On
September 7th, the credit reporting agency, Equifax Inc., announced that their
internal databases have been hacked in one of the largest data breaches in
history. Details are still emerging, but
it appears that the intruder(s) had access to the Equifax servers for an
unknown period between mid-May and July 29th, when the hack was first discovered.
By
current estimates, the credit histories and supporting personal information of 143
million people were stolen. It’s
important to note that most of the victims were not Equifax customers.
If
you’ve been feeling safe because you’ve never registered for an Equifax
account, you might want to think again.
Equifax
is one of three major consumer credit reporting agencies in the United States. Along with the other two major agencies, Experian
and TransUnion, the company gathers, organizes, and analyzes credit and
financial transaction data on more than 820 million consumers and more than 91
million businesses worldwide. If you’ve
ever applied for a credit card, a car loan, home loan, or even a checking
account, these three agencies have recorded salient details of your transactions. They record your payment history, how often
you pay on time, how often you pay late (or not at all), your debt-to-income
ratio, and they estimate the likelihood that you’ll make good on any loan,
mortgage, or line of credit that you apply for.
That
information would be sensitive enough for most consumers, but the hacker(s)
also stole the social security numbers, birth dates, and home addresses of the
victims, and—in some cases—their drivers' license information as well. The details for roughly 209,000 credit cards
were also compromised during the hack.
The
Vector
The
hacker(s) entered through the company’s public website and exploited a
cybersecurity vulnerability to gain access to (supposedly) protected servers. It’s still not clear why Equifax waited 40
days to report the hack, and the full extent of the damage is yet to be
determined.
The
Numbers
According
to the latest estimates from the U.S. Census, there are approximately 250
million adults living in the United States.
Except for the handful of people who have lived “off the grid” since
childhood, the overwhelming majority of them have credit profiles stored in the
Equifax databases. With 143 million
victims identified so far, this means that critical personally identifying
information for more than half of the adults in this country are now in the
hands of cyber criminals and/or an agency of a hostile foreign government.
If
you’re one of the people lucky enough to dodge this particular bullet, chances
are excellent that the person next to you got it between the eyes. One of you is now wide open to identity
theft.
What
can you do?
If
you’re on the list of people whose credit cards were exposed, you'll receive a
letter in the mail, notifying you that you were affected. If you’re one of the 142.8 million consumers
who didn’t have a credit card exposed
during the breach, you’ll have to visit the Equifax website to find out if your
information has been compromised.
Keep
an eye on your credit scores, and watch carefully for any indications that your
identity has been stolen. We also
recommend visiting the Federal Trade Commission’s website for reporting
identify theft.
No comments:
Post a Comment