In September 2017, Equifax, the consumer credit reporting agency revealed that cybercriminals stole information that could potentially impact over 145 million residents within the United States, along with thousands more in Britain and Canada. The primary cause of the data breach was a failure to apply patching, resulting in a vulnerability that was quickly taken advantage of by opportunistic attackers. The compromised data contained the crown jewels of sensitive information, including consumer names, credit card information, Social Security numbers, birth dates, and driver's license numbers.
Last week, Equifax agreed to a settlement to relieve damages to individuals affected by the breach, as well as implementing structural modifications to reduce the likelihood of future breaches. In addition to fines and other payouts, $300 million was earmarked for compensation or damages to consumers victimized by the breach.
The FTC provided instructions and information on the website www.EquifaxBreachSettlement.com where consumers can determine if they were a victim of the breach and, if so, how to file a claim for compensation of credit monitoring. Consumers should be especially vigilant, in order to avoid the impending spike in spear phishing emails from fraudsters looking to lure recipients into visiting phony websites in an attempt to steal additional information.