Equifax Data Breach

The Equifax data breach is one of the deadliest cyberattacks in the modern times not only in terms of affected people but also due to the intensity of accessed personal data. Equifax reported that between mid-May and June 2017, their system was hacked and the personal information of 173 million customers was exposed. Below we highlight some incites about this breach and then take a look at exactly how this was accomplished at the bottom.

Accessed information

According to Equifax, the hackers were able to access customer’s names, Social Security Number, customer’s date of birth, card numbers, addresses and driver’s license numbers.

Why this breach is one of the deadliest attacks

The Yahoo data breach in 2016 had 1 billion customers affected where only the passwords and phone numbers were accessed. But in the case of Equifax, sensitive data was accessed which means that:

1. Criminals can use the Social Security number to other credit accounts using a customer’s names.
2. Hackers can also maneuver their way and shop online using the credit card details obtained.
3. The hackers can sell the data to other criminals which makes the effect very grave.
4. An accessed customer’s data is not immune to future’s fraud, extortion and blackmail. The accessed information can haunt a customer forever.

How to find out if your information was exposed

Equifax has established a “Potential Impact” tab on its website (www.equifaxsecurity2017.com) that helps customer confirm whether they were victims or not. A customer should enter their last name and the last 6 digits of their social security number and a report indicating whether you were affected or not will be generated.

Due to the sensitive nature of social security number, ensure you are using an encrypted network and the computer is secure.

How to protect yourself from the data breach

Check your credit reports

Access your credit reports either from Experian, TransUnion and Equifax by accessing annualcreditreport.com. Monitor any unfamiliar activities and report immediately. Also, you can check the appropriate step to take by visiting IdentityTheft.gov.

Place a credit card freeze

A credit card freeze will give you a personal identification number (PIN) on your credit card files. This means that no other person can use them when in freeze mode. Freezing credit card files will ensure that your details cannot be used by another person to open a new account in your name.

NB: A card freeze does not restrict card charges and therefore, intruders can still use your card to do shopping.

Monitor your credit card and bank accounts

Use your banks to monitor your credit card and bank account activities by taking a credit or bank statements. This will enable you take appropriate action before much damage is done.

Place a fraud alert

A credit fraud alert ensures that creditors are informed that you are vulnerable to identity theft and thus should seek further clarification in case of any credit application.

So what can we learn from the Equifax data breach?

Equifax data breach brings out two scenarios about how the hack was effected:

1. First, either the hacked database was not encrypted. This is because, accessing encrypted data requires access to the secret key used.
2. Or the vulnerable application that was exploited allowed access to the data in an encrypted state.

Organizations should ensure that:

1. They utilize strong encryption mechanisms
2. Data in transit and at rest should be encrypted.
3. Implement multi-factor authentication for users.
4. Conduct regular system security audit

So lets go deeper and explore exactly how this was done

Again, if you haven’t heard already, if you live in the US then there is a high probability your personal information was hacked from Equifax.  If you haven’t checked already you can see if you were a victim here:  https://www.equifaxsecurity2017.com/am-i-impacted/  You should be able to enroll in their monitoring program if needed.

So what specifically lead to the breach?  Well Equifax has recently stated here:  https://investor.equifax.com/news-and-events/news/2017/09-15-2017-224018832 that the breach occurred due to the Apache Struts (CVE-2017-5638) vulnerability.

What makes this vulnerability being exploited disturbing is the fact that this exploit was found out in the wild in March 2017.  You can see the actual exploit here and when it was published for everyone:  https://www.exploit-db.com/exploits/41570/

Equinox didn’t start seeing suspicious network traffic until July 29, 2017.  That means that their systems were vulnerable for five months and they didn’t even bother to update their servers.

This is all pointed out because this is the case more times than not and the reason there will always be a job for us out there to secure more systems.

Conclusion

Equifax data breach is just among the many data breaches that occur daily. Many of these attacks are never reported and thus the impact of hacking and access of crucial data and information is severe and even worse than reported. Therefore, organizations and individuals should ensure constant training in order to equip themselves.