More Than 50% of All Social Security Numbers in The U.S. Were Stolen.  Make Sure Yours Isn’t on The List.

equifax hack

On Thursday, September 7, 2017, hackers stole the names and social security numbers of 143 million Americans after a massive breach of Equifax. That’s more than half of the adult population.

Amazing, right? Not really—Cybercriminals are much more sophisticated than in the past.  Staying safe and secure online is becoming more difficult all the time. Cyber criminals are everywhere, constantly looking for ways to breach network vulnerabilities—And they hit the “Mother Lode” with this one!

The hackers entered the Equifax data base, scanned through birth dates, addresses and driver’s license numbers, as well as 209,000 credit card numbers!  The breach occurred between mid-May and the end of July, but, unfortunately, we’re just finding out now.

Equifax is an obvious target for hackers because it stores so much valuable, confidential personal data.  But isn’t it ironic that a company that sells identity and security products ends up getting hacked?   If they can, your business can too.   

What You Should Do.

It’s imperative that you find out if your data was compromised.  To do so, go to the Equifax website and sign up for their free credit monitoring and identity theft protection. (Equifax is offering this to every U.S. consumer in the country regardless of whether they were victimized.)

Here are the instructions Equifax provides:

To determine if your personal information may have been impacted by this incident, please follow the below steps:

  1. Click on the below link, “Check Potential Impact,” and provide your last name and the last six digits of your Social Security number.
  2. Based on that information, you will receive a message indicating whether your personal information may have been impacted by this incident.
  3. Regardless of whether your information may have been impacted, we will provide you the option to enroll in TrustedID Premier. You will receive an enrollment date. You should return to this site and follow the “How do I enroll?” instructions below on or after that date to continue the enrollment and activation process. The enrollment period ends on Tuesday, November 21, 2017.


The information accessed includes credit card numbers for approximately 209,000 U.S. consumers. Fraudulent credit card charges will likely take place, if they haven’t already.

In addition:

  • Be sure to scrutinize your credit card and bank statements for charges that you don’t recognize. (You should be doing this every month anyway.)
  • Watch out for any notifications that new credit applications have been filed on your behalf. If your personal information is circulated on the black market, other criminals will try to find ways to take advantage of it.
  • Keep a lookout for phishing emails. Cybercriminals often sell stolen personal information for use in email “phishing” campaigns that persuade victims to hand over additional sensitive information, including bank account numbers.

This Wasn’t the First Major Breach, and It Certainly Won’t Be the Last.

Here’s a brief list of some of the breaches that took place just this year:

Gmail May 3, 2017: Gmail users were targeted in a phishing scam that gained access to accounts through a third-party app. The emails looked like they came from a user’s trusted contact saying they wanted to share a Google Doc with them. Once clicked, the link led to Google’s real security page where the person was prompted to allow a fake Google Docs app to manage his or her email account. Nearly 1 million users were affected.

The IRS April 6, 2017:  100,000 taxpayers had their personal information stolen via the IRS Data Retrieval Tool, which is used to complete the Free Application for Federal Student Aid (FAFSA). Identity thieves also used the tool to steal additional data.

DocuSign May 17, 2017: Customers of this electronic signature provider were targeted with malware phishing attacks. The hackers breached one of DocuSign’s systems, and used the email addresses they stole to conduct a malicious email campaign where recipients were prompted to click and download a Microsoft Word document that contained malware.

Chipotle April 25, 2017: Chipotle said payment card transactions that occurred from March 24, 2017 through April 18, 2017 may have been breached. The investigation is still ongoing.  At the time the notice was published, the company didn’t have any additional information, and said it’s too early to provide any more details.

So, What Can You Do to Protect Your Business from a Hack?

You can no longer protect your wired and wireless networks with simple security solutions. You must deploy a proactive defense.

You can’t do this alone. Anti-virus and malware programs aren’t enough You must partner with a trusted Managed Service Provider in your area who provides:

  • Vulnerability & Risk Assessments to ensure you comply with HIPAA, FINRA, PCI or other industry regulations.
  • 24/7 Remote Network Monitoring that detects and blocks security threats.
  • The latest Anti-Spam, Anti-Virus and Anti-Malware Solutions that secure your desktops, laptops, servers and mobile devices.
  • A Managed Firewall that’s constantly deployed and upgraded in real time to prevent unauthorized access and data breaches.
  • Remote Network Management for issue-remediation to ensure both wired and wireless Network Security.
  • Web-Filtering Solutions to protect you and your staff when using the Internet from any computer device, wired or wireless.  
  • Backup and Disaster-Recovery Services so your files are always secure and retrievable as recommended by the S. Government.
  • Data and Email Encryption to ensure your information is protected against unauthorized use, and that messages are kept private, both when in transit and when archived.
  • Safe Wireless Networking with the ability to constantly monitor and secure access points to prevent unauthorized users from entering.
  • Mobile Device Management so your confidential data is protected when employees use BYOD.

It’s hard enough to secure your personal data.  Securing your business’s data is much harder.  It takes expertise. However, you can implement very effective solutions (such as those listed above) to ensure that when a hacker comes around, he’ll move on to another victim, because your infrastructure isn’t worth the trouble of hacking into.

PNJ Technology Partners will deploy a proactive defense to protect your business in Albany from today’s malicious cyber threats.  Don’t wait until a data breach occurs. Contact us for an assessment of your Network Security needs: (518) 459-6712