Wednesday, September 13, 2017

Equifax Breach - What You Need to Know

Equifax—one of the three major consumer credit reporting agencies in the United States—has reported a major security breach that may have exposed the personal information of up to 143 million people. Compromised information may include names, social security numbers, birth dates, addresses, and some driver’s license numbers, as well as about 209,000 credit card numbers and about 182,000 dispute documents that may include personally identifiable information.

Like all major incidents, be prepared for the details to change over the coming days as new information is learned and shared. The office of IT Security would like to share the following information and tips on how you can protect yourselves:

1.       Equifax Website: Equifax has created a website (www.equifaxsecurity2017.com) where you can learn more about the incident. From this website, you can check to see if they believe your data was compromised (click the Potential Impact button at the bottom of their webpage). You can perform this check for all members of your family, including your children. While they may not be old enough to have a credit card or bank account, they have a clean credit history that is also a target for identity theft. Continue to recheck their site over the coming weeks to make sure the information has not changed. Their investigation is ongoing and may discover later that additional information was compromised. 

2.       Credit Monitoring: You can sign up for Equifax’s Trusted ID credit monitoring service, free of charge. You will have the opportunity to sign up for this when you check to see if your information was compromised. Read through all information carefully if you enroll. Make sure you are comfortable with signing up for their free service. Credit Monitoring does NOT protect you against credit card fraud. This is a common misconception. Credit monitoring service will notify you when/if they identify someone attempting to commit Identity Fraud in your name, such as registering for a new credit card or bank loan. Some services also help you recover from Identity Theft. For more information on credit monitoring, including potential limitations, click here

3.       Security Freeze: Though few people are aware of it, a security freeze is one of the most effective actions that an individual can take to prevent identity theft, but it does have a number of drawbacks. A security freeze will lock your credit scores so no one can access them. This means that while your credit score is frozen, no bank or financial organization (such as credit card companies) can check what your credit score is, which also means no one will give you (or a criminal pretending to be you) a loan, credit card, etc. A challenge to this approach is that an individual must manually setup a security freeze with each of the credit bureaus. In addition, if you want to get a new loan or credit card, you then have to manually unlock your credit service. For more information on security freezes, click here

4.       Monitor Financial Accounts: Watch your bank and credit card accounts carefully. Many of them have a service where they notify you (via text or email) if a back withdraw or credit card charge is over a certain limit, or can send you daily reports of your activity. We highly recommend you enable at least one of these. 

5.       Social Engineering Attacks: In the coming days/weeks, cyber attackers will take advantage of this incident and launch millions of phishing emails, phone calls, or text messages trying to fool people. Be vigilant and participate in ESU’s security awareness programs to learn more about how to defend against these, and other, cyberattacks.

If you have any further questions or concerns, you can email the ITSecurity@emporia.edu or call the Help Desk at (620) 341-5555.