It seems like a day doesn’t go by without another “breach” story in the news. So much that you might find yourself ignoring them as just another news story.
But we urge you NOT to ignore this one. Please.
Equifax was breached in May 2017. It looks like hackers used the vulnerability in the Apache STRUTS flaw. 65% of the Fortune 100 companies use STRUTS, so this vulnerability was not unique to Equifax.
Equifax did not discover the breach until July 2017. Doing the math, the attackers had at least 3 months in their systems.
What did they get?
Hopefully you are sitting down. If not, you might want to.
143 Million people are involved in this breach. The attackers were able to obtain:
Social Security Numbers
Date of Birth
Credit Card Numbers
Driver’s License Numbers
There are 245,576,909 American’s over the age of 18 (as of the 2016 census). That means 58% of all adult American’s can be breached thanks to one unpatched flaw in Equifax’s system.
Basically, this is a recipe for identity theft. And that is why we are writing this blog.
Watch out for Identity Scams
We will give you some information below on how to freeze your credit, but in the mean time this is not the only problem. This information is being traded and sold all over the world. This means you, yes you, are now a target for vishing scams, phishing scams and combo attacks.
What can you do?
Be careful. And here are some tips:
- DO NOT click any links from emails. If you get an email do not copy and paste the link, instead open your browser and go to the website using a known URL.
- If someone calls you saying they need ANY PII (personal identifying information) over the phone DO NOT give them anything. Go to the web, get the legitimate number of that organization, bank or credit card company and call them directly.
- Do not view this like a credit card breach. When your cards are stolen the company has insurance to make you whole. This is not the same, if someone steals your identity and opens credit accounts, loans or other accounts using your info, it can take YEARS to clean that up.
- Monitor your credit. NOW BE CAREFUL!!! Equifax is offering FREE monitoring BUT (HUGGGEEEE OLD BUT HERE) if you accept it you sign away your rights to be part of the class action suit. That is dirty pool Equifax and I hope none of you signed up for that scam.
- FREEZE Your credit. Let’s be honest – this is a giant pain in the butt. And it will make things difficult when you want to buy a car etc. BUT you have to think about doing this or someone can be opening accounts in your name as we speak. The easiest way is to contact each of the major bureau’s:
After you do this you will receive a PIN that is needed to use your credit for anything, DO NOT LOSE THIS. Personally, I would consider doing this even for your kids.
If you are a victim due to this breach and your identity gets used take action immediately. Cancel your credit cards, change passwords, monitor your credit. Do not wait for them to contact you – you need to take the initiative and move fast.
Stay vigilant. Stay Alert. Stay Safe.
This is a Security Bloggers Network syndicated blog post authored by Amanda. Read the original post at: Social-Engineer.Com – Professional Social Engineering Training and Services