Stay tuned with CashEssentials news ! - beyond payments
By subscribing, you accept our Privacy Policy.

Millions of sensitive data stolen in a cyberattack

Categories : Cash is trust, Cash protects privacy and anonymity
September 22, 2017
Tags : Consumers, Cybercriminality, Hacking, US
Major credit reporting agency, Equifax, has been hit by an enormous data breach exposing sensitive data of thousands of customers.
Communication Team / Equipo de Comunicación

The credit reporting agency Equifax has been the target of an unprecedented cyberattack discovered last July. During the attack – which is believed to have started in May – millions of highly sensitive personal data were stolen by hackers, including names, financial data, social security numbers, addresses, birth dates and driver’s license numbers. The breach was made public only a few weeks ago.

The ongoing investigation suggests that the hackers could access personal data and files by exploiting a weakness in the Equifax website software, which was poorly protected. Equifax is one of the three major credit reporting agencies in the US, alongside Experian and TransUnion. It handles data of more than 820 million consumers and 91 businesses worldwide and manages databases of about 7,100 employers. During the attack, about 209,000 credit card details were stolen and personal information of 143 million consumers was potentially affected. According to cybersecurity experts, this attack might not be the largest led against consumers but it is by far the most worrisome as compromised data were extremely sensitive.

Last year, Equifax already suffered a cyberattack during which salary and W-2 tax form data were stolen due to a breach in its website, followed by a second one earlier this year affecting TALX – a subsidiary that provides payroll and human resources to some of the largest companies in the US. Security experts and consumers are extremely concerned about Equifax vulnerability and sharply criticized the agency for its lack of responsiveness after the previous breaches. A class-action lawsuit accuses Equifax of negligence and having deliberately failed to acquire latest security solutions to save money.

To respond to the crisis, Equifax created a website to help customers determine if their data were affected. Yet, instead of offering the sought information, customers are encouraged to subscribe for a one-year free identity protection service offered by the company. Equifax also opened a hotline – that is unfortunately always saturated as there are too many queries in relation to the number of operators.

Having such sensitive data stolen, especially when it includes one’s social security number, can lead to a series of problems for the victim including accrued debt in their name, denial of a mortgage or loan request, inability to open a bank account, and a scarred credit history. This of course is a serious issue especially when the data breach occurs to a credit reporting agency that requires customers to reveal and important amount of sensitive information to, in fact, check their credit history.