Equifax DAta Breach
Checking Credit Score
Data security has been a concern since the advent of computers and has become more serious since the growth of the internet and the web. While there have been many data breaches, the breach of Equinox which has an immense database on Americans crystalized to many how dangerous insecure networks could be.
As many as 145.5 million American consumers were affected by the colossal Equifax breach, and a significant range of British and Canadian residents were also affected, when these individuals found themselves victim to Equifax’s cybercrime identity theft. This cybercrime was recorded as one of the biggest data breaches in history.
2016: Early Warnings of Security Risk
During December of this year, a security researcher tasked with delving into Equifax’s servers found that an online portal intended to be exclusive only to Equifax employees was actually open and available to the general internet. This employee portal was not to be the main data portal discussed in the primary Equifax breach, but it was the beginning of significant security issues.
Mid May to July 2017: The Attack is Carried Out
Criminal hackers infiltrated the data servers of Equifax. This resulted in unauthorized access to the personal information of almost 44% of the American population.
This security breach proves the vulnerability companies face in regards to cyber threats. Cybersecurity technology has had to evolve in order to better address these threats to security. An example of this can be seen with the Defense Federal Acquisition Regulation Supplement, which is a set of cybersecurity regulations required to be imposed, meaning contractors and suppliers must now always be DFARS compliant.
7th September 2017: The Breach is Publicly Announced
It wasn’t until months later that the public was informed about the security breach. This announcement confirmed that the identity information exposed included names, Social Security numbers, dates of birth, residential address and even driver’s license numbers.
8th September 2017: Shares Drop
Equifax shares drop just a day after the breach announcement, with a plunge of 13.7%.
11th September 2017: A Timeline is Requested
The chair of the Senate Committee on Finance asks Equifax to provide a detailed timeline of the breach, as well as details regarding Equifax’s efforts to deal with the intrusion and limit the damage to its consumers.
12th September 2017: Equifax Employees Leave
The company officially announces that two of its senior computer security executives are retiring. Equifax also later loses its chief information officer and chief security offer when they confirm that they are retiring, effective immediately.
Equifax also issues a public apology in USA TODAY.
2nd October 2017: A Forensic Report is Issued
This report, provided by forensic computer security company Mediant, revealed that an additional 2.5 million people had been affected by the breach. Equifax released the information gained from the report.
3rd October 2017: Former CEO Testifies
Former Equifax CEO Richard Smith testifies before the subcommittee of the House Digital Commerce and Consumer Protection. In his testimony, he admits that “mistakes were made.”
22nd July 2019: A Settlement is Agreed
Equifax agree a settlement with the Federal Trade Commission to address the damages suffered by affected individuals and offer reparation, as well as agreeing to make organizational changes in order to avoid further security breaches in the future. The settlement figure included $300 million for victim compensation, $175 million to the relevant states and territories, and $100 million in fines to the CFPB.