The Equifax Hack And How To Protect Your Family — All Explained In 5 Minutes

from freeCodeCamp

In 1989, the US government decided to concentrate our most sensitive data in the hands of three giant finance corporations: Experian, TransUnion, and Equifax. These three corporations now store our biographic information, every address we’ve ever lived at, and every major financial transaction we’ve ever made — all so they can assign us a FICO credit score.

And one of these companies just got hacked.

On September 8, Equifax announced what is now the worst data breach in history. And yes — you are most likely a victim of it.

Here’s how this whole disaster unfolded.

More here.

, , , , , ,

25 Responses to The Equifax Hack And How To Protect Your Family — All Explained In 5 Minutes

  1. Rebecca Hu September 15, 2017 at 5:10 pm #

    According to the article published by Quincy Larson, recently on September 8th the company, Equifax announces there is a security breach within the system. This leads to “attackers had full access to the records of 143 million Americans, 44 million Brits, and an unknown number of Canadians”. The information was not just simply your names or address. It includes the most important series of numbers to live in the state. It includes social security numbers and driver license numbers. All the information you are required when applying anything in the states.
    How could this kind of breach happen? Well according to the article, the hackers have access to this personal information Equifax only “discovered the breach on July 29”, then they “waited another 38 days” to announce the information. With such incident happening the company, choose not to disclose the information to the public. Instead, they try to make the “best” out of the situation. By “Equifax executives sold $2 million in stock”, they choose to make their profit damage to be less severe.
    I personally do not think this is the best reaction when first knowing the data breach. This may be good for the CEO’s personal interest but it is an insider trade. Knowing this information and not telling is just making profits on other people’s confidential data. Personal information being released to the public and the company have no way of telling which account was being hacked. They did not have a plan at all to try to solve the situation. Since they only worry about selling stocks and their profit after announcing the breach. They did not provide any real solution to the victims of this breach. Furthermore, this data breach could be avoided in the very beginning. When the developers release a new security patch they should have installed it. Then there will be no such incident.
    Currently with the advancement of computer technology, and the internet. Our information on the virtual database seems to be so vulnerable. The government and the public trusted the three finance corporations to regulate and keep the data safe. A possible solution is through the government passing a statutory law that regulates the company must update any software related to security within a short amount of time. With the database control, I think it comes down the keeping the company’s system always up to date. Always be one step ahead of the game. If they found a breach, they should be forced to announce it within 12 or 24 hours. There is no time to waste knowing that personal information can be accessed from other people.
    The article suggested 5 steps to ensure your property safety after this data breach. First, have access to your credit score. Secondly to freeze your credit. Thirdly having copies of your birth certificates. Fourthly file taxes on time, and lastly be cautious when unknown contacts reach out to you. I agree with the article that in order to make sure that your information is secure, it is necessary to always watch out your account. It is almost common sense to be cautious when unknown contacts reach out to you. It is just these simple common sense we need to follow to ensure the safety of your personal information.
    I remember I once received a text from Chipotle, stating they have a security breach in their system. Therefore, the hackers have my credit card information. I think Chipotle’s way tackling this problem is much better at Equifax. Equifax has no idea who is being affected and who is not. They set up the website just to think of ways to escape from liabilities of this breach. I also remember that Yahoo has a data breach, they informed me to change my password as soon as possible. I understand Equifax’s system breach is at a much larger scale, but they should not act as if they are trying to get away from the liabilities regarding this case.
    There are too many bugs in the computer system if a company such as Equifax refuse to update its system to the newest. Then they are giving opportunity for the hackers to attack their system. The public should put enough pressure on this issue regarding data regulation with the big finance corporations. This data breach happened, does not indicate that there will not be another one. It is to the customers to pressure the corporation to act upon this situation. They should not allow another data breach as big as this one to ever happen again.

  2. Shiyun Ye September 15, 2017 at 6:29 pm #

    After having read this article, it became clear how even with the most valuable information stored in the hands of the government; there are still ways for hackers to control the information. Many lives were affected due to the breach in Equifax; hackers had a window of 2 months to siphon data containing biographic information, addresses, and every major financial transaction for nearly 200 million people. The responsibility of such information was given to solely three major corporations proving it was only a matter of time before someone was able to get expose the flaws in such security. Not only had Equifax put millions of people’s lives at risk, they succeeded in covering themselves for such an event well before the breach was made.

    Government officials launched a criminal investigation into the breach, one of the biggest breaches in American history, with the hack exposing nearly fifty percent of all Americans to potential identity theft. The class action lawsuit following is currently up to the sum of seventy billion dollars, making it the biggest lawsuit of its kind in American history. Major precautions must be taken from this point forward, as it is unknown whom exactly is affected such as freezing credit, ensuring possession of birth certificates, file taxes, and be vigilant when strangers are in contact. One suggestion the articles makes is for the government to create a better identification system than a social security number that contains a multi-factor identification, a combination of biometrics and secret codes that change in time. Nothing can be guaranteed to be full proof however, there can be extra steps made for further precautions.

    In the age of modern technology, companies like Equifax that have so much sensitive information must find effective ways to balance security and ease of use, something difficult to find in a world where hackers and their methods are constantly evolving. A company can never truly be safe since they do not know what tools the hackers have until they have already been hit by them, so there may never be a truly perfect form of protection. The Equifax breach has proven how easy it can be in the modern era of anonymous hackers for people to essentially clone citizens in the eyes of the government. In my personal experience I have not been affected by such breaches.

    However, I have encountered others who have shared with me what they have been through. It is tragic how crippling identity theft can be, destroying people’s credit, stealing their money, and dragging their name through the dirt for a few quick dollars for the hackers. For example, before there was chips installed in credit cards identity theft was very common, just shopping at target could result in someone using your card from the other side of the country. This is not the first example of identity theft, as major companies have been affected by hacks in the past, and hacks have been happening more and more often with more people being affected, and so without any new measures taken for protecting American citizens, this type of hack will just be one of many to afflict the United States population.

  3. Vincent Scorese September 15, 2017 at 7:30 pm #

    After reading this article it’s really hard not to feel worried not only about the information leaked in the Equifax incident and how you may have been affected, but also where does the line stop on our security in this sensitive information? Technology is one of the greatest inventions by man and has helped us become a very efficient society. Down to the way we schedule our days and the ways we can communicate with anyone at the world at any given time. Technology however can lead to situations like this where it leaves very sensitive things up for grabs on the internet to people who surely won’t do the right thing with the talents in technology they have.

    For one of the biggest and most important companies in our country to take a hit like this is scary because you would imagine that this would be something that would at least have been under a very high security. However due to negligence and poor management the company knew the website data they were using was out of date and had a risk to be compromised or hacked, yet they did nothing about it and let it go. Other alarming news in the situation was the fact that the top executives of the company are under serious investigation for insider trading. They also were making it so when you were trying to see if you were one of the ones affected, if you hit enroll you would have agreed to voiding to ability to sue for damages against the company which didn’t really help their image very much. Also, they were charging customers to freeze their credit through them as well. It’s like someone coming into your house and spilling the milk you just bought all over the floor and then telling you they will take care of the spill, but you have to pay them for it. Which is just ridiculous. They are under extreme scrutiny and rightfully so.

    Protecting yourself after this outfall is obviously one of the biggest concern for people. What most have done so far is freezing their own credit so that way no activity can be done on their account and others are taking to services like life lock where they are going to be protected and monitored by a company to look after their credit and other serious confidential information.

