5 Facts and Myths About The Equifax Data Breach
Following this month’s Equifax data breach affecting 143 million people, rumors began swirling around about the details of the hack. It’s not only important to take action and freeze your credit at the credit reporting bureaus, but also to understand what’s true (fact) and what’s false (myth) concerning this unfortunate event.
1. If You Sign Up for Equifax’s Credit Monitoring Service, You Waive Your Right to Join Class-Action Lawsuits or Sue On Your Own
Myth: When the hack was first announced, Equifax included some confusing fine print in the details of their credit monitoring system, TrustedID. The statement implied that consumers who opted into the free credit monitoring offered by Equifax were giving up any right to sue the company on their own or as part of a class action lawsuit.
At the time we first reported details of the breach, we too were under the impression that opting into TrustedID gave you limited legal action. Since then, Equifax clarified the language, and those enrolled in TrustedID still have legal rights. However, as we have previously explained, credit monitoring does not protect you from identity theft. Freezing your credit is the best option.
2. Outdated Software Used By Equifax Caused The Breach
Fact: Experts are now reporting hackers were able to infiltrate Equifax’s system through a flaw in Apache Struts software. In March of 2017, Apache discovered a vulnerability in the program and released a patch the same day.
Hackers first gained access to Equifax’s network in May, meaning that the company left the software unpatched for at least two months. At this point, Equifax has not made a statement on why the software was left outdated.
Take this lesson from Equifax and always be sure to update the software on your computer (and phone). Outdated software leaves you vulnerable to hacks and puts your security at risk. It’s best to update your software as soon as you are notified—better yet, set up auto-updates, so you don’t have to worry about it.
3. Signing Up For Equifax’s Credit Monitoring Will Keep My Identity Safe
Myth: Credit monitoring is not a comprehensive identity theft prevention method. These programs (like LifeLock) alert you after credit has been taken out in your name. Once a cybercrook takes out credit in your name, there's always a mess to clean up.
To prevent this from happening in the first place, you should sign up for a credit/security freeze. This action locks down your credit file with PINs that only you know. No new credit can be issued unless the freeze is lifted by you at the credit bureaus.
You can learn more about the details of setting up a security freeze with Equifax, Experian, TransUnion, and Innovis here.
4. Over 200,000 Credit Cards Were Stolen In The Breach
Fact: In addition to the 143 million personal records, hackers were also able to download the credit card data of 200,000 people. The data included credit card numbers, names, and expiration dates of consumers who had provided their credit card info to Equifax between November 2016 and July 2017.
Be sure to monitor your credit card statements for any strange charges. For the ultimate protection, sign up for automatic text or email alerts on your credit and bank cards. Doing so will set off a text or email message anytime a charge is made on your account.
5. The Information Stolen By Hackers Includes Only Names and Credit Card Numbers
Myth: Equifax keeps extensive information about all us whether we like it or not. Everything including social security numbers, birth dates, driver license numbers, addresses, and much more.
Be sure to keep an eye out for potential scams following this hack. Phishing emails may be on the rise as hackers take advantage of people’s fears surrounding this news.
The details on the Equifax hack are still developing, and we will likely learn more details in the coming months. Again, for now, be sure to protect yourself and your loved ones from this breach and future breaches with a security freeze.
Please call us at (330) 836-7000 if you have any questions about this data breach or anything else and if you need help freezing your credit. We're always here to help you prepare for the unexpected.
You can also schedule an appointment with us here.
This information is provided for educational purposes only and is not intended to provide specific advice or recommendations for any individual. It should not be construed as research or investment advice and is not a recommendation, offer or solicitation to buy or sell any securities or to adopt any investment strategy.