The Wikipage of Equifax Inc. states. “Equifax is a consumer credit reporting agency. Equifax collects and aggregates information on over 800 million individual consumers and more than 88 million businesses worldwide”.
Unfortunately, they’ve been breached.
They lost control of almost half of the US population’s record. This may impact 143 Millions to be exact. This includes social security numbers and other sensitive data.
Equifax.com is not responding at the time of publication of this article.
My take on these increasing data breaches is that the approach to how we protect, share, disseminate, use and then (hopeful) destroy data when no longer required is clearly broken. Indeed data will always be needed for various reasons, but I clearly believe corporate and the security community ought to go back to the drawing board on how we should get out of this mess. A solution will be found but we should start admitting the system is broken and is in dire need for repaired. We can start with the basics and use the myriads of tools and technologies already available by following vulnerabilities where they exist and most importantly by applying vendor released patches to close the holes. In parallel applying a security policy that evolves with the need of the organisation and disposing of unnecessary and potentially toxic data will go a long way.