Equifax Left Out of Credit After Data Breach

Equifax Left Out of Credit After Data Breach

posted in Ransomware ● 12 Sep 2017

When any globally recognised organisation reports a data breach there are going to be a number of concerned parties, for Equifax there are literally hundreds of millions of concerned parties. The company has reported that a large-scale data breach led to the records of up to 143 million customers in the States being stolen, in addition to an unknown number of Canadian and British customers.

Unsurprisingly the company’s stock value has dropped some 13% since the event and all eyes now turn back to the company as the fall-out is evaluated and they are left to clear up the mess.

For Hacks Sake!

Although full details of how the data was stolen have not emerged, Equifax have been forthcoming with information and official statements, including that of CEO Richard Smith.

“This is clearly a disappointing event for our company, and on that, strikes at the heart of who we are and what we do”

Among the data stolen by hackers over an almost two-month period, Mid-May to July, it is believed that over 200,000 credit card details were taken. Hackers were able to ascertain access to systems via a ‘website application vulnerability’. It has been reported that Equifax’s core database systems remained intact and had not been accessed; Equifax holds data for more than 890 million customers and over 90 million businesses. Protecting data on that scale is a challenging task but for such a large organisation with such an established business in data, more should have been done.

Under Investigation

With this hack making headlines globally it’s not much of a surprise that many regulators and authorities have begun investigating the hack. Among these is the FBI and in the UK the ICO who have stated that this hack is “cause for concern”, and cause for financial penalisation in the not too distant future.

The ICO (Information Commissioners Office) is the data regulatory authority in the United Kingdom and will be responsible for ensuring that any British citizens affected by the breach are treated in the correct way. Equifax has a responsibility to adhere to data laws of countries where it operates and should be well aware of the impending General Data Protection Regulation (GDPR). Under the GDPR organisations can see fines of up to £17 million or 4% of global revenue for serious data breaches such as this one.

“The Credit Bureaus have for the most part shown themselves to be terrible stewards of very sensitive data… more oversight [is needed] from regulators and law makers”- Cyber Security Expert, Brian Krebs.

The Breach Threat

Data breaches can come in many forms ranging in size and severity, the accidental loss or deletion of data is classified as a data breach but is often not as severe as a hack or external breach. Cyber-security threats are not new; however, the last 18 months have seen an unprecedented rise in the number of attacks reported, especially with malware and ransomware. It is important for organisations of all sizes, global or otherwise, to ensure that steps have been taken to mitigate the risk of a data breach. Steps can include:

  • Implementing an accurate reporting process
  • Limiting access to sensitive information
  • Securing data on split networks
  • Taking an off-site backup of data

See the future of data management. Now

Watch our product demos to find out more about our solution.

The cyber criminals exploiting coronavirus panic

Reading, 20 March 2020 – Cyber hackers are preying on the public’s fear of Covid-19 to spread their own harmful viruses. According to multiple cybersecurity experts, the spike in phishing techniques, fraudulently claiming to come from an official source is the worst in years.

Continue reading

How to keep business healthy during outbreak

Reading 12 March 2020 – Up to a fifth of the UK’s workforce are likely to be off sick at the peak of the coronavirus pandemic, according to the Government’s best estimations.

Continue reading

Is your medical practice a top ransomware target?

Reading, 17 January 2020 – Since the early 2000s, medical professionals have increasingly been choosing electronic patient records over paper. Although digital records are certainly easier to access and harder to lose or destroy, they are by no means immune to disaster – and organisations have more to worry about than just fires and floods.

Continue reading