It's all over the news - Equifax suffered a massive data breach which compromised the personal information of as many as 143 million Americans. Here's the top 5 things you should do immediately:
1) Check the Equifax website to see if your personal information was potentially impacted. Be careful of similar sounding websites that have actually been set up by criminals!
2) Be super vigilant with email. Hackers often use the news of big breaches to conduct "phishing" campaigns. You may receive official emails that look like they're from Equifax - but they're not. Equifax will send paper mail to consumers whose credit card numbers or personal data were believed to have been impacted. When in doubt, always call the company who appears to be sending the message.
3) Place a fraud alert on your account. A fraud alert is a signal placed on your credit report to warn potential creditors they must use "reasonable policies and procedures" to verify your identity before they issue credit in your name. Here are the links to the other two nationwide consumer reporting companies:
4) Change your passwords! We can't say it enough - you should never use similar or (worse) identical passwords on multiple online accounts. Once hackers have access to ID and password info for one system, they routinely try the same combo on other platforms.
5) Enable two-factor authentication on your online accounts wherever possible. This means after you enter your log in and password information, a text message will be sent to your phone with a code as a second verification step. The code must be typed in before the page can be opened.
Bonus Advice! Don't forget to protect your business from liability.
Yes, the lawsuits against Equifax have already started. Here's a direct quote from Bloomberg:
"...Equifax was negligent in failing to protect consumer data, choosing to save money instead of spending on technical safeguards that could have stopped the attack."
We could not have said it better ourselves. Oh wait - we did!
Just a few weeks ago we published a blog post which recounted how a client was advised to shell out for some basic data encryption software to protect their growing number of computers. The advice was turned down and unfortunately it turned out to be a very costly mistake. If your business manages any type of customer data, there are often very stringent rules around protecting it.
Want to learn more? Take a quick read through our "Ultimate Guide to Cybersecurity" to ensure you're up to speed on some of the most critical steps to protecting your business data.
As always, you know who to contact for advice!