    Over 143 million people in the united states have been affected by the hack and although on paper its only half the U.S. the number is actually much worse than half. Considering that the full population involves those who are not even those who have established credit. The number is closer to a two-thirds. If someone isn’t affected they are more than sure to know someone who has been affected. Again, if you were one of the people that was affected by this disaster for lack of better terms, the most widely recommended thing to do was freeze your credit and just be on the lookout to see if anything is suspicious on your credit cards or Etc.

  4. Henry Steck September 15, 2017 at 8:46 pm #

    It is incredible how a hack of this magnitude would be unimaginable just ten years ago. This company, and millions of its customers, have now had their paths permanently altered. For some customers this new path will take the form of a power credit score, and a scuff on the reputation of the company.

    We have to work to stay a step ahead of the powerful criminals who lurk cyberspace looking for holes in our digital armor.

  5. Piyush PAtel September 15, 2017 at 8:58 pm #

    Equifax one of the 3 finance corporations that the US government decided in 1989 to handle out sensitive data to assign us a FICO credit score recently got hacked. After reading Quincy Larson’s article about the hack I do not know who to be more upset at the government, or Equifax. Equifax employees must have known that the developers at Apache Struts released a critical security patch that they should have applied. “For more than two months, Equifax failed to apply that patch.” They should have known that hackers once they found the vulnerability that they would take advantage of it. After the executives at Equifax found out that their databases have been breached and over 143 million Americans, 44 million Brits, and an unknown number of Canadian’s records were open to full access over those two months, they delayed to tell the people. They found about the breach on July 29th but didn’t do anything about it for 38 days! Furthermore, executives sold over 2 million dollars in stock. I really hope the justice system doesn’t fail the people and those executives get held accountable for their highly unethical actions. I was hoping this was the end of the bad news but as I kept reading Equifax created a website for people to check if their data had been breached. This website not only gave random answers to people on if they got hacked but they snuck in a clause in the fine print “you waive the right to sue us” for free identity theft protection. After reading this article and knowing what happened at Equifax before and after the breach I have lost all trust in any company being invulnerable to cyber-attacks and keeping my information safe.
    The reason I believe that the government shares some of the fault in this is because they are the ones that gave them such an important responsibility without giving them strict rules to follow. Equifax should be required by law to update their databases if a major vulnerability has been detected. They knew over 2 months about the Apache Struts vulnerability and did nothing about it. It almost feels as if they let the hack happen on purpose. I believe that if the government had set higher standard for these companies the people would not be as vulnerable to these attacks. Since the government gave them the responsibility to handle people’s sensitive data they should also give them the responsibility to keep it protected from being stolen and used by hackers.
    Quincy Larson’s article not only talked about the problem with cyber security today and how Equifax and the government did its citizens dirty but it also shows us how we can protect ourselves on. Knowing that my identity can be stolen any minute because my personal information was probably part of the data that was breeched, I am going to freeze my credit. Larson states that anyone can go to one of the 3 credit rating agencies and spend $10 to freeze their credit so no loans, credit cards, ect. can be taken out. Larson does a huge public service for reporting about the Equifax hack and letting people know what they can do to make sure that no one ruins their credit.
    All in all, I believe that the government should start to enforce technology companies that are handling sensitive consumer information to better defend themselves from cyber-attacks from hackers. Also, I believe that the justice system should set an example out of Equifax and not just let the executives slide so that the American people know that cyber security is important especially with technology advancing every day.

  6. Meghan Healy September 21, 2017 at 1:11 pm #

    Recently, one of the three corporations that stores all of our biographic and financial information, Equifax, has been hacked into. In March, Apache Struts released an integral security patch. Equifax neglected to apply this patch, resulting in the siphoning of data 2 months later. The failure of applying the patch was incredibly foolish on Equifax’s part. It seems like it would be part of Equifax’s job to make sure that they were doing everything they could to ensure that their customer’s information is protected to the best of their ability. This shortcoming is simply reckless and could have easily been avoided. This breach occurred sometime in May, was discovered by Equifax on July 29th, but was not announced by the company until September 8th. This withdrawal of information will only have their consumers panicking more. This was another reckless and foolish act. On top of their most vital information being uncovered by hackers, the corporation that the public were supposed to trust with this information disregarded their customers. The hack of this company is detrimental to our safety and security. If this supposedly secured information is in fact unsecured, trust in our society will ultimately deteriorate.

    Reading this article, I was surprised that I did not hear about this breach until now. These hackers had access to crucially important information, such as social security numbers and addresses, of 143 million Americans. They had full names, social security numbers, birth dates, current and past addresses, drivers license numbers, and a history of major financial transactions of hundreds of millions of people. This information can easily lead to the destruction of our society with more identity theft and credit wreckage. It is a scary thought that one’s social security number and home addresses are now public information, as public as one’s name.

    In today’s society, almost everything is done electronically. Storing information in computers makes it more feasible to be hacked. Experian, TransUnion, and Equifax are more vulnerable to this exploitation. These 3 companies have been holding our information in these databases for nearly 30 years. Over time, technology has immeasurably improved, and databases have become a more advanced place. This should mean that it has a better capacity to store the information. However, this improvement also means that it is easier to get into these databases. With the development, these hackers have better tools and skills to get into the system.

    As the article states, Equifax has done a number of sketchy things. They 1) snuck a clause stating that the customer waives his or her right to sue them into the fine print of contracts, 2) their “did I get hacked?” website answered randomly, and 3) they assigned security PINs that were only a timestamp of when one’s credit froze. As a result of these scams, the largest class action lawsuit in history – $70 billion – is being launched against them. It is surprising that they still have a business and are still holding all of our important information. People trust that a company that holds all of their important information would be more reliable and would not pull these scams.

    The author of this article advises that everyone freezes his or her credit immediately. He also acknowledges that it is a difficult process, but that it needs to be done. The article suggests multiple measures that should be taken immediately, such as having copies of every birth certificate in your family, filing taxes expeditiously, and being careful when strangers contact you. I agree with the author that people should take these crucial steps to avoid identity theft. Equifax might not have done what they could have to prevent this issue, but the consumer can take the above steps to better the problem.

  7. Adam Rakowski September 21, 2017 at 4:36 pm #

    I never expected to read something that could be so scary and related to me at the same time. As the article states itself, “attackers had full access to the records of 143 million Americans, 44 million Brits, and an unknown number of Canadians”. The records of these individuals include but are not limited to credit card numbers, social security numbers, home addresses and almost all major financial transactions they have underwent since their credit history. You are literally a ghost without these numbers, as they are required for you to have at your disposal before you do anything here in the United States. Equifax was always speculated to be quite fishy ever since its first exposure to the public and what makes it even more ridiculous is the fact that after even noticing that they were breached on July 29th, the continued to wait an additional 38 days to notify their users of the breach. You thought this was bad enough; Equifax actually used that additional waiting time to their benefit and sold $2 million dollars in stock to make their hard landing just a little softer. While it is admittedly aggravating to read articles like this and understand how these big companies are screwing innocent people, the awareness is what is the most valuable here. We start to become more aware of how immoral these businesses are and how every action made is in the CEO’s favor. This is quite literally making money off someone’s loss and it’s not just any old lost; people are having their lives ruined due to identity and credit card theft because of unlawful businesses like Equifax promising one thing but doing another.
    You would think that just maybe these businesses would have some sort of safety precaution to efficiently handle or even prevent this type of event from ever occurring but now instead, cannot even identify which account is being specifically targeted to possibly inform their users of the breach. However, why would they even trouble themselves with informing innocent people when they just made $2 million dollars? The article advises the Equifax users of five steps to take. They might not do much considering how they might have had all of their information stolen anyways, but accessing your credit score, birth certificate, freezing your cards, filing taxes in a timely manner and being cautious of suspicious contact all help in possibly keeping yourself safe in this time of major uncertainty. There is nothing new or surprising about these steps but since most people are probably going to be panicking tremendously, they are still important to execute and keep in mind. After thinking about just how ridiculously Equifax performed with this breach, I remembered how companies like Google do an amazing job at monitoring user activity and potential account breaches. I am notified on my cellular phone every single time someone activates my account from a device other than my usual ones. Google also makes it amazingly easy to fix the solution while you sit back and do not worry about a single thing. Their high tech security system locates the address where your account was last singed in at. From then on you can realize whether it was you or not. Google also connects your cellular device and PC to one single Google account so you can access information at any point from virtually any device. This is just one example of a company that makes sure its users are safe in case of a hacker breach and actually makes the effort to notify its users of any potential threat.
    Equifax should seriously reevaluate their company’s business ethic and figure out a method to be a little bit more considerate to the customers that allow them to exist in the first place.

