More details surrounding the breach have come to light: Still no major repercussions for those responsible.
For those unfamiliar, last year equifax made A massive screw up
The people affected by this breach include 145 million americans, pretty much every single adult who has ever had a bank account, paid anything on a monthly basis, or has a social security number.
The effects of this are wide sweeping, and we probably have still not seen the full weight of its impact upon modern security.
Information accessed included:
-Social Security numbers
-driver’s license numbers
-credit card numbers
It has now been revealed, far more information than that was compromised.
-tax identification numbers
along with finer details, such as:
-expiration dates for credit cards
-issuing states for driver’s licenses
Chucking everything and living in a cave comes to mind.
But on a more realistic note, you should probably freeze your credit just to start with.
Employing a monitoring service for your financial and credit may help. But on the digital side of things, well, its hard to come up with a realistic strategy. Alot of recommendations seem very much like closing the barn after the horses have ran out.
This sort of massive breach is unprecedented, nearly every adult in america has had enough data leaked about them for someone to impersonate them, take over their accounts, and ruin their life.
As much as the engineer in me would like to recommend moving to an open-source Operating system, chucking the social media accounts, and upping your OPSEC game, I know most people are not experienced enough or motivated enough to do that.
If you have had a half-decent IT worker in your employ, or have read any publications, you should know by now:
-Use strong passwords. No, your kids birthday isn’t a good password.
-Use file encryption tools. They aren’t for spies anymore! Turns out bad people want to steal your data.
-Run an anti-virus software package. Yes, a good one costs money. Yes, if it is working, it will use system resources. Yes, you need to run one.
-Hire a professional. Preferably me, but you at least need to get your system checked out semi-annually by someone with a security background. Your high school aged nephew who “knows computers” will do his best, i am sure, but you cannot beat a trained eye.
You may very well still be blindsided by an attacker, but most of the time, the simple stuff is what gets people.
And believe me, the things I listed above are SIMPLE.