The Equifax Breach and Cybersecurity

Posted on


The credit-reporting bureau Equifax recently saw its CEO retire after a data breach. The breach, which put almost 150 million Americans at risk, led to the exposure of private personal information on an unprecedented scale.

RKN Global’s founder, Ronald K. Noble, cannot stress strongly enough the risk posed by the Equifax breach and the importance—now, more than ever—of taking steps to try to prevent identity theft.

The breach endangered the personal details of almost 50% of the American population, including social security numbers, and in some cases credit card numbers and drivers’ licenses.

On October 3rd, 2017, Richard Smith, the former CEO and chairman of Equifax, was grilled by House Democrats and Republicans irate over the breach.  In March, before the breach, the Department of Homeland Security asked Equifax to patch up a vulnerability in its software.  The patch was not implemented, and further vulnerabilities were not picked up when Equifax’s security department ran a scan seven days later.

The former CEO offered an apology and asserted that the company is taking steps to enhance its cybersecurity practices.  However, Equifax’s handling of the situation—including a wrong link placed on its damage control website to help customers that brought customers to a phishing site—have cast doubt on those assertions.  Fortunately, the phishing site was run by a “good” hacker, who set up the site to show the weakness of Equifax’s security, clearly identified the site as a fake, and did not take customer information.

Customers should take steps proactively to freeze their credit at the three major credit agencies, and to be vigilant about monitoring activity in all of their accounts.  Relying on the good graces of Equifax—or any other company—appears to have been proven inadequate, to say the least, in light of recent events.



Continue reading