Equifax Data Breach: The Essential Protection Guide to Secure Your Data
Everything you need to learn about the Equifax data breach
As you most likely know, Equifax, one of the largest and oldest consumer credit reporting agencies from US, was hacked. Cyber criminals exploited a vulnerability in the company’s website application and impacted almost half of the US population. For almost two weeks everyone talked about this massive data breach and still do.
This is worrying for one particular reason: approximately 143 million US consumers may have had their sensitive personal information exposed and accessed by cyber criminals.
Besides the record number of data potentially compromised, there’s also a real concern about the impact of this breach for companies, users, consumers and everyone involved in this serious incident.
The number is impressive, because it represents about 44% of the US population and is considered to be one of the biggest data breaches of the 21th century.
Yes, data breaches happen on a daily basis and new findings from the Data Breach Index Report 2017 said that about 1.9 billion data records were exposed in breaches in the first half of this year. It’s a high increase of 164% from the same period of 2016.
You can’t help asking yourself: Is our data truly safe anymore? What happens with data security these days? Did Equifax manage this situation correctly?
Before we jump to any conclusions, let’s have a quick overview of the facts and see what actually happened for the last weeks with the Equifax data breach.
UPDATE October 3, 2017: Equifax made an update about its investigation of the recent cybersecurity incident with a big impact on almost half of the US population. It recently announced that the data breach has potentially impacted another 2.5 million US consumers, reaching a total number of 145.5 million.
Essential facts: Here’s what happened
- From mid-May through July 2017, based on the investigation made by Equifax, this might be the period when malicious hackers had unauthorized access to its private data.
- July 29, 2017 – Equifax discovered the breach and “acted immediately to stop the intrusion”. The exposed data included names, Social Security numbers, birth dates, addresses and, probably, driver’s license numbers. The company also identified unauthorized access to limited personal information for certain UK and Canadian residents.
- August 1 and August 2, 2017 – According to US Security and Exchange Commision (SEC), a few days after the data breach was discovered, three Equifax executives sold their shares that worth nearly $2 million in the company.
- August 2, 2017 – Equifax contacted a leading, independent cybersecurity firm to assist in conducting an in-depth investigation to find out what happened and the specific data impacted.
- September 7, 2017 – The company officially made the cyber security incident public, disclosing that it involved consumer private information. They also created a dedicated website “to help consumers determine if their information has been potentially impacted and to sign up for credit file monitoring and identity theft protection”.
- September 15, 2017 – Equifax released new details on the data breach and announced new personnel changes: the retirement of their Chief Information Officer and Chief Security Officer, and the people who replace them as interims.
- September 21, 2017 – It was discovered that Equifax redirected consumers to a fake phishing site for the last two weeks! On Twitter, the company sent them to securityequifax2017.com instead of equifaxsecurity2017.com, the address of the official site Equifax created to inform users of the incident. Luckily, this fake site was created by the developer Nick Sweeting, who had no malicious intentions. Sweeting said that Equifax made “a huge mistake by using a domain that doesn’t have any trust attached to it [as opposed to hosting it on equifax.com]”.
What we know about the Apache Struts Vulnerability
It was discovered that the breach was caused by a security hole in the Apache Struts web application framework (CVE-2017-5638). It’s the one that supports the Equifax online dispute portal web application. This seems to be the initial attack vector leading to this massive data breach at Equifax.
The company stated that it “was aware of this vulnerability at that time, and took efforts to identify and to patch any vulnerable systems in the company’s IT infrastructure.”
Equifax also reported that:
- An unauthorized access to its system and certain files containing personal information happened from May 13 through July 30, 2017.
- This particular vulnerability in Apache Struts was initially identified in early March 2017 and disclosed by U.S. CERT.
In response, the Apache Software Foundation confirmed Equifax data breach and said they failed “to install the security updates for Apache Struts exploit in a timely manner”. The software maker released a patch for this vulnerability on 7 March 2017, the same day it was announced.