  8. Erik Peterson September 22, 2017 at 10:43 am #

    Equifax was and is one of the United States’ most powerful companies. Backed by the government in 1989, along with Experian and TransUnion, Equifax was trusted with the sensitive information of hundreds of millions of American citizens. Recently, they last their grip on that same information. It is unbelievable to me that a company this big, with information that was this important, could be so downright ignorant. We live in a digital age, where attacks on any information can come quickly, and can seemingly come from nowhere. Regular people know that attacks like this occur almost daily, so why wouldn’t Equifax security monitors know the same? In this case, they were just plain ignorant. The company was offered an upgrade on their security system, which they refused to implement for nearly 3 months after its release. Because of their refusal to upgrade, attackers found out that the information to millions of people was readily available, and so they struck. However, no one at Equifax took notice, and the attackers had MORE THAN TWO MONTHS to access all of the information that they could ever dream of! Two months! With this information, the attackers could steal the identity of anyone whose information that they obtained, ruin their credit, and then take the money. All of this is because of Equifax’ carelessness regarding the security of millions of people.
    As if the security breach wasn’t enough, Equifax continued to ruin their reputation by partaking in some unethical actions. Some executives of the company, after learning about the breach, sold millions of dollars worth of stock before the announcement. Did they not think that they would be caught? It is honestly amazing to me how stupid these guys actually were to think that they would get away with insider trading, one of the most unethical and shady things that a businessperson could possibly do. Equifax also had millions of people sign up for a year of free identity theft protection (how nice of them), but in the user agreement, the user had to waive the right to sue Equifax if their identity was stolen. Finally, and probably most infuriatingly, Equifax built a website where people could go and enter their information, to check and see if their data had, in fact, been compromised in the first place. The only thing is, the website is a complete joke, and it returned a random answer for each person’s information. It just blows my mind that companies can be trusted with sensitive information, and treat a breach of that information, which was their fault by the way, like it’s all just a big joke.
    Equifax’ mismanagement of this situation could potentially ruin people’s lives, and they are becoming less and less reputable by the day by involving themselves in shadier activities. The information that they lost was not just a bunch of names, numbers, and addresses, it was people’s lives. Over the next several months, we will see how the situation ends, but as of right now, I think that people need to rethink how and where we store our personal information. Relying on corporate big-wigs is obviously not the solution, based on Equifax’ behavior.

  9. zonghao li September 22, 2017 at 12:13 pm #

    As information become more and more intangible (from floppy disks to hard drives to cloud), the accessibility increased, but it comes with the price of increased vulnerability. Recent events of hacking such as the ransomware hack that hit 100 countries even impacted British hospitals and real lives. This ransomware strike happened around Spring, and was because of an exploit in older versions of software. Personal computers aside, many government-use computers use older versions of Microsoft Windows, and that allowed malicious hackers to exploit.
    In a similar mistake, Equifax failed to apply an update just 2 months late, leading to a breach of “143 million Americans, 44 million Brits, and an unknown number of Canadians.” And the public scandal does not end here, as Equifax made mistakes in post-crisis management. Equifax offered two remedies: offering customers a 1 year free identity theft protection and creating a website to let people check if they got hacked. Yet both of these remedies were just a ploy for the company to get out of their mess. The 1 year free identity theft protection comes with a sneaky “you waive your right to sue us” clause, while the website that checks for data breach is found to give results at random.
    Therefore, the most obvious conclusion seems to be needing to be aware of such possibilities yourself and subsequently doing the most preparations and leaving the rest to fate. Because after all, there are some things we don’t have a choice to as long as we are a citizen of that government. Equifax is an example, as it was one of the three corporations that the United States government trusted to handle its nation’s most sensitive data.
    But there are still things that we can do, and we should focus on them instead of worrying about the next big data breach. One step we can take is that we can freeze our credit. Because the biggest issue with identity theft is that people would need to work hard to fix their damaged credit. In this case, the right thing to do is to get credit reports and check if your credit is affected as a result of a third party. But in the end, it all comes down to freezing credit and protecting it from malicious intent.
    Of course, just like there is no completely secure technology (man made technology can be countered by man made technology), there is also no complete damage reversing remedy. At best, when these incidents break out, we can only do the best to patch up the damages. But this calls to a bigger question. To what extent should companies hold our data if our data is not completely secure? Perhaps in other countries in the world, privacy may not be looked at with importance, but in America, this is undoubtedly a big question to consider. But when even the United States government covertly engages in privacy invasive practices (as Snowden revealed), there is not much to do as an individual currently. Of all the actions we can take, there is no real course of action to avoid Equifax holding data on you, unlike your decision to sign up for Facebook or other social media services. However, this highlights the importance of governments. And if the spirit of democracy does not fade in the United States of America, there will be some way out of it.

  10. KM September 22, 2017 at 2:25 pm #

    Quincy Larson’s article “The Equifax hack and how to protect your family – all explained in 5 minutes” brings to light the severity and potential far-reaching effects of the recent data breach of Equifax. Larson details the timeline of the breach starting with the patch released by Apache Struts on March 7 that was meant to correct the vulnerability in the system that Equifax was using. Larson then goes on to note that the patch was never applied, leaving the vulnerability exposed in Equifax’s system, through which hackers were able to extract the data of nearly 200 million people. It wasn’t until July 28, when the breach was discovered, that the patch was then installed. Doing the math, this is 143 days after the patch was released! Another 38 days passed before Equifax notified anyone of the breach.

    Larson also touches on additional actions taken by Equifax that further shed light on their poor business practices such as: offering free credit monitoring but in accepting the monitoring you are waiving your right to sue, issuing pin codes that are the time stamp of when you froze your credit report, and having executives that participate in what appears to be insider trading by dumping $2 million dollars in stocks before disclosing the breach. (Larson) Lastly, Larson goes over steps that everyone should take in order to protect themselves and their family. The five things that he recommends everyone do are as follows: “freeze your credit”, obtain a copy of your credit report as soon as possible, “have a birth certificate for everyone in your family”, “file your taxes promptly”, and be on guard when contacted by strangers. (Larson) He makes an important point at the end of his article that identity theft has become more mainstream and that it is important to maintain your guard to protect your own security.

