- William C. Rudin | REBNY Chairperson
- James Whelan | REBNY President
- John H. Banks | REBNY President Emeritus
- Code of Ethics
- REBNY Residential Listing Service
- Become a Member
- Benefits & Rewards
- REBNY Action Network
- REBNY Services
- Our History
- Contact Us
- Looking for a NYC real estate broker?
- Contests & Awards
- Sponsorship Opportunities
- REAL ESTATE EDUCATION
- MEMBER SPOTLIGHT
- GIVING BACK
Massive Equifax Data Breach Could Affect Half of the U.S. Population
September 25, 2017
By Solomon Algazi
Countless Americans will no doubt suffer financial harm from the Equifax data breach. But we may never know the exact number.
A massive cyber security incident at Equifax — one of the largest credit reporting agencies in the United States — may have exposed private information belonging to 143 million people — nearly half of the U.S. population.
The breach, which was discovered July 29, includes sensitive information such as social security numbers, birthdays, addresses, and in some instances, driver's license numbers. The agency said 209,000 credit card numbers were exposed in the breach, which includes customers in Canada and the United Kingdom.
But in the online world, getting a precise count of people hurt by a specific data breach — like the breach at Equifax — is far more challenging. Maybe even impossible.
In a statement, Equifax said the cyber security breach was discovered on July 29. Since then, the company has been working with an independent security firm to understand what happened and how they can better protect themselves in the future.
There's no disputing that many people will have their identities stolen or learn that credit cards were opened in their name without their knowledge after the breach of the credit bureau’s computer systems.
Thieves made off with the personal data of as many as 143 million Americans, including what arguably is the most important piece of identification: the nine-digit social security number.
When asked if there’s a way to quantify how many people have been harmed, John Ulzheimer, a credit expert and former employee at Equifax and credit score firm FICO, said: “There’s no way to know, and there may never be a way to know.”
All those past hacks make it virtually impossible to pin the blame for any individual identity theft claim on any one attack, including the massive Equifax rip-off.
The data stolen in the Equifax breach included social security numbers, names, addresses and drivers licenses. These four pieces of identification are dubbed the “crown jewels,” as a thief in possession of them all has the keys to one's identity.
There’s been more than 825 million personal records exposed from data breaches in the 10-year period ending in 2016, according to the Identity Theft Resource Center. More than 6,400 breaches occurred in that period.
Last year there was a record 15.4 million U.S. victims of identity fraud, according to the 2017 Identity Fraud Study released by Javelin Strategy & Research. Losses attributed to identify theft totaled $16 billion in 2016, Javelin reported.
Every specific cyber breach has a starting date, or the day of intrusion. But if the hackers get their hands on data that has a long shelf life, such as a social security number, there is no end point to when the stolen information can be used. In short, there is no way of knowing if current victims of identity theft or financial fraud were duped by data stolen recently from Equifax.
It can be a long time before victims feel the effects.
Were You Affected?
Even if you don't think you're a customer of Equifax, there's a strong possibility they still have your data. As a credit reporting agency, Equifax gets information from credit card companies, banks, lenders, and retailers to help it determine a person's credit score.
Want to see if you might be affected? Equifax will let you check your potential impact by typing in your last name and the last six digits of your Social Security number. All U.S. customers will also be given a date when they can sign up for TrustedID Premier, which includes identity theft insurance, credit reports and a service that crawls the internet and alerts you if your Social Security number is posted somewhere online.
Equifax has set up a dedicated website and phone number for concerned customers to call with questions. In addition, the company said it will mail notices to people who may have had their credit card numbers or personally identifying information exposed on dispute documents.
The bottom line here, is to pay close attention to your credit card statements. With more than 200,000 credit card numbers exposed.
The best thing a consumer can do in response is to engage in what's called a credit freeze. This essentially locks down your Social Security number on your credit report, preventing criminals from opening new lines of credit under your name."
You'll need to call the three major credit reporting agencies to ask for a freeze. The Federal Trade Commission lists more details on how to do that here.
A credit freeze is available under state law, and may be accessed by phone or by mail for consumers who do not have internet access. A freeze will prevent creditors from accessing your credit report. Depending on the state where you live, a freeze may also prevent other companies from checking your credit when you apply for services such as cell phone or auto insurance. You will need to remember your PIN, and based on state law, you may have a waiting period when you wish to unfreeze your report. Please note, you will need to place a security freeze separately with each of the three major credit reporting companies. Based on your state’s law there also may be a fee for placing or lifting a freeze, or for obtaining a replacement PIN if you lose or forget it. A security freeze remains on your credit file until you remove it, so you will need to plan ahead and unfreeze it before you apply for new credit.
What we do know is there’s been a sharp spike in the number of Americans logging on to a government website used to report identify thefts since the Equifax data breach was announced Sept. 7.
The Federal Trade Commission, one of the regulators that oversees the credit reporting industry on data-protection and identity-theft matters, says traffic levels to IdentityTheft.gov were nine times higher than average levels on Friday, Sept. 8, and have been five times higher since Monday. The average daily volume of traffic to the site was about 6,000 and is now in the tens of thousands.
5% of the 143 million people whose data may have been compromised in the Equifax breach, means an estimated 7.2 million Americans, could be at risk for identity theft. Again, that is just an estimate, as there's no real way of knowing.
If you have any concerns for yourself or your clients, please feel free to call my office so we can help you sort through this difficult period. We encourage everyone to take this seriously. Please call 718-395-7567 with any questions or comments and be sure to mention that you are a REBNY member.