Go to Admin » Appearance » Widgets » and move Gabfire Widget: Social into that MastheadOverlay zone
Responding to criticism that its online and phone support systems were either broken or insufficient, Equifax issued a statement saying its customer support website was back up and functioning properly and that it had tripled the size of its call centre team to more than 2,000 agents, with more to be added.
Equifax revealed Thursday that the breach discovered on July 29 could expose the personal information of about 143 million people in the United States. The company also said that the information of an undisclosed number of people in Canada and the United Kingdom was compromised.
Jaime Horwitz of Toronto and his wife got accounts with Equifax Canada earlier this year after her purse was stolen from a shopping cart. Police and Visa suggested at that time that they get the accounts to receive identify theft alerts.
“I couldn’t get to the website, I couldn’t get through on the phone, I tweeted them twice … to see if they had any response, and nothing,” he told CBC News.
He eventually determined that his information hadn’t been compromised, but found that his wife’s may have been.
On social media, many Canadian users expressed frustration with Equifax Canada, calling on the company to let them know how they can check if their personal information has been part of the security breach.
@equifaxcanada…Do you have contingency plans to protect the security of my personal information? How do I find out if it was compromised?
Equifax said that from mid-May through July 2017 thieves obtained consumers’ names, birth dates, addresses, social security numbers and, in some cases, driver’s licence numbers in the cyberattack on the credit monitoring company, which is based in Atlanta.
“So this means [the perpetrators] have a detailed financial history, obviously all of your current information, and a lot of your current debts, as well as, sort of, paying history,” Mark Nunnikhoven, vice-president of cloud research at Trend Micro, told CBC News.
He said the information obtained in the Equifax breach differs from cases involving the theft of credit card numbers because once the card is flagged, its number will be changed and the card will no longer be useful.
“But with the type of information that’s exposed in a breach like this, [the thieves] can start going out and getting new credit, getting new financial products under your identity, and those have a much longer lifetime,” Nunnikhoven said.
“On a scale of one to 10, this is a 10 in terms of potential identity theft,” said Gartner security analyst Avivah Litan. “Credit bureaus keep so much data about us that affects almost everything we do.”
The breach at Equifax is far from the largest in history. That dubious distinction belongs to Yahoo, which saw more than one billion user accounts compromised in two thefts. However, it could be the largest theft of U.S. social security numbers, topping a 2015 hack of health insurer Anthem Inc. that involved the data of about 80 million people.
“Hopefully the impact to people will be minimal, but with the amount of people affected, unfortunately we are going to see some very unfortunate stories coming out of this,” he said.
“When it comes to the type of information that Equifax had, as far as that deep history, all of that identity information, unfortunately the damage can be a lot harder to walk back.”
The state attorneys general of New York and Illinois said they have launched formal investigations into the breach, and the U.S. House of Representatives’ financial services committee will hold a hearing on the matter, although a date has not been set.
“This is obviously a very serious and very troubling situation, and our committee has already begun preparations for a
hearing. Large-scale security breaches are becoming all too common,” said Republican Rep. Jeb Hensarling, chair of the committee.
At least two proposed federal class-action lawsuits have already been filed in the United States against Equifax, Reuters reported Friday.
One suit, which was filed in Atlanta, accused the firm of negligence and wilfully violating the Fair Credit Reporting Act for failing to protect customer information.
In a statement, the company said the executives “had no knowledge that an intrusion had occurred at the time they sold their shares.”