    I think that Larson’s article brings to light a very important part of the Equifax breach: the failure of Equifax to act. As Lily Hay Newman discusses in her article for Wired magazine “Equifax Officially Has No Excuse”, this failure to install a patch and fix a known flaw coupled with other discoveries is painting a “picture of negligence” on the part of Equifax. By not installing the patch Equifax basically allowed for the most sensitive information for almost 200 million people to be siphoned from their databases. This was not a zero day vulnerability. As Larson noted, the developers of Apache Struts were aware of the issue and released the fix, but it was ignored by Equifax. It was not until after the fact that Equifax then felt it was time to act and install the patch. At that point it was too late. It is possible that this was a completely preventable breach but rather we, the individuals, are all now left scrambling to try to protect whatever pieces we can. While there have been massive breaches in the past, most notably Yahoo, Target, and Heartland, to name a few, it is the information at risk that has made the Equifax hack one of the worst breaches ever according to Seth Fiegerman in his article on CNNMoney “The biggest data breaches ever.” I believe that now is when we need to have a serious conversation about the protections we have as consumers and individuals, and the legal responsibilities that businesses have in maintaining our most sensitive information. I am interested to see what penalties and charges, if any, will stem from this massive breach.

    This leads me to the next point that Larson makes in his article that we are all essentially going to pay the price, as individuals, because it will require many hours on our part to attempt to protect our identity. I know how difficult this process is as an isolated circumstance as I have had to go through it before, but now I’m trying to imagine how difficult it becomes when you are competing with millions of other individuals to accomplish this time sensitive task. I agree with Larson that it is important to follow these steps but what I think some of us fail to recognize is that this needs to be an ongoing process. We can be vigilant today but we cannot afford to slowly slide back into complacency. There is nothing preventing the individuals who obtained the data in this breach from waiting years to attempt to steal someone’s identity. Yes, there is an immediate need to protect yourself and your information but it should be a continual process. In the end, this is how we can be our own best line of defense.

    I think that Quincy Larson raised many good points in his article and provided the reader with the steps to attempt to manage their own situation regarding their personal data. It is true that it may be time to revisit our identification system as a country and begin to consider multi-factor authentication, as Larson mentions. Unfortunately, this opens the door to greater privacy concerns and requires further careful consideration of just how much personally identifiable information we are willing to part with if there are future breaches.

    Works Cited

    Fiegerman, Seth. “The Biggest Data Breaches Ever.” CNNMoney. Cable News Network, 7 Sept. 2017. Web.

    Larson, Quincy. “The Equifax Hack and How to Protect Your Family – All Explained in 5 Minutes.” FreeCodeCamp. FreeCodeCamp, 15 Sept. 2017. Web.

    Newman, Lily Hay. “Equifax Officially Has No Excuse.” Wired. CNMN Collection, 14 Sept. 2017. Web.

  11. Chris O'Handley September 22, 2017 at 4:20 pm #

    The Equifax hack is one of the worst security breaches in the history of the U.S. Nearly 200 million people including 143 million Americans were prone to this breach as attackers were able to gain full access to people’s records. These records include a person’s full name, social security number, birth date, driver’s license number, and both current and past addresses. This is all the information a thief would need to steal someone’s identity, take their money and destroy their credit. Possibly the most frustrating part about this breach is the way Equifax handled it. For starters, the breach could have probably been avoided if the corporation had simply applied the “critical security patch” Apache Struts released on March 7th. Instead Equifax refused to apply the patch. In May, attackers began to realize Equifax was vulnerable and started gaining access to their data. Attackers had full access to all of the records for more than two months before Equifax finally realized their system had been breached. It took them another 38 days to announce the breach to the public. During these 38 days, instead of trying to find a solution and/or warning customers about the breach, the corporation’s executives sold nearly $2 million dollars worth of stock. In short, Equifax knows they screwed up big time and they are not handling it very well. As if this was not already bad enough, the corporation set up a website for people to find out if they were victims of this hack but it was quickly discovered that the website was answering randomly, not actually determining who had been and who had not. On top of this, Equifax offered their customers a free year of identity theft protection provided that the customer forgo their right to sue the company. Only they did not explicitly state this but instead hid it in the fine print. Equifax’s remarkably poor handling of this entire situation has put millions and millions of lives at risk and could pose huge threats for the immediate future. Identity theft has already been a significant problem, the rate of this crime was already rising, and this latest security breach is certainly not going to help. Unfortunately there is no way to know for sure if you have been affected but there are several precautions you can take to try and prevent your identity from being stolen. This latest breach is just the latest hack we’ve seen but it is also the most critical. As the advancement of modern technology continues to progress, so does the ability of attackers to hack into that technology. Hackers often times know more about the technology they are hacking than the people we are paying to protect it. This raises the question of whether or not it is smart to continue trusting companies such as Equifax with such crucial personal information when we know there will never be a way to ensure that this information remains confidential. The advancement of technology seems like it is making life easier and more convenient but in the long run we may see that trusting technology with such vital information can be more dangerous than we realize.

  12. Nicholas Birchby September 22, 2017 at 7:06 pm #

    Equifax is one of the three largest credit reporting agencies in the country. They have been operating as such since 1989. On September 8th, Equifax announced the news that they had given up the largest data breach in history. Equifax was given a security update, which they failed to apply for about two months. Hackers saw this weakness, and begin to steal data from the Equifax databases. Hackers were able to see 200 million different people’s full names, social security numbers, birth dates, current and past addresses, and driver’s license numbers. Due to Equifax not applying the security update, 200 million people’s lives are being put at risk. With all of that information you can completely empty people’s bank accounts, steal their identity, and ruin their lives. The suspicious part is that Equifax knew about the hack for 38 days without saying anything. During this period, company executives sold about 2 million dollars in company stock. This is an example of insider trading, which is making market deals based off of unrevealed facts. Government officials are not happy about this breach, and one law firm is launching a 70 Billion dollar class action law suit against Equifax. Many experts are saying that since Equifax does not know who has been affected, that you should freeze your credit score to prevent a disaster. Identity theft can take years to recover from and sometimes credit scores are permanently damaged. Freezing your credit score is the best plan because you can still continue to use your credit card and pay existing bills, while preventing any new loans or debts from being taken out. So if a hacker does have your information, it will practically be worthless. Once this crazy mess has been solved, it should be quite easy to unfreeze your credit score and return back to normal. Another good tip to remain safe is to make sure you have a valid copy of your birth certificate in a safe place. The best place being a safety deposit box at a bank, or in a safe hidden at home. An easy way for a hacker to steal money from you is by filing your taxes as you, than collecting your tax returns. The best way to avoid this would be for you to pay your taxes as early as possible, so if they do attempt to steal from you, they will be caught. It is very important that you never give out any personal information to anyone. Your personal information could be anywhere at this point, if someone calls you on the phone and says they are from the government, do not trust it. Hackers could be calling to try and take even more information from you, always be on alert and suspicious. This security breach is very scary because millions of lives could be destroyed by this. There is no telling how much money Equifax has already cost its customers. The best case scenario for anyone involved is still going to be hours of paper work and headaches. It truly surprises me that a credit reporting agency as large as Equifax could be so mindless to not apply a critical security update. Now the whole company is paying for it, as they will most likely end up falling apart.

  13. Arielle Fortes September 22, 2017 at 8:30 pm #

    Survival and protecting yourself has always been a human instinct. When humans first started out the only thing you would need to protect yourself from was the threat of dangerous animals and the physical attacks of other humans. Now the world has significantly changed due to the nature of today’s world. We have in the twenty first century have developed into a technological based society. And unfortunately attacks have also turned to be non-physical attacks. When your society has everything based on the internet it is easy to see that people will take attacks to where they can get an advantage from it. Since we are in a technological world, people who take these attacks are called hackers and use their advanced skills to take information and use it for their personal gains. One attack has had a huge impact and has been in the news lately that has been committed by Hackers is the Equifax Hack.

