News

Equifax Left Out of Credit After Data Breach

Tue, 12/09/2017 - 08:12
Redstor_Equifax_Blog
Ransomware , Data Protection

When any globally recognized organization reports a data breach there are going to be a number of concerned parties, for Equifax there are literally hundreds of millions of concerned parties. The company has reported that a large-scale data breach led to the records of up to 143 million customers in the States being stolen, in addition to an unknown number of Canadian and British customers.

Unsurprisingly the company’s stock value has dropped some 13% since the event and all eyes now turn back to the company as the fall-out is evaluated and they are left to clear up the mess.

For Hacks Sake!

Although full details of how the data was stolen have not emerged, Equifax has been forthcoming with information and official statements, including that of CEO Richard Smith.

“This is clearly a disappointing event for our company, and on that, strikes at the heart of who we are and what we do”

Among the data stolen by hackers over an almost two-month period, Mid-May to July, it is believed that over 200,000 credit card details were taken. Hackers were able to ascertain access to systems via a ‘website application vulnerability’. It has been reported that Equifax’s core database systems remained intact and had not been accessed; Equifax holds data for more than 890 million customers and over 90 million businesses. Protecting data on that scale is a challenging task but for such a large organization with such an established business in data, more should have been done.

Under Investigation

With this hack making headlines globally it’s not much of a surprise that many regulators and authorities have begun investigating the hack. Among these is the FBI and in the UK the ICO who have stated that this hack is “cause for concern”, and cause for financial penalisation in the not too distant future.

The ICO (Information Commissioners Office) is the data regulatory authority in the United Kingdom and will be responsible for ensuring that any British citizens affected by the breach are treated in the correct way. Equifax has a responsibility to adhere to data laws of countries where it operates and should be well aware of the impending General Data Protection Regulation (GDPR). Under the GDPR organizations can see fines of up to £17 million or 4% of global revenue for serious data breaches such as this one.

“The Credit Bureaus have for the most part shown themselves to be terrible stewards of very sensitive data… more oversight [is needed] from regulators and law makers”- Cyber Security Expert, Brian Krebs.

The Breach Threat

Data breaches can come in many forms ranging in size and severity, the accidental loss or deletion of data is classified as a data breach but is often not as severe as a hack or external breach. Cyber-security threats are not new; however, the last 18 months have seen an unprecedented rise in the number of attacks reported, especially with malware and ransomware. It is important for organizations of all sizes, global or otherwise, to ensure that steps have been taken to mitigate the risk of a data breach. Steps can include:

  • Implementing an accurate reporting process
  • Limiting access to sensitive information
  • Securing data on split networks
  • Taking an off-site backup of data

Recent Articles

Redstor_Ransomware_Typewriters_blog Ransomware

Latest Ransomware Attacks Leave Organisation Working On Typewriters

Ransomware is a threat to all organizations and has been prevalent for a number of years. Although recent reports suggest that organizations are no... read more

August 09, 2018
Redstor_Reddit_blog Ransomware

Two-factor Becomes Hack-factor In Reddit Attack

The last few years have seen a number of high profile hacks, each growing in complexity and affecting masses of people. Strains of ransomware have... read more

August 07, 2018
Redstor_Dixons_super-breach_blog Disaster Recovery

Dixons Breach Becomes Super-breach Following Review

Earlier this year high street electronics firm Dixons Carphone revealed that a data breach had occurred the previous year, effecting over 1 million... read more

August 02, 2018