143+ Million People Affected By Equifax Data Breech – Are You?

Posted by: Ivy Gutierrez Category: Technology Comments: 0 Post Date: September 8, 2017

143+ Million People Affected By Equifax Data Breech – Are You?

Equifax, a company that supplies credit information, announced yesterday that a data breach could have potentially affected 143 million consumers in the United States. The hackers had access to data from May until July 2017, which included Social Security numbers, driver’s license numbers and credit card numbers.

You might think this is not something you should worry about, but you would be wrong. Did you ever apply for a loan? Finance a car? Perhaps you bought a home or you own a credit card or two. All of those things would place you in Equifax’s database and make you vulnerable to their breech.

143 million is a pretty abstract number. If we look at the 2017 Census estimate of the U.S. population, this means that 2 of 5 people living in the United States had their data compromised. In your own family you are very likely to have someone affected by this breech.

How to Check if Your Data is Affected?

Eqiufax is notifying consumers by email if their data was left unsafe. In addition, they have established a dedicated website, www.equifaxsecurity2017.com, to help consumers determine if their information has been potentially impacted and to sign up for credit file monitoring and identity theft protection. The offer is complimentary for one year.

Be aware of using the website, though!

Many consumers weren’t able to find out immediately if they were affected, reports Marketwatch.

Instead, once they entered their information into Equifax’s security website, they were told they were signed up for free credit-monitoring services for Equifax, and they had to come back to the site later to find out if they were affected or not.

The website will also request your last name and SIX digits of your SSN, not the usual four, to sign up. Washington Post quoted Satya Gupta, co-founder & chief technology officer at Virsec Systems, a cybersecurity firm:

“This strongly implies that the typical four digits may have been compromised, and they need additional, previously ‘secret’ information to positively identify customers. This reinforces the conundrum of these breaches — with more information exposed, how do you now prove a person’s identity?”

Some media outlets have reported rumors the passwords are being sent to customers in plain text, which is a security concern in itself. Reading their terms of use shows another questionable part. You may be giving up your legal rights to file a class action law suit against the company by signing up:

AGREEMENT TO RESOLVE ALL DISPUTES BY BINDING INDIVIDUAL ARBITRATION. PLEASE READ THIS ENTIRE SECTION CAREFULLY BECAUSE IT AFFECTS YOUR LEGAL RIGHTS BY REQUIRING ARBITRATION OF DISPUTES (EXCEPT AS SET FORTH BELOW) AND A WAIVER OF THE ABILITY TO BRING OR PARTICIPATE IN A CLASS ACTION, CLASS ARBITRATION, OR OTHER REPRESENTATIVE ACTION. ARBITRATION PROVIDES A QUICK AND COST EFFECTIVE MECHANISM FOR RESOLVING DISPUTES, BUT YOU SHOULD BE AWARE THAT IT ALSO LIMITS YOUR RIGHTS TO DISCOVERY AND APPEAL.

New York Attorney General Eric Scheiderman tweeted against this arbitration clause urging the company to remove this part of the terms.

Should You Use the Website to Check Your Data?

This is entirely up to you. We just want to make sure you are making an informed decision. Perhaps the best thing to do would be to monitor your credit reports and contact the credit companies to freeze them. To freeze your credit reports, you must contact each of the three credit bureaus individually at the following sites: Equifax, Experian and TransUnion. You’ll need to supply your name, address, date of birth, Social Security number and other personal information. You can find more information on credit reports on Huffington Post.

Additional Information on the Breech

Equifax discovered the breach on July 29. Hackers apparently used a website vulnerability to access files, with the breach occurring from mid-May through July, according to Equifax’s investigation. They waited until September 7th to announce the breech happened (this would not be allowed in the European Union, where companies have to notify the public within three days of the breech). During the 40 days it took for the information to go public, Equifax executives sold their stock options. Equifax stock plunged more than 13% in after-hours trading following the announcement.

 

Featured image by KGWN.

Ivy Gutierrez

Ivy Gutierrez

Communications Specialist at SwipeTrack Solutions
A PR professional walks into a Tech Job Fair and gets a job. It's not a joke, that's how we snatched Ivy. She has a strong background in Journalism and Social Media. She loves creating great conversations with our audience using the power of web 2.0.
Ivy Gutierrez

Leave a Reply

Your email address will not be published. Required fields are marked *