On July 29, 2017 Equifax discovered what could be the worst security breach to date. The sensitivity of the data that was hacked lends its self to future identity theft.

Following are excerpts from a September 14th press release issued by Massachusetts State Representative Randy Hunt. You can find the full content at randyhuntstaterep.com

The scope of the data breach at Equifax combined with the character of the data stolen amounts to an unprecedented cyber theft affecting 143 million Americans, an estimate provided by the company.

 To provide context, consider that the U.S. population is about 330 million, of which, close to 250 million are adults (18 years of age and up). Relatively few 18 to 25-year-olds have credit records with the three primary credit companies-Equifax, Experian, and TransUnion-so we’re looking at upwards of 75% of people with credit records having had their information stolen.

 According to Equifax, a vulnerability in a website application called Apache Struts CVE-2017-5638 was exploited by hackers to gain access to the 143 million credit files, 209,000 credit card numbers, and 182,000 credit dispute documents. Apache Foundation, which oversees the widely-used open source software said “The Equifax data compromise was due to failure to install the security updates in a timely manner.” The vulnerability was announced and patched by Apache on March 7, 2017 and modifications were completed by March 10, 2017. The Equifax data breach occurred from mid-May through July. 

What you can do:

Go to www.EquifaxSecurity2017.com. There are consumer updates posted to this page along with a link at the bottom of the page called “Potential Impact.” Click this link and then click “Check Potential Impact.” [At this point, follow this instructions to check your risk.] Once you complete this step you are then offered the opportunity to enroll in Equifax’ TrustedID Premier program for no cost for one year. This program offers credit file monitoring with the purpose of alerting customers of any attempts to access their information or open credit/loan accounts without their permission. [Equifax claims you will not be automatically enrolled or charged after the one-year trial. There is an FAQ on their website with more details.]

 You have had the ability to acquire one free credit file report per year from all three bureaus for many years. Looking at these reports is essential to identifying potential fraudulent transactions. Go to www.annualcreditreport.com  or call 877-322-8228 to request your free credit report which includes information from all three bureaus.

 Finally, the information breach may well be used to e-file fraudulent tax returns, both Federal and state, in an effort to claim a refund. For more information about the IRS’ program, visit https://www.irs.gov/identity-theft-fraud-scams/identity-protection

Take this seriously and monitor your credit!