    Equifax is a consumer credit card reporting company industry that reports your credit score. It is one of the oldest credit card companies in America and also one of the biggest used companies. The other two companies are Experian and TransUnion. These three companies were given information by the U.S. government which was extremely sensitive in 1989 ( However, Equifax decided to not be vigilant and were taken advantage of by extremely smart hackers. This is one of the worst data hacks in the history of cyber usage. The hack came from the framework of the website that Equifax used. Equifax’s framework was Apache Struts which is a framework used by many companies. But, when the Apache Struts told the companies to apply a patch Equifax did not. A patch is what a software company uses to update a problem which could be taken advantage of. If this company was not as big as it was or as important as it was it would not be such a problem as it is currently. The company lost so much sensitive information that could be used for identity theft, so that people could lose everything that they have built up over the course of their life. The information that was stolen include social security numbers, past addresses and current addresses, birthdates, and full names. The sheer amount of people who lost information is staggering. Around “one hundred and forty three Americans, forty four million British citizens, and an unknown number of Canadian citizens” ( have lost their information to these hackers.
    However what is worse is that people do not know if they are actually are affected by the breach. Equifax has not been giving very satisfactory answers to the questions that many people have, and have also not been acting very satisfactory. First, the company did not actually tell anyone that they had lost the information until much later. Then, executives sold the stock worth about two million before the company told anyone they had lost so much information. This, in my opinion may have given the impression that the company as whole cared more about profit. In addition, the company made an offer so that customers would have a year worth of identity protection. When people looked a little closer they found that the company included something in the fine print that said that the customers can no longer sue the company. The company also put up a website to see if the customer was hacked and unfortunately people found out the website was answering very randomly. Many people do not know if they have lost their information at all.
    There is a way to make sure that you are protected. The way to protect yourself is not through Equifax’s help. Freezing the Credit Score will help. I think that there is always a chance that you are affected and staying vigilant and keeping aware is going to help the situation. Being careful is going to make sure that people stay safe. You should be cautious if people call you and know your information since now your information is out there. To conclude, I believe that to be careful even though the breach is not your fault will make sure that you can be even a little bit safer.

  14. Michael Dias September 22, 2017 at 9:17 pm #

    There are many actions we can take to try to make our lives and safety as secure as can be. We buy home alarm systems, car security systems, and many other types of “systems” that supposedly make our lives easier and helps to protect our property and well-being. We entrust our lives and welfare to these companies that promise to guard and protect us from any and all threat, but what happens when these same companies begin to care less about your safety? Take Equifax for example; only months after a critical security patch was released did they actually bother to patch their systems. No big deal right? Wrong. In May, hackers discovered this and realized that Equifax was vulnerable to attacks, and that is exactly what they did. Over 200 million people in total (143 million Americans, 44 million Brits, and an unknown number of Canadians) had their personal information completely available to anyone willing to dig for it. This included full names, social security numbers, all addresses, birth dates, and driver’s license numbers. That is absurd! There is enough information there to ruin a person’s whole life for years to come! What is even worse is their failure to disclose the information until 38 days passed after they discovered the breach… on July 29! Let us take a quick count; the patch came out on March 7, hackers discovered Equifax’s vulnerability in May, Equifax only discovered the breach on July 29, and only disclosed this information 38 days later around September 5. That is 2 days short of 6 months before they told anyone, and their systems were open to attackers for over 2 months! How much else is going on behind the scenes that we do not know about? Credit companies hold arguably the most important information about an adult’s life, and when things like this happen it may cause much distress, and can even lead to an uprising against such companies. How are you supposed to trust a company that will not even tell you when your security is at stake?
    Furthermore, Equifax then went on to offer a website that tells you whether or not you have been hacked. After testing this website, people have come to find that it randomly generates a yes or no answer to whether or not your information was accessed. This is beyond ridiculous, and I honestly believe things like this are only going to get worse. As our lives and communities become more and more dependent on technology, it means all our information to everything in our lives will soon be online. All of it. From birth certificates, to what you ate, to where you used the bathroom, etc. Technology is advancing at an alarmingly rapid rate, and that is scary. The rise in technology, also means the rise in those who are experts at it.. and not in a good way. Hackers have been around ever since the beginning of technology, and they are well informed and well equipped in order to evolve along with it. Imagine years from now when every piece of vital information about your life is online. What would happen is a breach like this occurs, and someone on the other side of a screen gets access to it with malicious intent? Imagine if you save up your whole life, at least 30 years of wages, and when you finally go to retire your credit and bank company/ies fail to keep their systems and security up to date. Hacker-man then comes across a “hint” that the bank you are using is wide open for him to come in and do as he pleases. Next thing you know, BOOM. Everything you have ever saved and worked for is gone. You are too old to work now as you are reaching the age of retirement, and do not have any money to support yourself for the years to come. Is this really what we want to happen? There should definitely be repercussions towards Equifax and other companies that have had similar occurrences happen to them. It is necessary in order to avoid anything else like this from happening, especially to over 200 million people.

  15. Doris Motta September 23, 2017 at 3:22 pm #

    Our most sensitive personal and finance information is currently administered by three major bureaus, Equifax, TransUnion and Experian. They have been since 1989, when the U.S. Government decided to provide each of us with a FICO credit score. The purpose of the score is to be able to determine if a creditor or lender can allow us to borrow funds.
    Unfortunately, Equifax had a data breach on September 8. This has more than likely affected almost all of us, as it “affected 143 million Americans, 44 million Brits and an unknown number of Canadians.” These records included highly sensitive information. Information these hackers got access to include, “full names, social security numbers, history of addresses, date of births and drivers license information.” Considering how much of our information they retrieved access to, this isn’t something to take lightly.
    What is more surprising is how this breach occurred. “On March 7, a critical security patch was released by developers of Apache Struts.” Equifax somehow failed to apply this patch and that made them vulnerable. This negligence allowed for the attackers to gain full access to almost 200 million people’s records. This was not corrected on Equifax’s behalf until July 29 and it took them over a month, 38 days to be exact to disclose this to the public. I find this very questionable and how was it possible for such a large and what should be reliable company, fail like this.
    After being informed that one’s own information could be at risk, it is “highly recommended for every adult in each household to freeze their credit. It will cost $10 each but it is better to protect your own information to the best of your ability right now, than to regret later that you did not. Not only should we be taking personal action but what is going to be happen now? How can we feel reassured that everything necessary about us has been in the hands of someone we do not know?

