Equifax Breach Information
On September 7, 2017, Equifax, a credit reporting bureau, announced a significant breach of their data affecting as many as 143 million U.S. consumers. The breach was discovered on July 29, 2017, and occurred from May through July 2017. Possibly exposed data from the breach included credit-card numbers, names, addresses, social security numbers, birth dates, driver license numbers, etc. This breach provides us an opportunity to increase awareness of the situation; faculty, staff, and student members of our communities may still be impacted as U.S. consumers. UNIT’s Information Security Office is pro-actively monitoring this matter, and will continue to keep the University community appraised of any important developments, guidance, and ongoing mitigation efforts.
For specific information concerning the breach, please visit Equifax’s website: https://www.equifaxsecurity2017.com/. The website includes information about the incident, the ability to determine if your information was compromised, and an opportunity to enroll in Equifax’s free identity theft protection and credit file monitor service for one year.
Information Security Office Recommendations
Equifax indicated that they will be contacting impacted consumers via hard copy mail, as well as providing an opportunity to identify whether you are a victim. Cybersecurity incidents such as these present opportunities for nefarious hackers to attempt further collection of your personal information-- in order to perpetrate continued fraudulent activity or access sensitive information and systems. Equifax WILL NOT e-mail you directly instructing you to click on a link, review a document, or visit a website. However, distribution of cleverly branded Equifax e-mails with intent to trick you is likely. Phishing e-mails such as these (and in general) are expected, so please use caution with e-mail correspondence, and report any suspected e-mails to email@example.com.
Think Before You Click!(http://www1.villanova.edu/villanova/unit/security/PhishingAwareness.html) Additionally, here are security recommendations for consideration:
Intelligent Account Access Use strong complex passwords/passphrases, and set-up multi factor authentication for e-mail, social, and other personal accounts