Cyber Safety for Employees – Equifax Security Breach

How to protect yourself if your data has been compromised

The Equifax breach has many wondering how this could happen. Hackers exploited a known vulnerability in open source software used by the company.  The industry group claims the patch was made available on March 7, 2017 the same day the vulnerability was found.  Questions on why Equifax didn’t move quickly to apply the patch will certainly plague the company as the 143 million victims search for answers. Details on a second hack have people shaking their heads in disbelief that this could happen to the behemoth credit reporting agency.
Use the links below to find out if your data was compromised and some of the things you can do to protect yourself.

Was my data exposed?

Here is the link for the FTC Consumer Information page on how to find out if you are affected and what to do.

Monitor or Freeze your credit

Here is a link to one of the most trusted consumer sites – Clark.  Clark has instructions for freezing your credit and updates on the Equifax breach.

Use strong passwords

Some sites and applications have a minimum requirement for password strength and an expiration period that is required.  Always use a strong password and change it periodically for maximum protection. If you think your account has be compromised, change the password immediately. For some password guidance, go to: A strong password is your first defense.

Turn on two-factor authentication when possible

Many applications have the option to use two-factor authentication. This means using two different ways to confirm your identity. One factor is our login and password and the second can be a code texted to our SmartPhone.  This code then has to be entered to continue.  This is a good method because most of us keep our SmartPhone close at hand.  If you haven’t used two-factor authentication, you may want to practice with someone or try with your least critical application before applying to your bank accounts.  Facebook, LinkedIn, and Twitter all have options for two-factor authentication.

Become an expert on how to detect a phishing attack

Whether an email, IM, phone call or website, something that tricks you into doing something that gives up your personal information or grants access to your computer is a phishing attack. As you can imagine, the name comes from fishing. You bait a hook and see what you get. It is not surprising that so many people are taken in by phishing scams. The scams are quite plentiful and the bait looks like the real thing. Phishing is the number one way of delivering ransomware. Learn how to spot them and avoid being a victim. Remember, just like learning anything, it takes practice to spot phishing and other online scams. Keep your eyes open and be vigilant.
For more information, see our article: Cyber Security for Employees – Phishing

Be vigilant

Here is the FTC Identity Theft page.  It has information on what to look for, what to do and how to report.
If you see something suspicious, report it. Merchants, banks and law enforcement should be contacted if you suspect your identity has been stolen. Phishing can be reported to US-CERT at phishing-report@us-cert.gov, the Anti-Phishing Working Group at reportphishing@antiphishing.org, FTC at spam@uce.gov  or the Internet Service Provider/Registrar. If you see something that concerns you and want to discuss, you can contact at our HelpDesk at 770 662-0312 or HelpDesk@lansystems.com.
About Mary

Mary is the CEO of LAN Systems. She is an electrical engineer who feels her greatest strength is the ability to connect with people. LAN Systems provides IT managed services and solutions to growing companies and non-profit organizations. You can contact Mary at mary@lansystems.com.

Speak Your Mind

*