  16. Lucas Nieves-Violet September 24, 2017 at 2:27 pm #

    Electronic servers are great until they fail us. Relying on technology means you need to be able to trust it everyday keep it safe from not only thieves but millions of cyber attacks as well. More importantly though if millions of Americans put their identities and lives into three companies, those companies need make sure that their data is safe and secure. Not only because those files and information carry our lives but additionally because that very data they protect does not belong to them it belongs to us.
    The matter is more about how a company can let the lives of millions of Americans be endangered for well over two months as described in the article by Quincy Larson. Thinking about it now I don’t think I have ever been comfortable with the government knowing any personal information about me in the first place. Moreover, though I am not ok with them storing all of our data, basically who we are, in only three companies. One would think saving the lives of 143 million Americans would be a move that is sporadic and not done in only three companies, “Don’t put all your eggs in one basket.” Although according to Larson Americans were not the only ones affected people who aren’t resident or have citizenship is the U.S were affected as well. Larson describes that additionally 44 million Brits and Canadians information were exposed; this is not just a national issue anymore, this makes it International and known to the world.
    The hack was bad the hack was horrible “The worst in history” Larson states. However what I think is worst, is the cover-up. The cover-up is the most disgusting part of the crime and shows how important and how greedy some people are. The fact that one of the first moves Equifax Execs made was sold/dump their stocks not only shows what their priorities are but also shows us how meaningful the lives the of 143 million Americans are. When Equifax first found out about the breach two months after they finally patch it but they decided to cover their tracks again by letting an additional 38 days go by before telling anyone of the breach. Nevertheless, there is more the cherry on top of the cake is that they decided to issue new terms and privacy agreement which honestly no one reads. The agreement came with a deal, Equifax would offer its customers, they would provide 143 million Americans free identity theft protection for year. Little did the millions of Americans know that by accepting their deal they were waiving their right to sue the company in case of a hack. Like the one that had occurred a couple of months back. It may have seemed like a smart idea at first I must say. However, if you think about it harder we’re talking about 143 million Americans, Equifax should have known that “Bad news travels fast.” If it weren’t the bad news, then it would only be a matter of time before one of those 143 million American came across the terms and read the fine print to discover what had happened.
    Equifax took other measures of course to hide their enormous breach, but once the public was on to them, those actions came to no avail. In the second part of the article, Larson describes the necessary steps and precautions we should take to ensure that our information hasn’t been stolen. The reason why this matters is “A stolen Identity” is tough to recover. By having this breach Equifax exposed sensitive information of each American, which then made it easier for thieves to access bank account, records and, credit cards. While the steps given to us by Larson are helpful, they are not ideal as some people have loans to pay back and freezing their account would put them in jeopardy. Not being able to apply for a loan is a big one and everyone has different financials which affects each of those 143 million Americans in a variety of ways. Are we truly safe knowing that the government trusts only three companies with millions of identity knowing that one of them is looking after its own benefits rather than their fellow Americans ?

  17. Leslie T September 26, 2017 at 11:16 am #

    It is incredible how one mistake from a consumer credit reporting agency like Equifax is costing not just Americans their personal information, but individuals worldwide. If Equifax had taken the time to apply the security patch, millions could of still rest easier that their personal information is still protected safety. It is unbelievable that the government put the responsibility of such personal information in the hands of Experian, TransUnion, and Equifax, knowing there could of been a security breach if proper precautions were not met. If the government is allowing these agencies to use such private information, at least there should be stricter regulations in terms of maintaining cyber security so there are no threats of data breaches. Situations like the data breach with Equifax really asks the question on how reliable these agencies are with securing information and puts extreme doubt on society with these agencies like Equifax. Is it still a wise decision to trust agencies with private information? Should they be more monitored and regulated to see if they have updated security?

    It is shameful how businesses and agencies can behave in such an unethical way after situations like these can occur. Fact of the matter is that this breach happened in July, then the security patch was apply and society is just discovering this now is extremely shady and really asks the question of why they kept secret for about 3 months. According to Matt Egan in “Equifax CEO Richard Smith is out after stunning data breach” mentions that “The credit reporting bureau announced Smith’s sudden retirement on Tuesday, three weeks after it disclosed that the hack had compromised the personal information of as many as 143 million Americans.” It is obvious that a new type of leadership is required to handle Equifax’s situation. In addition, instead of offering assistance to try to restore their reputation, Equifax had attempted to offered consumers a year of free identity theft protection but slipped in that they could not be sued if consumers took that road, so who is looking out for who here? Similar to how society locks their cars or homes, there should be the same lock on protecting identity and not being so trusting or naive that something like a data breach can’t happen.

  18. Jimmy Bedoya September 26, 2017 at 4:19 pm #

    The world has been advancing in the last century tremendously. Whether the advancements be industrial, technological, physical or moral, the evolution humanity has embarked on is apparent. Some might say these advancements have been detrimental in pushing our planet in a positive direction, while others will argue they have existed solely as a burden on Earth. Whatever the case may be, there is more than enough evidence to realize that although the benefits are vast, the cost and risks of some of these actions are extremely high. This completely diminishes the objective of advancing in the first place due to the fact that the costs outweigh the benefits by a long shot. An example of this setback can be seen within the Industrial Revolution. Although the revolution was instrumental in creating jobs and increasing work productivity, there were many dangers employees had to face both temporarily and permanently. However, the issues did not just stop with the employees; the planet was affected beyond a point of return, reshaping the environment and atmosphere. The Industrial Revolution managed to drastically increase contamination of both the air and water and heightened the pollution amount immensely. By the year 1950, the carbon dioxide count increased to 310 parts per million directly influencing the change in climate. Now climate change stands as a huge dilemma for the entire planet and will potentially determine the existence of any living organism in the years to come.

    As if the dangers presented to the environment were not bad enough, now humanity faces an even bigger issue on a much more personal level. Equifax, one of the three largest corporations holding biographical information of almost the entire world, was hacked. According to Free Code Camp, on September 8th Equifax announced that they were hacked and it is reported to be the largest and worst data breach in history thus far. According to the website, Equifax failed to apply a critical security patch that the developers of Apache Struts formulated, and from there on occurred a snowball effect. For more than two months Equifax was vulnerably operating, and when hacker discovered the vulnerability they took advantage. Hackers were taking data from Equifax’s vast amount of data, and for two months had access to the information of 143 million Americans, 44 million Brits, and a large number of Canadians. The information these hackers had access to contained things such as names, addresses, social security numbers, and driver license numbers. On top of failing to apply the path, Equifax also failed to report the problem immediately, giving hackers more than enough time to do as they pleased with the information. Apparently, Equifax had discovered on July 29th, applied the patch, and then waited another 38 days before releasing the bad news to the public. Now according to Free Code, during the time before the announcement, Equifax had sold 2 million in stocks, offered their customers 1 year of free identity theft protection with fine print stating customers waived their right to sue and created a “Did I get hacked” website that answered customers randomly. Now customers nationwide are concerned deeply with both their identities and credit scores. In my opinion, it was a bad idea from the beginning to store everyone’s biographical information, let alone storing this vast amount of information into just three websites. Just the concept in general poses as a bad idea, because people’s personal information should be limited to solely their knowledge and no other being, entity, and/or corporation. I understand that in order to keep track of everyone, it is the country’s responsibility to keep this info stored in databases, however, the databases should be in the hands of the government and not a business who can sell this information to other companies. This is unfair to many citizens of the United States who believe in keeping their personal lives and personal information discrete. In many cases, companies looking to find out more about a potential employee also use this personal information to determine a hire. They buy the information from these companies and then make an overall decision on whether the person might be right for the job or not. It is my firm belief that this is the worst way to decide on a hire because the information regarding this person could be old or just simply inaccurate. I will not disregard that in some cases the information could be accurate and could potentially save the company/business time and pain, however, I believe companies should hold a different type of evaluation for potential employees. If referrals are not enough, perhaps having the person go through a serious of interviews and a training program both physically and mentally would be sufficient. Then an explanation on the company’s part about the importance of reputation would be great for the person to make sure all he/she does is done carefully and respectfully. Unfortunately, companies, like people, have their preferences on how things are done. The best people can do at this point is to follow the suggestions given by Free Code Camp. They are suggesting that people freeze their credit scores, file taxes promptly, have a copy of everyone in their household’s birth certificate, while remaining aware and vigilant to any strange calls that could be trying to get more information out of you.

