Data breaches have been in the news more and more recently. For some Americans, it’s simply another story in the news cycle. But for others, especially small business owners, a data breach is a terrifying prospect. After all, you have likely invested nearly all you have into growing your business, and someone being able to use your information for nefarious reasons could ruin you.
Most recently, Atlanta-based Equifax, a credit reporting company, announced a breach exposed personal information of 143 million customers. That’s more than a third of the American population, and over half of the adult population. For the general public and small business owners alike, knowing whether or not you’re affected is crucial. Just as crucial, though, is knowing what to do in the aftermath of a massive data breach like this one.
On September 7, 2017, Equifax announced they had discovered a breach in their security — what they’re calling “unauthorized access” to their systems — on July 29. After conducting an investigation, they discovered the hacker had access for nearly two and a half months before being discovered. The credit reporting company reported that it has “no evidence of unauthorized activity on Equifax’s core consumer or commercial credit reporting databases.” However, private consumers are potentially affected.
Information that was potentially stolen includes:
- Social Security numbers
- Dates of birth
- Driver’s license numbers
For about 210,000 customers, credit card numbers were stolen. Dispute documents with personal identifying information for about 182,000 people were also stolen.
Equifax has set up a portal to determine whether or not you were affected, and are offering free identity theft protection for a year. That protection, though, does come with some strings attached (more on that later). However, many critics say the company’s response to the breach is inadequate. Equifax hasn’t answered some key questions, such as whether account login information was stolen.
Many are also wondering why Equifax took so long to announce the breach. According to Francesca De Girolami, director of social media and PR:
“As soon as Equifax discovered the unauthorized access, Equifax acted immediately to stop the intrusion. The company promptly engaged a leading, independent cybersecurity firm which has been conducting a comprehensive forensic review to determine the scope of the intrusion, including the specific data impacted. Because this incident involves a substantial amount of personal identifying information, the investigation has been complex and time-consuming. As soon as we had enough information to begin notification, we took appropriate steps to do so.”
To add a cherry on this horrible cake, between the breach being discovered and it being announced, three high-level Equifax executives sold a total of $1.8 million of their own company stocks.
How to Protect Yourself After This and Other Breaches
While commercial accounts were apparently not affected by the Equifax breach, there is a good chance your personal information was. And as we mentioned before, that can be just as devastating for a small business if that information falls into the wrong hands. Before doing anything else, check Equifax’s website to determine whether or not your data was affected.
In order to best protect yourself, take these other steps as soon as possible:
1. Sign Up for Credit Monitoring
Even if Equifax reports that you aren’t affected, it’s best to act as if you are. If you data was stolen, it could be already in use by identity thieves. Sign up for a service, such as LifeLock or IDShield, that diligently monitors your credit on your behalf. Using the free service from Equifax could be a bad bet, as the ability to participate in a class-action lawsuit against the company is prohibited, according to the fine print.
2. Change Your Passwords Immediately
Changing your login information for your Equifax account is one of the easiest ways to protect yourself. Create an entirely new password that’s difficult to guess — don’t just change a character or two in your current password. If you want to be extremely safe, use a password generator, then keep it stored safely.
3. Set Credit Alerts with the Big Three
With Equifax, Experian and TransUnion, you can set up renewable 90-day alerts. This requires any lender to verify your data with you and lets you know someone is opening an account in your name. By setting up these alerts, it becomes much more difficult for a potential identity thief to use your information. Once you are sure your data is secure, you can opt out of these alerts — though they’re helpful to always have on.
4. Freeze Your Accounts
If you find that your data is being used in any way by someone who isn’t you, freeze your accounts with Equifax, Experian and Transunion — the “Big 3” credit reporting companies. This can be a tedious process, as it will prevent you from opening new lines of credit. You may also have to pay a fee to freeze and unfreeze these accounts. But these steps are worth it if they save your credit and financial well-being in the long run.
5. Don’t Fall Victim to Phishing Attacks
After an attack of this magnitude, hackers will often take advantage of the paranoia and panic of the general populace and send out phishing emails. These emails may look like they’re from your bank or other financial institution. Know that your bank will never ask for your personal information in an email. If you receive an authentic-looking email, check the “Sent” address. Always hand-type the web address, such as your bank’s website address, into the URL bar. Never click on a link sent in an email.
Protect Yourself and Your Customers
While these massive data breaches are the ones that always make the news, small businesses are most often the target of hackers. Protect yourself and your customers by ensuring your cyber security measures are up to date. Company.com can help you set up strong cyber security protocols for your small business so you know you are protected. Contact us today to learn more about how our software package can help your business thrive, and to start your free trial.