Equifax Data Breach: Oh, It's Bad - Here's How Bad
8 September 2017 09:26
With an absolute treasure trove of information, the Atlanta-based organisation has just reported one of the largest data breaches ever recorded in the US, with 143m customers having had their valuable and sensitive information exposed.
The words “data breach” are pretty commonplace in today’s tech news, so it’s easy to become a tad numb when seeing “BREAKING NEWS” headlines relating to them. But the credit reporting monster we all know as Equifax has just announced a pretty mind-boggling breach - and it’s certainly woke us all up.
With an absolute treasure trove of information, the Atlanta-based organisation has just reported one of the largest data breaches ever recorded in the US, with 143 million customers have had their valuable and sensitive information exposed… That’s pretty bad.
Equifax said the hackers exploited a US website application between mid-May and July. Consumer’s names, social security numbers, birth dates, addresses and some driver’s licenses were exposed. Further to that, 209,000 credit card numbers belonging to US consumers were also accessed.
But it isn’t just Americans who have been affected. The company have admitted “limited personal information” from British and Canadian residents had been accessed.
Exactly how bad is it?
As IT professionals will know, such information can be enough for cyber criminals to wreak havoc on victim’s lives, even allowing the hackers to hijack people’s identity.
In terms of businesses, financial institutions landlords and other types of organisations draw on data from companies like Equifax to verify people’s identity and ensure they are suitable for loans and leases.
Therefore, this data breach has given cyber criminals a goldmine worth of data - equipping them with the ability to steal the identity of those affected and pursue fraudulent transactions under their name.
Put short, if we were to rank data breaches between 1-10 in terms of potential identity theft, giving this breach full marks wouldn’t be generous at all.
Even further to this, the breach could undermine the integrity of the information stockpiled by two other major credit bureaus, Experian and TransUnion, since they hold virtually all the data that Equifax does.
How does this compare to past breaches
It’s not the first time Equifax has been targeted by hackers. In 2013 the credit reporting agency (along with Experian and TransUnion) confirmed “fraudulent and unauthorised access” to the financial files of four high-profile individuals.
Equifax wouldn’t name the individuals affected, but the confirmation of the cyber-attack came a day after hackers posted what they claimed to be the social security numbers, credit reports, former addresses and personal banking information of celebrities and politicians, including Paris Hilton, Michelle Obama, former FBI director Robert Mueller and former US attorney general Eric Holder.
Although, this isn’t the biggest data breach in history. Yahoo was targeted in at least two separate digital burglaries that affected more than 1bn of its users’ accounts throughout the world.
But no social security numbers or driver's licenses were taken in the Yahoo break-in. Equifax’s security lapse could be the largest involving the theft of social security numbers, one of the most common methods used to confirm a person’s identity in the US. It eclipses a 2015 hack at the health insurer Anthem Inc that involved the social security numbers of about 80 million people.
Similar read: GDPR vs BREXIT - The Fight For Data Protection