A lot of folks are very angry about the Equifax data breach. Honestly, you would think by now we would be somewhat numb to our data being stolen – what with the Anthem data breach impacting 79 million people and the Target one affecting 41 million customers a few years back. But this one surpasses them both, at 143 million.
If you only heard about the breach but can’t remember the details, here’s a fun timeline (one that will really annoy you if you’re in IT like I am):
- March – Flaw in Apache Struts identified by a cybersecurity arm of the U.S. Department of Homeland Security, US-CERT
- May 13th – Hackers start exploiting the flaw
- July 29th – Equifax discovers data breach
- July 30th – Equifax “observes suspicious activity” and takes affected application offline (instead of, you know, yesterday when they discovered it)
- August 1st and 2nd – Equifax senior officers sell significant amounts of stock
- August 2nd – Equifax hires a cybersecurity firm to help them figure out what was compromised and when
- September 7th – Equifax decides to let the 143 million impacted people know about the breach
- September 15th – In an incredible coincidence, their Chief Information Officer and Chief Security Officer have decided to retire. Imagine that!
I’ve Been A Victim
I am an identity theft victim. After the Anthem breach, shortly before Christmas of 2015, I had the experience of opening a letter informing me how sad Target was for needing to deny my application for a credit card. Trouble was, I hadn’t applied for a credit card. Then the thief tried hacking my AT&T account, switching my phone plan and getting new phones. I believe they were arrested, actually, because AT&T realized it was a fraud (unfortunately not before the thief succeeded in changing the plan).
Luckily I had heard about identity theft, and what to do about it, from one of my favorite podcasts – Clark Howard. I’ve seen his awesome guide making the rounds online and even at work. Our security chief posted an article about the breach and what to do, and one of our employees posted a link to the guide.
I’m sorry to tell you this, but even if for some reason Equifax says that your data wasn’t impacted by their breach, you need to assume your data is out there. You want to tell me that you haven’t been an identity theft victim? That’s just because the thieves have so much data, they haven’t gotten to you yet. Sorry.
What You Can Do
So you need to assume your data is out there. How can you protect yourself? Since this is a subject that’s very personal to me, I’ve written about it in the past. Here are my top identity theft resources:
Five Tips To Prevent Identity Theft – In this article, I go more into my personal story and experience with identity theft, along with an extensive guide on preventing identity theft. With links to the credit bureaus, the FTC’s identity theft guide, and tons (and tons!) of other key sites, this is a one-stop-shop to helping you protect your identity
Seven Steps to Take If Your Identity’s Been Stolen – A follow-up to my prevention guide, this article will walk you through what to do if you’re in identity theft recovery mode (rather than prevention mode). One word of caution, this is a very long and comprehensive article, so it will take time to read. I’ve worked hard to cover everything a victim might need to know.
Swiped, by Adam Levin – This is an awesome and amazing book I picked up after my identity was stolen. It will go through all the things you need to think about and to do in order to protect your phycial and virtual environments. After reading this book I made significant changes to my password management process, got a shredder and security cameras, and made lots of other changes. I highly recommend this book if you’re looking for a comprehensive guide to addressing your own security, and not just a quick fix of placing a fraud alert/security freeze on your credit.
I want To Hear From You!
What are you doing in response to the Equifax data breach? Let me know in the comments.
Be sure to follow my blog for more great posts via e-mail or WordPress, or connect with me on Facebook or Twitter and say hello! You can also check out what I’m buying or baking on Instagram, what I’m pinning on Pinterest, or the latest books I’m reading (or want to read) over on Goodreads.