit Card information.
The security breach originally occurred sometime in Mid-May/ Early June. Equifax only learned about it on July 29. They then waited over a month to disclose that information to the public. They hired a private cyber security firm to launch an investigation, and only then disclosed all the ascertained facts.
The company claims they were left vulnerable by a weakness in their software – Apache Struts Open Source. However, a statement from Apache lays the blame on Equifax, saying they released a patch in early March that would have prevented the breach from ever occurring. ”
The Fallout
Executives at Equifax are also under fire for possible insider trading. Executives sold 1.8Million dollars worth of Equifax stock when it was possible that they knew about the breach. Both American and Canadians securities agencies are currently looking into the matter.
Equifax have done a poor job of addressing the public relations disaster the breach has caused. People are furious, wondering how Equifax could have ever let this happen. Furthermore, cyber security experts are now emboldened to point out more weaknesses in Equifax’s system. Perhaps most dangerous though, is that official Equifax twitter account was linking people to an incorrect link set up by hackers.
The Dangers
Criminals and Identity thieves prey on this information. It can be used to open bank accounts, apply for mortgages and loans, and can go unnoticed for years. In fact, a criminal could hold onto this information for over a decade, and then use it without you knowing.
There is significant outrage at Equifax’s current remedy- One Year of complimentary credit monitoring and identity theft protection, for all those impacted by the hack. Many feel this is not enough, since the consequences of the hack could be delayed for years. Furthermore, there is evidence that Equifax is forcing consumers to waive their right to legal recourse in order to be eligible for the complimentary services.
Check our company blog page on Thursday to find out: What You Can DO Now
Come Back on Friday to see: What To Expect From Equifax Going Forward
If you have any questions about credit or Equifax, send us a message here or on our Facebook page. We will be happy to guide you through this confusing time!