Equifax mega-breach: Don't be the next victim

Thursday September 14 2017

Last week, credit report giant Equifax revealed that 143 million customers may have had their data compromised in one of the largest breaches ever reported in the US.
Malicious cyber-criminals hacked into the system through a web application vulnerabilityproviding identity thieves with everything they need such as social security numbers, birth dates and addresses.

Presenting at Cyber Security Chicago 2017, Ondrej Vlcek commented on the breach:

“It is still not clear what kind of vulnerability was taken advantage of in the Equifax breach, however it is likely it was a leak through a web application flaw. It is unacceptable that credit bureaus which hold so much personal information which they then sell, can allow such a breach to happen and practice poor security hygiene.  We speculate that the attackers used a SQL injection to gain access.  Hackers are consistently searching for these vulnerabilities, and companies, especially those with access to so much sensitive information, need to significantly increase their diligence in maintaining security of their data. This is one of those cases where there is unfortunately really nothing consumers can do except be vigilant. We expect it is only a matter of when, not if, this data appears on the Dark Web market. At this point there are a few actions potential victims can take to help ensure they are protected. First closely monitor all email, social, credit card and bank accounts closely for suspicious activities. Second, consider looking into a credit freeze that will stop hackers from using your identity to accrue debt. Also, don't respond directly to emails and other messages notifying you that you're a victim. They may be scams. Instead, open up a new tab and log in directly to the site in question, or call the support center number listed on their site."

--  Ondrej Vlcek, CTO and General Manager, Consumer, Avast Business

Secure your place at Cyber Security Chicago and learn how to project your organization from cyber criminals...