As though the initial news of Equifax’s 2017 data exposure wasn’t bad enough, it has been discovered that there are even more victims than previously thought. While news like this is never good, it can bring a silver lining if the opportunities that such news presents are seized.
Many will likely remember when it was discovered last year that Equifax, one of the three major credit reporting bureaus, had been breached. As a result of this breach, approximately 143 million people were potentially affected, with various forms of personally identifiable information made available for cybercriminals to use. Doing the math, this meant that 44 percent of the United States’ total population could have their information out and available to those who would misuse it.
Then, in October 2017, it was announced that an investigation revealed that 2.5 million more people were exposed than first thought. This brought the total number of potential victims up to 145.5 million.
Unfortunately, it would seem this is a running total.
Equifax has since discovered 2.4 million more victims, whose names and partial driver’s license numbers were accessed and stolen. Fortunately, this data – while not worthless – is of limited value to a cybercriminal, especially when compared to the data that other victims lost, like Social Security numbers. Regardless, it is still important to view reminders of events like the Equifax breach as what they are: reminders. As such, they serve as an opportunity to reflect on what is to be learned from events like these.
Lessons from the Breach
There are a few takeaways to be had from a data breach event, the first of which being: there’s always going to be another data breach.
The unfortunate reality is, with valuable information stored by so many entities, data is always at risk of being stolen. So much information is shared, in fact, that it is not only possible for one’s data to be breached, it is now probable. As a user in such a world, there are steps you need to take to prepare for this paradigm.
First and foremost, you need to prepare yourself on a personal level. Regardless of how cautious you are about your personal data, you need to accept that, yes, it will probably be stolen one day – and not necessarily from you. As the Equifax breach and countless others have proven, the companies that collect your data aren’t always storing it in the most secure way. So, even if you shred your bank statements and follow all the rules when it comes to your passwords, there’s still a chance that your data could find its way into the wrong hands thanks to someone else’s negligence or bad luck.
This is why you also need to be prepared to both prevent and detect attempts of crimes like identity theft. This can be accomplished through the use of credit freezes, locks, and alerts.
You also need to be sure that you are prepared to share this information with your clients and customers, should you find that your records were breached. Taking ownership of the event and doing everything possible to help those involved through it will help reduce the ill will that is felt toward your company.
Unfortunately, data breaches aren’t going to stop happening. As a company, it is up to your organization to best prepare for them, and should one strike, handle it as best you can. Setton Consulting can help. Call us today at 212-796-6061.