New information has surfaced about the Equifax breach that shows at least 10.9 million American’s have had their driver’s license numbers compromised. The information came from Equifax to its customers, most of which are financial institutions.
The breach potentially affects 145.5 million Americans, and compromised data includes personally identifiable information such as social security numbers and dates of birth. At the time of the breach, in early September, Equifax did not provide exact number of driver’s licenses that were accessed by the hackers.
In a separate incident, Equifax said Tuesday that the hack also resulted in the accessing of a file containing 15.2 million UK consumer records.
As more information emerges around the hack and the vast impact of the data breach, consumers have been advised by several authorities, including Equifax’s rival TransUnion, that one of the ways to protect their data is to do a credit freeze on their accounts.
In a report earlier this week we mentioned the reason for the hack – one of the key web applications used by Equifax was not kept up to date, thereby exposing a vulnerability that the hackers used to get into the system. The information came from TransUnion, which said that its own software was up to date and that was a possible reason why its own database was not hacked into.
The level of reported incidents of ransomeware and hacking is on the rise. A recent joint report from the National Crime Agency and National Cyber Security Centre in the UK shows that the risk of ransomware attacks to businesses is “significant and growing.” We already know how the WannaCry and Petya/NotPetya ransomware attacks affected thousands of businesses and consumers in past months, and Yahoo recently revealed that almost all of its accounts were hacked back in 2013 – a whopping 3 billion accounts.
This latest incident with Equifax merely highlights why it is critical that companies follow best practices to protect their data, especially those that hold sensitive customer information. No system is impossible to hack, but there are several ways to mitigate risk and reduce the surface area open to attack by hackers. Unfortunately, a lot of companies fail to do everything they can to prevent such a situation, and the loser in the end is inevitably the one whose data has been compromised. Consumers like you and I.