Kitz ADSL Broadband Information
adsl spacer  
Support this site
Home Broadband ISPs Tech Routers Wiki Forum
 
     
   Compare ISP   Rate your ISP
   Glossary   Glossary
 
Please login or register.

Login with username, password and session length
Advanced search  

News:

Author Topic: Equifax Data Breach  (Read 7734 times)

kitz

  • Administrator
  • Senior Kitizen
  • *
  • Posts: 33879
  • Trinity: Most guys do.
    • http://www.kitz.co.uk
Equifax Data Breach
« on: September 09, 2017, 04:28:01 PM »

Considering there are ~49 million adults in the UK this surely has to be largest leak of personal data affecting British citizens.

Equifax stores the personal details of 44 million UK citizens.  Information stolen includes names, addresses, DoB, & social security numbers.   Other data stolen includes some drivers license details and credit card numbers. Many UK citizens will not realise their personal information has been stolen.  Customers of many UK companies such as BT, British Gas & Capital One are thought to be amongst those who are affected.

Equifax discovered the breach of data which is thought to have occurred during the period mid May - July 2017 on July 29th, but have only this week disclosed details of the cyber attack to the public.  The breach also affects ~143 million US customers.

More info - The Telegraph
Logged
Please do not PM me with queries for broadband help as I may not be able to respond.
-----
How to get your router line stats :: ADSL Exchange Checker

kitz

  • Administrator
  • Senior Kitizen
  • *
  • Posts: 33879
  • Trinity: Most guys do.
    • http://www.kitz.co.uk
Re: Equifax Data Breach
« Reply #1 on: September 09, 2017, 04:28:56 PM »

IMHO it's highly suspicious that that three senior executives at Equifax sold $2million of their company's shares on Aug 1st, just days after the company learned of the attack (Jul 29).

Not surprisingly Equifax shares have fallen since public disclosure last Thursday - Business Insider
Logged
Please do not PM me with queries for broadband help as I may not be able to respond.
-----
How to get your router line stats :: ADSL Exchange Checker

roseway

  • Administrator
  • Senior Kitizen
  • *
  • Posts: 43467
  • Penguins CAN fly
    • DSLstats
Re: Equifax Data Breach
« Reply #2 on: September 09, 2017, 04:44:47 PM »

This is one of those worrying events which none of us can do anything to alleviate. We can change passwords, but this isn't about securing access - the criminals have already got the information that's available. It's a goldmine of information to assist identity theft. :(
Logged
  Eric

kitz

  • Administrator
  • Senior Kitizen
  • *
  • Posts: 33879
  • Trinity: Most guys do.
    • http://www.kitz.co.uk
Re: Equifax Data Breach
« Reply #3 on: September 09, 2017, 05:47:23 PM »

I find it very worrying, the data is extremely sensitive.  As one report said on a scale of one to ten, this is a ten.
Whilst they could and should be fined, its too late because there is no going back and the data is out there.  It will likely turn up on the dark web at some point.

As I said elsewhere I cant help but wonder if there was any more information leaked. Equifax's purpose is to store credit history.  Would criminals be able to access that too.   I'm assuming when they mention the fewer number which also have driving licence, & social security details etc leaked too, that they would be those who were direct customers with Equifax as that info is hardly likely to be of any interest to the likes of BT and British Gas etc. 
Logged
Please do not PM me with queries for broadband help as I may not be able to respond.
-----
How to get your router line stats :: ADSL Exchange Checker

d2d4j

  • Kitizen
  • ****
  • Posts: 1103
Re: Equifax Data Breach
« Reply #4 on: September 09, 2017, 05:59:07 PM »

Hi

I hope you don't mind, but there's one obvious thing which comes to mind (although I have not read the links sorry - this was reported on speedtester a few days ago), and that's passwords

Equifax would have a number of registered users (they ran some television adverts), and I still think a lot of users use same passwords for other areas, internet banking, eBay PayPal etc, which there account details will show they have

I would not be surprised if a lot of users had money taken

Also, thinking about talktalk, when they were hit, they helped users by letting them use the similar company to equifax (sorry the name I cannot remember sorry), so who is equifax to allow to look after users who details were taken

These are just some thoughts I had on the matter sorry

Many thanks

John
Logged

Chrysalis

  • Content Team
  • Addicted Kitizen
  • *
  • Posts: 7382
  • VM Gig1 - AAISP L2TP
Re: Equifax Data Breach
« Reply #5 on: September 09, 2017, 06:44:12 PM »

