The catastrophic breach of Equifax’s systems was inevitable because of systemic organizational disregard for cybersecurity and cyber-hygiene best practices, as well as Equifax’s reliance on unqualified executives for information security. While Equifax has proven itself to be a compromised, irresponsible data custodian, Experian, TransUnion, and other data brokers may be just as vulnerable.

In ICITech.org’s  most recent publication, entitled “Equifax: America’s In-Credible Insecurity – Part One: Yet Another Dragnet Surveillance Capitalist Cautionary Tale,” ICIT offers a detailed analysis of the Equifax breach, including:

  • Analysis of the Equifax breach and its incident response
  • Insights on the Equifax executives tasked with protecting its systems
  • A list of actions consumers can take in the wake of the breach
  • Technical and non-technical controls data brokers must implement to improve their cybersecurity posture and internal cyber hygiene

You can download the report here: http://icitech.org/icit-analysis-equifax-americas-in-credible-insecurity-part-one/

This is the most comprehensive and well written analysis of this breach.

The three nationwide credit reporting companies have set up a central website, a toll-free telephone number, and a mailing address through which you can order your free annual report.

To order, visit annualcreditreport.com, call 1-877-322-8228. Or complete the Annual Credit Report Request Form and mail it to: Annual Credit Report Request Service, P.O. Box 105281, Atlanta, GA 30348-5281. Do not contact the three nationwide credit reporting companies individually. They are providing free annual credit reports only through annualcreditreport.com, 1-877-322-8228 or mailing to Annual Credit Report Request Service.

In addition, as nearly half of American’s have been victimized by this breach, I strongly recommend you do the following:

  1. Go to http://www.ssa.gov and make an account for yourself if you are a US Citizen or Permanent Resident and have been building up a social security benefits account.  Do this soon, so hackers don’t try to steal your hard earned Social Security Benefits by creating a fraudulent account using your social security number, date of birth and other credentials.
  2. Put a lock on your credit files by calling all three credit bureaus, Experian, Equifax and TransUnion and letting them know you’ve been a victim of an identity theft breach:Equifax:1-800-685-1111; equifax.com
    Experian: 1-888-397-3742; experian.com
    TransUnion: 1-800-916-8800; transunion.com
  3. Visit http://www.consumer.gov and http://www.identitytheft.gov and learn more about how to protect your identity, both sponsored by http://www.ftc.gov 

We must become more vigilant than those who put us in their insecure databases as these kinds of breaches are way too prevalent and could have been prevented if these organizations used better countermeasures and forethought.

Gary S. Miliefsky
Executive Producer
Cyber Defense Magazine