2025 Foundational Application of Social Engineering

The Equifax Breach And What You Need To Know

Share This Post

It seems like a day doesn’t go by without another “breach” story in the news. So much that you might find yourself ignoring them as just another news story.  

But we urge you to NOT ignore this one. Please. 

The Equifax Breach And What You Need To Know

Equifax was breached in May 2017. It looks like hackers used the vulnerability in the Apache STRUTS flaw.  65% of the Fortune 100 companies use STRUTS, so this vulnerability was not unique to Equifax.  

Equifax did not discover the breach until July 2017.  Doing the math, the attackers had at least 3 months in their systems. 

What did they get?

Hopefully, you are sitting down.  If not, you might want to. 

143 Million people are involved in this breach. The attackers were able to obtain: 

  • Social Security Numbers 
  • Dates of Birth 
  • Credit Card Numbers 
  • Driver’s License Numbers 
  • Telephone Numbers 

There are 245,576,909 American’s over the age of 18 (as of the 2016 census). That means 58% of all adult Americans can be breached thanks to one unpatched flaw in Equifax’s system.  

Basically, this is a recipe for identity theft.  And that is why we are writing this blog.    

Watch out for Identity Scams

We will give you some information below on how to freeze your credit but, in the meantime, this is not the only problem. This information is being traded and sold all over the world. This means you, yes you, are now a target for vishing scams, phishing scams, and combo attacks. 

What can you do?

Be careful.  And here are some tips: 

  • DO NOT click any links from emails.  If you get an email, do not copy and paste the link, instead, open your browser and go to the website using a known URL.
  • If someone calls you saying they need ANY PII (personal identifying information) over the phone, DO NOT give them anything. Go to the web, get the legitimate number of that organization, bank, or credit card company, and call them directly.
  • Do not view this as a credit card breach. When your cards are stolen, the company has insurance to make you whole.  This is not the same; if someone steals your identity and opens credit accounts, loans, or other accounts using your info, it can take YEARS to clean that up.
  • Monitor your credit.  NOW BE CAREFUL!!! Equifax is offering FREE monitoring BUT (HUGGGEEEE OLD BUT HERE), if you accept it you sign away your rights to be part of the class-action suit.  That is dirty pool, Equifax, and I hope none of you signed up for that scam.
  • FREEZE Your credit.  Let’s be honest – this is a giant pain in the butt. And it will make things difficult when you want to buy a car etc. BUT you have to think about doing this or someone can be opening accounts in your name as we speak.  The easiest way is to contact each of the major bureaus:
    Equifax: www.freeze.equifax.com
    Experian: experian.com/freeze/center.html
    TransUnion: freeze.transunion.com

After you do this, you will receive a PIN that is needed to use your credit for anything, DO NOT LOSE THIS. Personally, I would consider doing this even for your kids. 

If you are a victim due to this breach and your identity gets used, take action immediately. Cancel your credit cards, change passwords, monitor your credit. Do not wait for them to contact you – you need to take the initiative and move fast.

Stay vigilant. Stay Alert. Stay Safe. 

More To Explore

Soft Skills for Cybersecurity Professionals
General

Soft Skills for Cybersecurity Professionals

As cyber threats continue to increase, so does the need for cyber security professionals. Some of the skills needed to succeed in the field of cyber security are programming skills,

Social Engineering

Keeping it Simple in Cybersecurity 

Today, the cybersecurity industry focuses a lot more on complicated solutions and tools. Companies are always looking to improve their security measures with the latest technologies. However, attackers often choose