Based in Atlanta, Equifax Inc. provides consumer credit reports on more than 800 million individuals and 88 million businesses in the world, it claims. In 2016, the company reported $3.144 billion in revenue.
But last September, Equifax announced criminals had hacked its systems and stolen or compromised the personal data of 145.5 million consumers, which likely means their personal information was put up for sale on the darknet, part of the dark web, experts say.
A small portion of the world wide web, the so-called darknet consists of websites where anonymous vendors often sell products including drugs, humans and personal data to anonymous buyers, using encrypted data.
For many people who hadn’t thought about the deep web or darknet before, suddenly it became relevant to their lives.
“You may have heard the saying,” says Patrick Traynor an associate professor and co-director of the Florida Institute for Cybersecurity at the University of Florida. “There are two kinds of people: Those who have been hacked, and those who don’t know they’ve been hacked.”
The criminals stole the names, Social Security numbers, birthdates, and addresses of everyone; they also captured the driver’s license and credit card numbers of some, the company said.
Months have dragged by, hundreds of lawsuits against Equifax alleging poor security have been filed, according to news reports, and it’s not over.
Early this month, the company admitted that tax identification numbers, email addresses and phone numbers, as well as the expiration dates for credit cards were part of the hack, facts it shared with Senate leaders rather than the public, at first. The office of U.S. Sen. Elizabeth Warren released the latest information to the press, according to news reports.
Equifax, one of the three major credit bureaus with Experian and TransUnion, was not immediately forthright with consumers after the breach, waiting more than five weeks to tell them. Executives knew of it on July 29 last year but told no one until Sept. 7.
Later, the company fired the CFO, John Gamble, and spent huge sums to investigate and try to rectify the hack. It also offered consumers a service that allows them to lock and unlock their credit reports — a service many have found either difficult to use, or unusable, they’ve said.
Equifax offered all U.S. consumers no-charge identity theft protection and credit report monitoring for a year, but that deal expired Jan. 31.
Options for consumers concerned about misuse of their personal data now include getting a free copy of a credit report, and freezing or locking reports.
According to Equifax, a free copy of your credit report from the three major credit bureaus is available at www.annualcreditreport.com.
To freeze your credit report, contact the three major credit bureaus online.
Go to www.equifaxsecurity2017.com for more information. The website leads to a trademarked site called “Lock and Alert” which says, “You’re in charge,” and “It’s about you.”
It offers this explanation, as well: “Why lock? Locking your Equifax credit report is an effective way to help provide additional protection against unauthorized access, and help stop identity thieves from opening new accounts in your name.” ¦