What You Need To Know About The Equifax Breach
On Sept. 7, 2017, the personal information of 143 million people was stolen. Equifax experienced a massive data breach that included nearly half the population of the U.S. This included Social Security numbers, driver’s license numbers, information from credit disputes and other confidential data. But what happened to this data? We still don’t really know.
Here’s What Experts Now Believe
It’s been nearly a year and a half, and the stolen data still hasn’t been found. The theory now is that the data was stolen by a nation state for spying purposes and that it wasn’t stolen by hackers looking to sell it. CNBC reports that, according to experts who are familiar with the breach, the thieves were working for a foreign government and are using the information to identify and recruit spies.
The consensus is that the breach probably started with a low-level criminal who exploited a vulnerability in Equifax’s defenses. But because this person wasn’t experienced, he sought help via the criminal underground and shared or sold information about the Equifax vulnerability. Experts believe that the buyer was probably a proxy for the Russian or Chinese government.
The Foreign Government Theory
According to CNBC, a senior intelligence official with direct knowledge of the Equifax investigation said that:
“the foreign government is probably combining this information with other stolen data, then analyzing it using artificial intelligence or machine learning to figure out who’s likely to be — or to become — a spy for the U.S. government…credit reporting data provides compromising information that can be used to turn valuable people into agents of a foreign government, influencers or, for lower-level employees, data thieves or informants. In particular, credit information can be used to identify people in key positions who have significant financial problems and could be compromised by bribes or high-paying jobs… Financial distress is one of the most common reasons people commit espionage.”
What Does This Mean For You?
If this is the case, then it seems that only those in sensitive government positions or with lots of access to top-secret information will be targets. These would be people with influence and power such as future senators, CIA officers, people who oversee U.S. corporate data centers, or senior financial executives of technology companies.
As it turns out, all the recommendations urging you to check whether your data had been compromised and to take numerous steps to freeze your credit turns out to have been unnecessary for this breach. However, Dark Web Monitoring Services are still considered the best way to determine if your data has been stolen or your identity misused.
You Should Consider Using Dark Web Monitoring Services
The experts will still be watching for information that will lead them to the culprits. In the meantime, consider signing up for Dark Web Monitoring Services.
Here are 6 things you should know about Dark Web Scanning.
1. What Is The Dark Web?
The Dark Web comprises 93% of the Internet. It’s a secret internet society that’s growing so quickly that the authorities can’t keep up with it. You can’t access it with search engines like Google, Yahoo or Bing. The Dark Web is only accessible to a select group of criminals. These criminals use special software to hide their identities – software that isn’t available to us, or the authorities. This is one reason why the Dark Web is so dangerous.
Many think that lone criminals trade information on the Dark Web. It’s much bigger than this. It’s a place where organized crime operates. They have experts in every area and interact and rely on each other to steal data, sell it and use it. These are illegal and worldwide corporate enterprises that are making hundreds of billions of dollars a year.
2. What Do Criminals Do With Data On The Dark Web?
- Share their successes, exploits, strategies, techniques and tactics.
- Take stolen data and sell it.
- Transfer corporate data and proprietary information.
- Work in teams to execute cyberattacks on businesses and government entities.
3. What Is Dark Web Scanning?
Dark Web Scanning:
- Searches the Dark Web 24/7 to determine if your confidential data is there.
- Finds cyber threats that expose stolen business accounts, email addresses, patient information, and other confidential data.
- Uses both human and artificial intelligence to scan criminal operations in chat rooms, blogs, forums, private networks and other sites.
- Collects the vital intelligence needed to determine if your data exists on the Dark Web.
- Locates any of your compromised credentials or information before criminals can use it for profit or other crimes.
- Detects data dumps within the black markets on the Dark Web that have anything to do with your organization.
- Does all of this in real time.
4. What Will Dark Web Scanning Find?
- Credit card data
- Confidential data from unsecured file transfers
- Leaked data from employees (intentional or not)
- Compromised accounts
- Your customers’ or patients’ data that’s being sold
- Stolen financial data
- Stolen PayPal and other account credentials
- Trademark and copyright infringements
- And more.
5. What Do Dark Web Scanning Services Include?
You’ll receive initial and ongoing scanning, with continuous monitoring and alerts if anything relating to your business is found.
6. What Should You Do If Your Data Is Found In A Dark Web Scan?
You will be advised to invalidate it immediately. This means changing your account numbers, email addresses, passwords and anything related to the stolen data.
Data breaches require both a strong and immediate response from your organization. If required, you will have to notify the authorities and any of your customers or patients whose data was stolen. So, the sooner you implement Dark Web Scanning, the better.
For more information about the Equifax breach and how Dark Web Scanning can help your business, contact your network essential team in Charlotte, North Carolina.