Privacy News Equifax Says Cyberattack May Have Affected 143 Million Customers

Captain Awesome

Level 24
Thread author
Verified
Top Poster
Well-known
May 7, 2016
1,307
Equifax, one of the three major consumer credit reporting agencies, said on Thursday that hackers had gained access to company data that potentially compromised sensitive information for 143 million American consumers, including Social Security numbers and driver’s license numbers.

The attack on the company represents one of the largest risks to personally sensitive information in recent years, and is the third major cybersecurity threat for the agency since 2015.

Equifax, based in Atlanta, is a particularly tempting target for hackers. If identity thieves wanted to hit one place to grab all the data needed to do the most damage, they would go straight to one of the three major credit reporting agencies.

“This is about as bad as it gets,” said Pamela Dixon, executive director of the World Privacy Forum, a nonprofit research group. “If you have a credit report, chances are you may be in this breach. The chances are much better than 50 percent.”

More News:Equifax Says Cyberattack May Have Affected 143 Million Customers
 

Solarquest

Moderator
Verified
Staff Member
Malware Hunter
Well-known
Jul 22, 2014
2,525
143m!!!! We're customer data encrypted?
It still "amazes" me how companies can make such incredible "mistakes" and get mostly rid of them with little consequences!
I really hope they get a fine that moves all other companies to really take care of customer data and to make security a priority!
 

tim one

Level 21
Verified
Honorary Member
Top Poster
Malware Hunter
Jul 31, 2014
1,086
A theft of 143 million users. Not dollars, euros or gold bullion. But something that is equally or more valuable: personal information and security numbers, which, however, is increasingly difficult to protect.
The uncertainty of safety is really difficult to digest.:rolleyes:
 

Entreri

Level 7
Verified
May 25, 2015
342
Imagine when the NSA facilities in Utah finally get hacked, I hope by criminals, the ensuing chaos will be amusing.
 
  • Like
Reactions: Venustus
P

plat1098

And how are things going at Experian and TransUnion nowadays? My thoughts are with the people who have been and/or will be affected by the two hurricanes today and in the recent past. It is beyond belief that news of this massive breach would be coinciding with these events.
 
5

509322

Blimey, if Equifax has been targeted so many times, they quite clearly have not learnt any lessons :rolleyes: There security should have been layered up to the hilt after the first breach. Nowhere is safe anymore :eek:

143m!!!! We're customer data encrypted?
It still "amazes" me how companies can make such incredible "mistakes" and get mostly rid of them with little consequences!
I really hope they get a fine that moves all other companies to really take care of customer data and to make security a priority!

There are no mandated minimum IT security standards required by law for any party to protect consumer data. At this point in time there are just general governmental and industry guidelines.

If there is a data breach, some governments require that the breached firms report the data breach. That's all that is legally required.
It is up to firms to establish and implement their own IT security standards and systems.

Basically, firms can use Windows default protections or nothing at all if they so wish.

That's why I keep saying over-and-over, the security of your personal system is the least of your concerns. The real risk is your personal data which resides on 3rd, 4th, 5th,... party systems. Whether a person realizes it or not, their personal data is shared and stored widely across many, many systems. Read the fine print and understand completely what it means.
 
5

509322

Imagine when the NSA facilities in Utah finally get hacked, I hope by criminals, the ensuing chaos will be amusing.

The NSA has already been hacked many times. Same for the CIA, FBI, DoD, etc. All of them multi-billion dollar budgeted government organizations with the best IT security that money can buy.

So it shows real ignorance when users on these forums live under the delusion that they can somehow create complicated security configurations that are "impenetrable" fortresses using consumer-grade security softs.

There are no IT security protection systems that provide 100 % protection. If powerful government agencies cannot do it, what makes a home user think they can do it ?

Installing security softs is only the tip of the iceberg of what is required to protect personal data.
 

Entreri

Level 7
Verified
May 25, 2015
342
The NSA has already been hacked many times. Same for the CIA, FBI, DoD, etc. All of them multi-billion dollar budgeted government organizations with the best IT security that money can buy.

So it shows real ignorance when users on these forums live under the delusion that they can somehow create complicated security configurations that are "impenetrable" fortresses using consumer-grade security softs.

There are no IT security protection systems that provide 100 % protection. If powerful government agencies cannot do it, what makes a home user think they can do it ?

Installing security softs is only the tip of the iceberg of what is required to protect personal data.

Even the NSA Utah data centers? I read there are so many attempts per day against it. If they got hacked, fantastic.
I really love how various government departments are now centralizing their data storage, brilliant. One juicy central target.

Evidently, Equifax , login and password, "admin" and "admin". Outstanding security (at least in Argentina). Did Equifax US of A even encrypt any of the sensitive information? I think not. Brilliant IT once again.
 
  • Like
Reactions: Solarquest
5

509322

Even the NSA Utah data centers? I read there are so many attempts per day against it. If they got hacked, fantastic.
I really love how various government departments are now centralizing their data storage, brilliant. One juicy central target.

Evidently, Equifax , login and password, "admin" and "admin". Outstanding security (at least in Argentina). Did Equifax US of A even encrypt any of the sensitive information? I think not. Brilliant IT once again.

The greatest threat to a user's personal data is not that their home system will be infected by some undetected malware and their data will be stolen. This scenario is very unlikely.

The greatest threat is that a 3rd, 4th, 5th,... party system will be hacked\infected and the person's data stolen from those compromised systems.
 

Solarquest

Moderator
Verified
Staff Member
Malware Hunter
Well-known
Jul 22, 2014
2,525
There are no mandated minimum IT security standards required by law for any party to protect consumer data. At this point in time there are just general governmental and industry guidelines.

If there is a data breach, some governments require that the breached firms report the data breach. That's all that is legally required.
It is up to firms to establish and implement their own IT security standards and systems.

Basically, firms can use Windows default protections or nothing at all if they so wish.

That's why I keep saying over-and-over, the security of your personal system is the least of your concerns. The real risk is your personal data which resides on 3rd, 4th, 5th,... party systems. Whether a person realizes it or not, their personal data is shared and stored widely across many, many systems. Read the fine print and understand completely what it means.

We are in 2017!....even after so many companies got hacked we still don't have minimum IT security requirements?
Incredible, not understandable,... a shame!
Companies dealing with sensible data don't have security requirements to follow?
I cannot believe this!!!!!
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top