Equifax has lost the keys to the kingdom in the latest security breach.
Today, it came out that “Equifax Says Cyberattack May Have Affected 143 Million Customers” in the latest Equifax security breach. While the number alone falls well short of some other recent hacks, the potential for damage makes it even more serious than both Yahoo! breaches combined. The Yahoo! breaches were serious enough because password resets usually take place via email, but at least that requires the data thieves to work harder to get more information. Since Equifax has all credit data, including Social Security numbers, it is a one-stop shop for hackers. It is sufficient information for identity thieves to present to creditors, lenders and other service providers, to include information that identifies a person as the legitimate account holder.
“This is about as bad as it gets,” said Pamela Dixon, executive director of the World Privacy Forum, a nonprofit research group. “If you have a credit report, chances are you may be in this breach. The chances are much better than 50 percent.”
While there is no evidence that “core … reporting databases” were breached, the potential exists, and, as a result, Equifax has set up a website Cybersecurity Incident & Important Consumer Information where you can put in your last name and last six of your SSN to check whether or not you qualify for free credit monitoring.
Sadly, that falls far flat from a real solution, because once the information is out there, it is out there, and it can impact someone years from now. It really is time that companies that are negligent with personal identifying data be legally liable for their lack of safeguards.