Consumer credit reporting agency Equifax Inc. has announced on Sep 7 that cybercriminals have exploited a vulnerability in their website, allowing them to gain access to certain files. The data breach appears to have taken place from mid-May through July 2017. The company discovered the unauthorized access on July 29 of this year.
We recently discovered a cybersecurity incident involving consumer information. Once discovered, we acted immediately to stop the intrusion.
— Equifax Inc. (@Equifax) September 7, 2017
Cybercriminals stole names, Social Security numbers, birth dates, and addresses. In some cases, driver’s license numbers and even credit card numbers were accessed. During the company’s investigation of this breach, it was also found that there was access to some personal information for some UK and Canadian residents.
Usually, data breaches are disclosed via the company’s press release, which reaches news outlets in no time. If you hear about a breach involving an institution you do business with, contact the organization in question to check whether your data has been compromised. You can visit the organization’s website to see if there is a statement about the breach with any instructions about what to do next, or you can call the company’s customer service phone number.
Helping protect yourself in the event of a data breach
You may not know if you have been affected by a breach, so your best action is to be proactive. You can use the tips below to stay ahead of the bad guys and know what to look out for.
- Routinely monitor all of your financial accounts for suspicious activities, such as transactions you did not make. If your institution offers account activity alerts via text or email, sign up for them.
- Cybercriminals can now use data from a breach to access your other online accounts via password reset questions. These questions usually ask you personal information about yourself such as your mother’s maiden name, previous addresses, and other details. If you have ever used any of this information in those types of security questions, you should change the questions immediately.
- If the information that was leaked in the breach was as a Social Security number or other personally identifiable information, you may want to consider putting a security freeze on your credit report. This will prevent other institutions from accessing your report entirely, which will prevent opening any new credit lines or credit extensions under your name. Also be sure to contact the Social Security Administration if dealing with a data breach that involves your SSN about next steps.
- If you do encounter suspicious activity on your account, contact your bank immediately and inform them of the activity as well as the fact that your information was exposed in a breach. Secondly, contact the FBI’s Internet Crime Complaint Center (IC3) and file a report.
- If a password was involved in the breach- change it.
Breaches are common these days because the payoff for cybercriminals may be lucrative. For this reason, it can be helpful if you add another layer of protection to your digital life by using an identity theft protection service. Such services can help protect your personal information by sending you alerts if suspicious activity is identified within their network, or if new accounts are opened with your Social Security number.† LifeLock is one such comprehensive service.
The unique combination of digital security by Norton Security and identity theft protection by LifeLock redefines what safety means in a connected world. These are just a few of the precautions one can take to help protect against identity theft.