When I talk to people about the Equifax Breach, many say, “Oh, these things happen all the time.  My credit cards are protected by the banks anyway.”   Well, it’s true that hackers are stealing confidential data all the time, but this breach is different.  You must protect yourself.

First—Let’s explain what actually happened.

  • In the U.S., 143,000,000 people’s personal information was compromised (more than just credit cards): Names, Addresses, Dates of Birth, Social Security Numbers.
  • 205,000 people had their credit card information stolen (only Equifax customers in this case).
  • Canadian and United Kingdom citizens’ information was also compromised.

You don’t have to be an Equifax customer to be affected by the breach.  This is all about Identity Theft! You could experience financial loss, bad credit and compromised bank accounts.

Equifax’s version of what happened:

On March 8, 2017, Cisco engineers discovered a security vulnerability in a web application called Apache Struts (Equifax used this software.)  The software vendor released a patch for the vulnerability the same day.  Later, Equifax claimed to have addressed this.  Equifax reported the hackers didn’t gain access to accounts until mid-May.  (It wasn’t until July 29th that Equifax discovered the suspicious activity.)  On August 2nd Equifax called a cybersecurity firm (Mandiant) to perform forensic analysis. (FYI, on the same day 3 Equifax Executives sold $1.8 Million of their stock!)  On September 7th Equifax finally released information about the exploit.

But here’s what really happened:

The cybersecurity firm said the hackers gained access on March 10th!  The hackers were in the Equifax system for two months doing recognizance before they actually stole the information. They set up a defense so they could still access the data even after the patch was deployed.   Equifax didn’t discover this until July 29th.

Here’s what you must do.

  • Go to equifaxsecurity2017.com
    • Click on Potential Impact.
    • Enter your last name and the last 6 digits of your Social Security Number.
    • Equifax will tell you if they believe you’ve been impacted by the compromise.
    • Do this for every member of your family, no matter how young or old.
  • Check your Credit Rating with one of the major credit bureaus. Every U.S. citizen is entitled to one free annual credit report.
  • Sign Up for a Credit Monitoring Service!
    • Equifax is offering this service for free for a year if you sign up by November 21st.
    • Experian and TransUnion offer this service, but they charge a monthly fee.

When you sign up for the Equifax Credit Monitoring Service you’ll receive:

  • Credit Reports
  • Monitoring of the 3 major credit rating services.
  • Automated alerts of key changes to your credit files.
  • Credit Report Locks (except for reports requested by government agencies, companies reviewing your account for employment, and collection agencies)
  • Social Security Monitoring: They will scan the Dark Web where personal information is suspected of being bought or sold.
  • $1 Million of Identity Theft Insurance to cover certain out-of-pocket expenses if you’re victimized. (Actual policies for each jurisdiction must be evaluated for the terms, conditions and exclusions.)

Simple Best Practices To Protect Yourself and Your Family

  • Set up Fraud Alerts with your banks, credit companies, and credit cards.
  • Regularly check your credit report. (Space out reports from each bureau.)
  • Monitor all accounts closely, even the small transactions.
  • Freeze your Credit Report:
    • Do this with all 3 credit bureaus. Your FICO score is used in over 90% of all lending decisions.
    • This won’t impact your credit or ability to use existing credit cards.
    • If you want to apply for a loan, you’ll need to “thaw” your accounts. This isn’t difficult. However, you should allow 3 days for the reports to become available.

Parents should check to see if their children have a credit report.

If one does exist, strongly consider freezing it.  If they don’t have one, consider creating one and then immediately freeze it.

There was 15,496 identity theft complains filed with the Federal Trade Commission in 2016 concerning children and teenagers, which represents about 4% of all identity theft for the year.

Freezing your credit will prevent access to your credit records, but it won’t prevent criminals from using your Social Security Numbers to file fraudulent tax returns.

The Federal Trade Commission warns that you should file your tax returns as soon as possible before a scammer can.  Respond right away to any letters from the IRS, and be aware of how potentially valuable your W2 info may be to scammers.

Beware of Phishing Attacks!  The IRS doesn’t initiate contact by phone email, text or social media asking for personal or financial information.  Don’t click on links or download attachments that say they’re from the IRS.  And, be sure to report suspicious online or email scams to phishing@irs.gov, or call 800-366-4484. 

This is a Serious Problem!  Don’t ignore it.  Take action now to protect yourself and your family.

Contact us at (212) 286-0325 or via email at ITsolutions@krantzsecure.com for more information, or to learn how our aggressive security measures can help protect your digital assets.

Call Now! (212) 286-0325

Looking for the very best in network services in New York City? Call Krantz Secure Technologies today to speak with one of our business technology specialists.