  19. Joane L September 29, 2017 at 5:14 pm #

    As consumers, we trust all 3 credit bureaus to protect our sensitive information, however, knowing that this data breach occurred because Equifax deliberately ignored to install the security patch, raises a lot of questions about their integrity. The worst part is, they had no shame in trying to hide their mistake and somehow wanted to make us look responsible for it. This mishap seems to be bigger than we see it in the news and even in this article. Yes, solutions are provided to help us protect ourselves from being victims but the damage is already done, all of us are vulnerable. Paying to freeze our credit, and monitor every transactions made on our accounts can only do so much.
    If we do not know at hand the motives behind this hack and why did Equifax ignore the security patch, how can we trust that the other credit bureaus have not been targeted? And also, what about the collection agencies who have access to these sensitive information and sells them to third parties? As a people, we should take a stand on how these big corporations are taking advantage of our data to do what they please. They have they say so in how our info is shared and what they will and will not do with them. When we sign those contracts with financial institutions for installment loans, etc. we are often told they as consumers, our rights and protections are their top priorities. Yes, all of these promises look good on papers but then when reality hits, just like with Equifax, all we ever get are more false promises on how hard they are working to fix the issue.
    Think about, we never had any say so as to why these credit bureaus needed so much of our personal information just to issue a score that will allow us to afford a decent living. Not even knowing how those scores are calculated. The government should be the one to take responsibility for this mess, because they are the ones who transferred our info over to the credit bureaus. Instead of charging us to freeze our credit, and putting us at even bigger risk, they are to find a way to help each person resolve this issue.

  20. Gabriel Gonzales September 30, 2017 at 7:00 am #

    With the recent Equifax security breach, the general public has been in an uproar over the security of their finances and identity. The article hits on a crucial point that most people don’t want to admit to be true, but it is safe to assume that their information has been taken. In terms of cyber crime, it is difficult matter to deal with. It is safe to assume that if the hackers are intelligent enough to hack a multibillion dollar corporation with the means to secure their info systems, then they are smart enough not to leave any breadcrumbs that would lead to their arrest. Tracking down an internet hacker is like trying to find a needle in a haystack. To make matter worse, if you consider all the legal implications, cyberlaw is still relatively new as is struggling to keep up with the ever-changing landscape of technology especially the internet.
    I had a gist about the whole Equifax debacle, but what really had me fuming was the fact that Equifax knew they were hacked and withheld this information from the rest of the world for 38 days. In hindsight, the business probably didn’t want to cause a mass hysteria, but this is personal information that was leaked that we as the public entrusted to stay safe. People’s personal security is at stake. Nowadays, you would be a fool to believe that everything is private when it comes to information online, but the company’s goal is to store information, vital information. You would think their first priority would be top notch security and checking for any possible backdoors that would lead to a cyber attack, but because of their lack of urgency, people don’t feel safe at all. They are worrying about not being able to take a loan out on the house due to “their” bad credit, or even something as simple as going grocery shopping in fear their card will get denied. To add insult to injury, Equifax tries to cover their tracks by offering free identity theft protection with a clause that waives your right to sue them and a breach protection system that’s all smoke and mirrors. I find it comical how a company who had one of the worst cyber attacks in history is going to offer me protection of any kind.
    It’s easy to say that we didn’t see this coming, but that would be a lie. A huge corporation with that much information at their mercy is such an opportunity, I don’t blame the hackers for doing what they did. I put the burden of blame on not only on Equifax, but the public as well. We cannot be prepared for everything, but we must be prepared for anything. Anything just happened, and people have no plan. I’m not trying to be a hypocrite because it’s safe to assume I am a victim as well. The reality is it’s done now what is the next step. I actually appreciated the article’s emphasis on private information becoming public knowledge. It is a great mindset to have in today’s world as it is difficult to distinguish who is trustworthy in the world. You don’t know people’s true intentions. Your next phone call from your “bank” could be the end of your financial security as you know it. For now, our only option is to stay vigilant and thanks Equifax for “assisting” us.

  21. DC September 30, 2017 at 10:47 pm #

    Quincy Larson’s article, “The Equifax hack and how to protect your family – all explained in 5 minutes” revealed some surprising flaws in our credit security system. Anyone who has used a credit product, such as a credit card or a loan, receives a credit score. An individual’s credit score is a quantitative representation of their financial trustworthiness. Lenders use individual’s credit scores in their decision to offer credit. An individual with a higher credit score is interpreted by the lender to be more likely to repay their debts compared to an individual with a low credit score.

    Since 1989, the government gave the responsibility of storing everyone’s credit information to 3 financial firms: Experian, TransUnion, and Equifax. On September 8th, Equifax announced that they had been hacked and nearly 200 million people’s credit information was accessible to hackers.

    One of the reasons Equifax was hacked was because of their failure to apply a new security patch to their security system. The patch was available since March 7th, but Equifax didn’t apply the patch until July 29th. It was during those months that hackers realized Equifax was vulnerable to attack and gained access to millions of people’s credit information.

    After discovering the security breach, Equifax engaged in several sketchy activities. First, Equifax failed to inform the public about the breach for 38 days. During this time Equifax executives sold $2 million in stock in insider trading. In addition to this, Equifax attempted to get consumers to “waive their right to sue” by offering consumers 1 year of free identity theft and camouflaging the terms to this agreement in the fine print. Equifax also made a “did I get hacked?” website that answered yes or no randomly. Lastly, once people started to freeze their credit, Equifax assigned consumers a security PIN that was simply a 10-digit number representing the date and time they froze their account. For example, if someone froze their account on September 30th at 9:30am their security PIN would be 0930170930.

    This breach and the actions of Equifax revealed to consumers that our security systems need to be improved. Technology is constantly being improved and with these advancements comes more tools for hackers to use. Our on-line security systems should be advancing at the same rate technology is advancing. Our most important records should be stored in the most up to date security system at all times. This would prevent hackers from being able to access out of date systems, which was the case in this Equifax breach. Another aspect to consider here is the people in control of these security systems. There was obvious sketchy behavior amongst the Equifax executives that led to more individuals being hacked. These executives should be observed more closely to minimize selfish and malicious behavior.

    There are several actions that consumers can take to minimize their chances of getting hacked. As described in the article, birth certificates are individual’ ultimate identifiers. Everyone should have a copy of their birth certificate in a safe, secure location. Another important step in avoiding hackers involves filing taxes promptly. This prevents hackers from filing taxes on someone else’s behalf and claiming their income tax refund. Consumers should also be skeptical of contact from strangers. After this hack, people should assume that their private information is public information and can be accessible to anyone. Therefore people may not be who they say they are and could be attempting to extract more information from who they are contacting.

    Our nation’s security system needs to be improved. Perhaps every individual could receive an additional identification marker. Or maybe our social security numbers could change every so often to increase our security. Another way to improve consumer’s knowledge about security could be to require schools teach about credit security. That way more people are taking precautionary measures and less people are likely to be hacked. In summary, a more secure identification system needs to be investigated. Hopefully this Equifax breach will result in more cautious consumers and will decrease the chances of future hacking.

