Equifax: Five things you should know about the raid on your data


Atlanta-based Equifax Corp. and consumers whose credit it tracks have continued to struggle with the fallout from a data breach that affected 143 million people in the United States, and more in other nations.

Here are five things you should know about the hacking incident — one of the worst so far — and how it affects you.

1. Protect yourself: You should take a number of steps to protect your personal identity and financial accounts, given the scope of the data breach.

Hackers got some of the crown jewels of identifying information, including folks’ Social Security numbers, names, addresses, driver’s license numbers, and credit card numbers in some cases.

That’s long-lived information that thieves can use indefinitely to set up fraudulent identities, to take out loans, to steal tax refunds, and to possibly raid some accounts.

Experts advise obtaining credit reports on yourself to check for suspicious activity; freezing your credit profiles at all three major credit bureaus; closely monitoring your bank and other accounts; and switching to safer “two-factor” sign-ins on your bank and 401(k) accounts.

2. Expect delays: Equifax offered free credit monitoring and, later, free credit freezes after disclosing the massive data breach on Sept. 7. Two Equifax executives retired shortly after the disclosure.

But the company’s phone lines and online sites have been swamped by worried people who reported being unable to get through, for days in some cases.

A check on Saturday afternoon of Equifax’s Tweets responding to consumers showed that it’s still having problems. The company’s ten most recent Tweets read something like this one: “We’re working diligently to improve customer experience including working to add capacity to handle both the online and call center volume.”

3. Expect confusion: Equifax also set up an online link, www.equifaxsecurity2017.com, where people can get updates on the situation, check to see if their personal information may have been compromised, and sign up for credit monitoring or freezes.

But the company ended up with egg on its face after it was discovered this week that a software engineer had set up a similarly-named fake site that some 200,000 people went to. Fortunately, his site was used to call attention to how easily Equifax’s site was faked, rather than to go on a phishing expedition to steal information.

He later shut the site down and Equifax apologized for the “confusion.”

4. Risky business: Equifax’s huge cache of many types of data on consumers make it a prime target for hackers. The company hasn’t released many details on how the data breach happened. It disclosed that unknown hackers exploited a weakness in a software application known as Apache Struts and had access to company databases from May 13 until it was discovered in late July.

But industry and data security experts have cited a number of factors that may have increased the risk of the hacking incident. Apache Software Foundation said Equifax hadn’t installed a software patch it issued in March. Equifax’s fast growth may have exposed security and organizational gaps. Some critics said an earlier hacking incident exposed outdated security measures at the company.

5. Investigations: Equifax has been swarmed with investigations and lawsuits since fessing up to the data raid weeks after it was discovered.

The FBI is conducting a criminal investigation into the data breach. The Consumer Financial Protection Bureau and Federal Trade Commission are also looking into it. According to Bloomberg, the Department of Justice and the Securities and Exchange Commission are investigating $1.8 million of stock sales that three top Equifax executives — not the ones who retired — did a few days after the breach was discovered, but before it was disclosed to the public. Equifax said the executives, including its chief financial officer, didn’t know about the hacking at the time of the stock sales.

Dozens of state attorneys general have also announced probes. Federal lawmakers in the House and Senate have scheduled hearings, and are drawing up proposed legislation to require perma-freezes on consumers’ credit profiles and other protections.

Meanwhile, more than 100 consumer lawsuits, most seeking class action status, have been filed against Equifax, or are in the works.



Reader Comments ...


Next Up in Business

Georgia loses jobs in March, but unemployment rate steady
Georgia loses jobs in March, but unemployment rate steady

After two strong months, Georgia’s economy lost jobs in March. The number of jobs dropped by 7,400 during the month after adding 9,200 in January and 18,300 in February. The unemployment rate, which is calculated from a different, less extensive survey, held steady at 4.4 percent, according to a report issued Thursday by the Georgia Department...
Commuting brings challenges for Hartsfield-Jackson workers
Commuting brings challenges for Hartsfield-Jackson workers

As the largest job site in the state, some 63,000 people work at Hartsfield-Jackson International Airport. Although these employees help people travel around the world, it’s hard for some airport workers to just make it to to their jobs. Commuting comes with its hassles for workers all over the region. But the Atlanta airport presents some particularly...
Atlanta company raises all pay to $50k: quirky or smart?
Atlanta company raises all pay to $50k: quirky or smart?

Most smart employers want to pay enough to get the workers they need, but not more. Yet Rented.com, an Atlanta company with technology that fuels Airbnb, has raised the minimum pay for all employees to $50,000 and the company’s chief executive says the firm will save money in the long run by paying more. Wait, what? True, said CEO Andrew McConnell...
Kempner: Ignore call from boss? Georgia shifts on distracted driving
Kempner: Ignore call from boss? Georgia shifts on distracted driving

Georgia’s new distracted driving rules are confusing and watered down, but they give Georgians a legal excuse not to work in their cars and to ignore calls from bosses and customers. Some workaholics won’t take the hint. Not when they spend all that time brewing in Atlanta’s traffic. Not when plenty of employees and business owners...
Pilotless air taxis now flying openly in New Zealand
Pilotless air taxis now flying openly in New Zealand

Ride in a pilotless flying taxi, anyone? Larry Page’s Kitty Hawk has been testing such a vehicle in New Zealand since late last year and is coming out of stealth mode, the Silicon Valley company announced recently. “The dreamers from California met the visionaries from New Zealand,” Kitty Hawk said in a press release that lauds New...
More Stories