What cyber criminals can do with your data
Cyber criminals target users’ sensitive data and try to steal them, because they can sell or use it to blackmail the victims or request paying an amount of money to get it back.
Attackers can actually steal everything from personal information like name, date of birth, social security numbers to financial information (card details, account details, online banking credentials, etc.) and much more.
Here’s a short list of the most common cyber security attacks that can lead to significant data breach.
- Social engineering attacks mostly focus on social manipulation by using methods to convince people to perform certain actions or share sensitive information.
- Phishing attacks are among the most common and widespread online threats and cyber criminals use various easily have access to users’ most personal information.
- Malware attacks are so diverse and advanced these days that it’s hard to keep up with them. Cyber criminals use advanced methods to gain access to users’ data, expose them on the Internet and request paying a ransom in return. Malware can be hidden in so many places
- Internal threats may be often neglected, but represent a real danger for organizations that manage a large number of data.
- MitM (Man-in-the-Middle) attacks happen when cyber criminals change the victim’s web traffic and interpose themselves between the victim and a web-based service the victim is trying to reach. Basically, they control the communication between two parties who think they are directly communicating with each other. Thus, they can access
- SQL injections is another cyber attack that can cause an important data leakage. The tactic used is via used code injection to attack applications which are data-driven. Through this attack, malicious hackers can access, modify, delete or destroy confidential data. They can also make it unavailable and take full control of the database.
How consumers can protect their data – a data breach protection checklist
“Was my data affected?” is probably the first thing that came to everyone’s mind after the aftermath of the Equifax breach.
While it’s best to have a plan in case you’ve been affected by data breach, we recommend you go hrough this protection checklist.
While it’s great to have a plan in case you should ever be affected by a data breach, it’s even better to prevent it from happening.
Here are what we recommend you consider doing:
- Check to see if your data have been affected by the Equifax breach. You can check out their dedicated website, or call the dedicated hotline set up to assist consumers: 866-447-7559. The call center is open every day (including weekends) from 7:00 a.m. – 1:00 a.m. Eastern time.
- Verify your banking account and all your financial information, including credit details related with Equifax.
- You might consider placing a credit freeze on your credit report, if you have one.
- Don’t disclose your personal information to unauthorized persons
- You can use this website: https://identitytheft.gov/ to report an identity theft
- If you are running financial transactions, make sure you always visit a secure web site address that starts with “https://”
- Keep your software up to date. All your software, all the time. You should check why experts recommend software patching and why they believe is an essential key for our online security.
- Keep at least 2 backups of your data in two different places, separately from the devices you use on a daily basis.
- Secure your passwords by using a strong password manager tool and two-factor authentication.
- Keep your sensitive data away from cyber criminals and encrypt it before doing a backup. We recommend using these free tools to help you out and hide data from them.
- One layer of protection isn’t enough, so you might want to protect your system and all data available on your devices with multiple layers of security. Having a multilayered security system might help diminishing any potential threat.
- Choose an antivirus program to protect your system and this guide can help you find the one that suits your needs. You can enhance protection and complement your antivirus program with a proactive security solution
- It is worth mentioning that no solution can guarantee 100% protection for your devices, but it’s your duty to take all the needed security measures.
- We’ve said this before and we’ll keep repeating it. Education is your most powerful weapon against these potential cyber attacks. It is vital to educate yourself on cyber security issues and learn as much as possible to keep your data protected.
Remember that data breaches happen often these days and both users and organizations should take all the needed security measures to stay ahead of such cyber attackers and protect their sensitive data.
What has this massive Equifax data breach taught us?
Hopefully, this was a wake up call for everyone who understands and realizes the importance of cyber security. Protecting our data is essential, so data security must be one of the top priorities for both users and organizations. Cyber criminals don’t target only large organizations, but also home users.
In the light of this recent data breach, companies should rethink their business strategy and invest effort in keeping their sensitive information under the most strictest security conditions. Users need to better understand how and why these cyber threats still work. They also should have a proactive mindset for investing and learning how to stay safe online.