Washington, D.C., Sept. 8, 2017 – Equifax announced a major data breach yesterday affecting some 143 million Americans’ personal information. According to the company, the data breach left Social Security numbers, driver’s license numbers and other sensitive information at risk sometime between mid-May and July of this summer.
“Major breaches like this one remind us that it is critical for internet users to remain continually diligent about practicing good cybersecurity habits,” said Michael Kaiser, executive director of the National Cyber Security Alliance (NCSA). “As our connected world grows and vast amounts of information is collected and stored, the scale of data breaches is likely to grow. Businesses and organizations that accumulate data must operate with a deep understanding of the value of that data to cybercriminals and the other risks to their customers, employees and networks. It is essential they employ a comprehensive approach to cybersecurity and be prepared to respond if a breach occurs.”
Fortunately, Equifax is reporting no evidence of unauthorized access to core consumer or commercial credit reporting databases at this time. Nevertheless, NCSA urges all Equifax users to take action now to secure their accounts. Equifax is offering complimentary identity theft protection and credit file monitoring. Information can be found at equifaxsecurity2017.com/enroll.
Following any breach, everyone can better protect their accounts by following these steps to stay safer and more secure online, including:
- Lock down your login. Use strong authentication — more than a username and password to access accounts — to protect your most valuable accounts, including email, social media and financial.
- Keep clean machines: Prevent infections by updating critical software as soon as patches or new operating system versions are available. This includes mobile and other internet-connected devices.
- Monitor activity on your financial and credit card accounts. If appropriate, implement a fraud alert or credit freeze with one of the three credit bureaus (this is free and may be included if credit monitoring is provided post breach). For more information, visit the Federal Trade Commission website identitytheft.gov.
- When in doubt, throw it out. Scammers and others have been known to use data breaches and other incidents to send out emails and posts related to the incident to lure people into providing their information. Delete any suspicious emails or posts, and get information only from legitimate sources.
This data breach happens as the nation prepares for National Cyber Security Awareness Month, an effort co-founded and co-led by NCSA and the U.S. Department of Homeland Security to educate businesses and all digital citizens about staying safer and more secure online. More information is available at staysafeonline.org/ncsam.