There’s been another cyber security breach, and this time it’s one of the three major credit score agencies in the United States. Equifax, founded in 1899 is a publicly traded company headquartered in Atlanta, GA. They have announced a security breach that was discovered on July 29, 2017, that impacts 143,000 customers.
According to the New York Times:
Thieves were able to siphon far more personal information [than the two larger Yahoo.com breaches in 2016] — the keys that unlock consumers’ medical histories, bank accounts and employee accounts.
“On a scale of 1 to 10 in terms of risk to consumers, this is a 10,” said Avivah Litan, a fraud analyst at Gartner.
Here’s what you need to know:
- Equifax will notify you by Postal mail if you are one of the affected 143,000,000 individuals.
- Data included names, birth dates, addresses, Social Security numbers and driver’s license numbers
- Equifax states around 209,000 also included actual credit card numbers.
- Personal information used in disputes for 182,000 people were also taken.
- In the meantime, you can visit this website that Equifax has created for concerned customers: www.equifaxsecurity2017.com
- Here is the Consumer Notice. You might take the time to read it.
- To see if you have been impacted, go to the bottom of the Home Page and click “Potential Impact.”
- After you enter your Last Name and the last six digits of your Social Security number you will receive a message as to whether they think you were impacted.
- Either way, you are then given the opportunity to Enroll in TrustedID Premier which is a credit monitoring service Equifax offers and is offering to everyone, regardless of the impact of the breach on you, for a year.
- You’ll be given an “Enrollment Date, ” and you will be instructed to return on or after that date to complete your enrollment in the free monitoring service.
Equifax is doing what it can to help customers, but the depth of the data and the ease of the access should be of concern to everyone.
Although Equifax has known of this breach since July 29th, they didn’t choose to announce the breach until September 7, 2017. This allowed them to put the website together, to consult with their attorneys, etc.
It also allowed three of their senior executives, including John Gamble, the company’s chief financial officer to sell shares worth almost $1.8 million in the days following the breach. There had been no planned sale of the shares, according to Bloomberg.