  22. Vincent Anzevino October 3, 2017 at 5:02 pm #

    The Equifax hack is a perfect example of the current ethical and societal conflicts with technology. As the largest data breach in history, this scandal instantly puts hundreds of millions of people at risk of identity theft and income tax fraud. Private information being stolen is not a new phenomenon and we will continue to see similar cases in the future. The scary part about this breach is knowing how much information was released and not only that, but the fact that once these records are released there is no going back. I’ve heard some people blame advances in technology for this. But the luddite argument is not reasonable at this point in civilization and we need to find ways to coexist with technology rather than trying to defeat it.
    Hacking is usually a vulnerable issue where people tend to blame the hacker rather than the holder of private information. Equifax is placed in an interesting position at the moment since it was originally a victim of data breaching. But, we’re talking about a company recognized by our government that holds sacred information on behalf of the American people. When you look at a corporate controversy like the Wells Fargo account fraud scandal, management for the banking service directly risked its employees and customers for personal gain. This wasn’t the case for Equifax at first. Their IT department is most definitely being questioned at the moment for letting this slip and I wouldn’t be surprised if many were fired at this point. But, Equifax is clearly handling this situation very poorly as stated by the article.
    First off, the article points out to my astonishment some of the suspicious behavior committed by Equifax executives. Waiting over a month to inform people of the breach is a major disservice. Like the CNN article it referenced, this is one of the three credit agencies recognized by the U.S. government. This hack affects everyone in the country, not just a select group of customers and stockholders. Also, I guess waiting 38 days is the amount of time an executive needs to sell $2 million in stock. This scandal is more than an invasion of privacy, it’s now a narrative of the unethical corporate decisions that result in poor management.
    When Equifax first introduced their “did I get hacked?” website, I questioned how accurate it could really be. Not to my surprise, the website was proven to be answering randomly. In essence, Equifax would rather you ask a magic 8 ball if you got hacked rather than asking them. But I think the ultimate nail on the coffin is how once you freeze your credit, Equifax assigns you a security PIN which just happens to be a timestamp. This system is now instantly proven to be weak in protecting people’s accounts. Passwords and PINs should be case sensitive especially in this situation, since we are talking about the largest data breach in history. Equifax showed little regard toward cybersecurity and their incompetency is a sign of poor risk management.
    While the article provides effective advice on how we should react, the most interesting parts of this piece were the revelations of suspicious behavior on behalf of Equifax. The information is out now and there is no going back. I think this data breach may follow people for decades and many cases of identity theft or income tax fraud will trace back to this moment. Hopefully this scandal will strengthen processes in risk management, especially when talking about cyber-related issues.

  23. Valerie Dorsett October 5, 2017 at 4:05 pm #

    Have you ever been hacked? Being hacked used to not be so common, however, in today’s world hacking takes place more than people would like. The most recent and most popular hack that has taken place is the Equifax hack. Equifax is a consumer credit reporting agency that contained information for over 800 million individuals. It is most likely that if you own a credit card that you are one of millions who are now at risk. Many people are very worried and are looking for ways so they can protect themselves after this attack. Quincy Larson wrote the article, “The Equifax hack and how to protect your family-all explained in 5 minutes.”
    On September 8, 2017 Equifax, which is one of the three giant finance corporations, announced that they got hacked. According to the article this hack is, “the worst data breach in history,” which means that in our history of finance and security there has never been a hack so terrible. Back in July when the Equifax website was having issues, the company never decided to fix this problem. I find this very irresponsible of Equifax. The company knows that they are responsible for many individuals personal information, and yet they did not fix it and let themselves stay vulnerable to attacks. The article mentions that attackers during this time took the opportunity and were able to get a hold of first and last names, social security numbers, birth dates, current and past addresses, and driver’s license numbers. This is enough information for an attacker to take your stolen information and cause some damage to your credit cards and life. I think that it is ridiculous that this information did not get released to the public as soon as it occurred. Many people were affected and probably did not know about it until it was too late.
    Many people are asking, how do I know if I am one of millions who got attacked? Quincy states that, “There’s no way to know for sure. As we’ve established, Equifax is totally incompetent, and has no clue who has been affected,” which means that Equifax does not even have the power to see who is affected and who is not after this major hack. One thing the article mentions is freezing your credit card. Sadly, this is the only thing anyone can do so that way they cannot be used. However, this raises many questions for me. If the Equifax hackers got everyone’s information, would they not have the ability to look up whom the credit card belongs to and unfreeze it by stealing their identity? Plus, a lot of people will all be trying to freeze their cards around the same time which may take a while. The article also encourages people to check their credit reports. By checking your credit reports people will be able to see how their credit is being affected. This is smart because you will be able to check your credit faster rather than if you just waited for your credit card bill.
    Everyone in your family could be affected due to this security breach. It is important to make copies of your family members birth certificates. The article states that, “Birth certificates are the ultimate identifier of you as a human being. They have even more weight than drivers licenses and passports,” which means if you want to stay protected in case your identity was stolen, have your birth certificate safe so that way you can prove you are really who you say you are. It is also wise to be aware of who is contacting you. Just because the “government” is contacting you does not mean that they are who they say they are. I have learned from my parents to never open a link from an unknown source sending an email. Many emails can be designed to look legitimate when really, they are dangerous. Everyone should stay safe from this easy trick. The Equifax hack is something that everyone should be taking very serious. I would definitely follow all of these steps so that way my family and I can stay protected from any further harm.

  24. Steven Merrill October 6, 2017 at 11:48 am #

    This article discusses the Equifax Hack from the fall of this year (2017). It explains that about 30 years ago, the United States Government decided to place citizen’s very personal information in three main company’s storage sites. These are Equifax, TransUnion, and Experian. Although I do not believe that they thought these websites would ever be hacked by someone. It also explains that Equifax could somewhat considered to be at fault with this considering they did not fix a security patch to their operating program. During this time hackers were able to access around 200 million records. This information included: names, birth dates, Social Security Numbers and more. Equifax also waited a long period of time to tell the world it had happened, nearly 40 days. Lastly, the article discusses how everyone should handle the situation. These include freezing your credit, receiving a credit report, and to be careful who contacts you.

    This is a record breaking hack. For this amount of citizen’s personal information to be stolen is incredible. Everyone now has to be careful about using these sites to protect themselves. Although I do see that other companies will step up and say that they will be able to protect your credit better then Equifax, therefore it is a good marketing tool for them. One can see the possibility of LifeLock and other companies similar to this being able to take advantage of it because of their reputation of protecting personal information. Additionally, this sets a precedent for others to follow in the aspect that if an update needs to be added, it should be because thanks to not adding a security patch to their system, this is what happened to Equifax.

    Personally, I believe that this is incredible for something like this to even happen. How could a company wait two months to add a security add-on to their system to protect people’s personal information? Honestly what were they thinking? On top of that, they then waited another month and then some to tell the world that they were hacked! Some many citizens information is now in the wrong hands and that just is not good for our society. Overall, I hope to see criminal charges and civil lawsuits brought down on Equifax because they deserve each and every one of them.

  25. Jeffrey Khoudary October 6, 2017 at 12:55 pm #

    Ever since I can remember companies have been losing our data and it doesn’t seem like it is getting any better. On my fourteenth birthday, PlayStation was hacked and lost some of my data. People became very upset when they found out that PlayStation withheld this information from consumers for over a week. But hiding these breaches continued to happen. In 2013 yahoo acknowledged that hacked stole over one billion accounts It took yahoo over three years to come out and say every single account, totaling three billion yahoo accounts were hacked.

    I think the worst of these hacks was the Equifax breach. “Equifax discovered the breach on July 29, and finally applied the patch. They then waited another 38 days to tell anyone about the breach.” The break was one of the worst because 50% of American lost their data their most secure data like their socials security number and driver’s license numbers.

    I’ve never been one to like when our government puts restrictions on companies, but something needs to be done. PlayStation was only fined £250,000 for their breach in 2013. It was cheaper to get hacked and lose the people data then improve their security. In the Equifax break, executives had the time to sell $2 million in stock between the time they realized they were hacked and when they announced it to the public. Security needs to improve and when a data breach happens companies should be required to tell the public that they lost the data. Data security is an arms race between hackers and our companies. Our companies need to be needed to improve their defenses because all these hacks shouldn’t be happening.

Leave a Reply