Learning from the Equifax Breach
Equifax is one of the three-largest credit-reporting firms in the U.S. On Sept. 7, it announced a security breach that potentially affected 143 million U.S. consumers. You can check to see if you were affected and enroll in a credit monitoring service at no cost: https://www.equifaxsecurity2017.com/
Your best defense? Protect your personal identity and financial information by taking these steps:
1. Freeze your credit report to prevent attackers from obtaining credit histories and opening new lines of credit: https://www.consumer.ftc.gov/articles/0497-credit-freeze-faqs
2. Create your online Social Security account — regardless of your age or retirement eligibility — to prevent attackers from doing so: https://www.ssa.gov/myaccount/
If you already have an account, regularly review your statements and be alert for benefits activity you didn’t initiate.
4. Be suspicious of ALL phone calls and emails that request personal information or threaten that you’ll lose access to something if you don’t log in or respond. If you think it might be real, look up the company’s contact information and ask. For more tips to spot fraudulent emails, visit: https://oit.boisestate.edu/cybersecurity/phish-bowl-dont-get-hooked/
More About Identity Theft
IdentityTheft.gov is the U.S. government’s one-stop resource for identity theft victims. The site provides streamlined checklists and sample letters to guide you through the recovery process. Get help to report and recover from identity theft: https://www.identitytheft.gov/
*Update on 09-11-2017*
The New York Times reports that Equifax is changing the way it generates PINs.
On Sunday afternoon, in an emailed statement, an Equifax spokesman, Wyatt Jefferies, said … that the company would soon be changing the PIN generation and reset request process.
“While we have confidence in the current system, we understand and appreciate that consumers have questions about how PINs are currently generated,” he wrote. “We are engaged in a process that will provide consumers a randomly generated PIN. We expect this change to be effective within 24 hours.”
*Update from Sophos*
We know you’ve probably heard about the Equifax breach many times already, and read all sorts of advice about it, but we also know that many of you – especially outside America – still aren’t quite sure what it all means and what to do.
Paul Ducklin and Mark Stockley can help you with that!
Rather than writing a pre-prepared list of answers, they went live online to take your questions and help you figure out what we should be doing about breaches of this sort.
Watch the video at https://www.facebook.com/SophosSecurity/videos/10155010942990017/