This is why you dont store this type of information on a internet accessible server, the amount of ID and documents I get asked for when registering on exchanges and payment services is unreal.
Logged

sevenlayermuddle

  • Helpful
  • Addicted Kitizen
  • *
  • Posts: 5369
Re: Equifax Data Breach
« Reply #6 on: September 15, 2017, 11:26:06 PM »

Update, from Beeb

http://www.bbc.co.uk/news/technology-41286638

I actually think the potential for catastrophe is being missed.   At least one nuisance caller a few years ago,  trying to sell pensions iirc, seemed to know an awful lot of accurate personal data about better half.   It was clearly a genuine call, not a scam, so I persisted in demanding to know where they had got the data.   They had got it from Equifax.  Equifax in turn, pointed out that permission for data sharing is granted in the small print T&C of many bank accounts, insurance contracts, etc. 

Above details are from my hazy recollections, details may be wrong, but pretty sure that was the general scenario.     If that same Equifax data is made available to scammers, even though it may not contain actual credit card details, or passwords or whatever, I suspect the scammers will have a field day when next they go phishing.  :o
Logged

Dave974

  • Member
  • **
  • Posts: 11
Re: Equifax Data Breach
« Reply #7 on: September 16, 2017, 12:37:35 AM »

There's an update on the Equifax UK site

https://www.equifax.co.uk/incident.html
Logged
Bridge mode: Zyxel VMG8324-B10A, Router: ASUS RT-AC87U
MyDSLstats user : Dave974

petef

  • Reg Member
  • ***
  • Posts: 135
Re: Equifax Data Breach
« Reply #8 on: September 16, 2017, 10:46:32 AM »

A patch for the vulnerability in Apache Struts was available since March, the exploit started mid-May and was detected in July. Equifax waited until this month to make any announcements.

https://www.theregister.co.uk/2017/09/14/missed_patch_caused_equifax_data_breach/
Logged

parkdale

  • Reg Member
  • ***
  • Posts: 597
Re: Equifax Data Breach
« Reply #9 on: September 16, 2017, 06:54:05 PM »

« Last Edit: September 16, 2017, 06:58:50 PM by parkdale »
Logged
Vodafone FTTC ECI cab 40/10Mb connection / Fritz!box7590

kitz

  • Administrator
  • Senior Kitizen
  • *
  • Posts: 33879
  • Trinity: Most guys do.
    • http://www.kitz.co.uk
Re: Equifax Data Breach
« Reply #10 on: September 16, 2017, 08:44:38 PM »

Quote
Equifax Ltd. (UK) can now confirm that UK systems are not affected.

Quote
Regrettably the investigation shows that a file containing UK consumer information may potentially have been accessed
..

UK data being stored in the US between 2011 and 2016. The information was restricted to: Name, date of birth, email address and a telephone number

Seems to me they are trying to downplay the UK data loss.   Name, DoB, Phone No & email is pretty serious in my book. "fewer than 400,000" is still a sizeable chunk for loss of personal data :(
Logged
Please do not PM me with queries for broadband help as I may not be able to respond.
-----
How to get your router line stats :: ADSL Exchange Checker

Chrysalis

  • Content Team
  • Addicted Kitizen
  • *
  • Posts: 7382
  • VM Gig1 - AAISP L2TP
Re: Equifax Data Breach
« Reply #11 on: September 17, 2017, 12:09:01 AM »

name and dob alone is a nasty combination to leak.
Logged

petef

  • Reg Member
  • ***
  • Posts: 135
Re: Equifax Data Breach
« Reply #12 on: September 18, 2017, 07:45:42 AM »

Belated confirmation of details from Equifax.

https://www.equifaxsecurity2017.com/
 
Logged

broadstairs

  • Kitizen
  • ****
  • Posts: 3697
Re: Equifax Data Breach
« Reply #13 on: September 18, 2017, 08:12:23 AM »

According to that update there were at best very tardy in applying patches and at worst totally irresponsible as the bug was fixed in March 2017!

Stuart
Logged
ISP:Vodafone Router:Vodafone Wi-Fi hub FTTP

sheddyian

  • Kitizen
  • ****
  • Posts: 1159
    • My Shed Blog
Re: Equifax Data Breach
« Reply #14 on: September 19, 2017, 01:26:33 AM »

Whilst not directly connected with the equifax breach, this site might be of interest
https://haveibeenpwned.com/

If you give it your email address(es), it will tell you if they are on known spam, spoof and exploit lists.

You can also sign up for (free) notifications if your address turns up in future lists.

It's your position to judge if signing up to this service makes you more or less vulnerable to being hacked!

But I've been signed up for a year or so, and had notifications that my email address has been found on hackers lists and various vulnerabilities)

Ian
Logged
 

anything