What You Should Be Doing In the Wake of the Equifax Breach

September 19th, 2017 Paul Xu

Millions upon millions are still feeling the sting of the Equifax breach… even months after the news broke on basically every front page and cover around the world. The harshest part of this unfortunate reality is that they could be fighting this battle for the rest of their lives.

As many as 143 million consumers’ personal information could be compromised – including their names, addresses, Social Security numbers, and birth dates. Right now there is no way for you to know for certain whether you are among the victims. If that’s not at least a little unnerving to you… well, we’re not completely sure whether to be impressed or concerned. But we’re leaning towards concerned.

And whatever or whoever was behind this security weapon of mass destruction isn’t alone. Identity theft and cybercrime continue to become more pervasive year after year. There will be “another Equifax.”

So while this particular case and the investigation of Equifax is… well, huge… and super interesting… we’ll all be better off focusing on our attention on safety. You’ve got to understand that this is not just a matter of protecting your data. This is a matter of protecting yourself (for those of you with spouses and children, your families) from being exploited. 

For your own good, take a few minutes to consider these simple security tips from 14 West Information Security.

8 Simple Security Tips from 14 West Information Security

  1. “Passphrases” are always better than passwords. Aim for 16-20 characters including capital and lowercase letters as well as numbers. Example:ILoveTaco2sday!
  2. DO NOT use easily searched information for your passwords, security questions, usernames, etc.  This means NO birthdays, NO children’s birthdays, NO place of birth etc.  Use pieces of data that cannot be easily searched on the internet. Examples: the name of your child’s imaginary friend, your favorite comic book character, your preferred sock brand.
  3. Do regular credit checks.  This can be done for free here.
  4. Try to check your various account balances at least twice a week. Look for unfamiliar or unidentifiable activity. If and when you see something, act immediately. A delayed response or lack of response on your part is essentially a green light to hackers.
  5. Take full advantage of alerts and push notification technologies offered with your credit cards, bank accounts, etc.
  6. Avoid using open Wi-Fi at all costs. Yes, meaning you should pay for Wi-Fi – particularly if you plan to use it to access any of your accounts online or shop online. If you absolutely must use it, always use a VPN service.
  7. DO NOT click on any links or attachments in emails unless you are 110% confident that the sender is who you believe it is and that they are trustworthy.
  8. DO NOT pick up the phone for any numbers you don’t recognize.  If it’s important they will leave a message. If that message sounds urgent, return the call but use the phone number published on the company website.

And REMEMBER, if something sketchy comes your way via the office phone or email, report it immediately and contact your IT or Information Security team ASAP. Don’t overthink it. If they want to be effective at what they do, they’re likely already encouraging you to do this. So make it a habit. In fact, let it become second nature to you.

If they’re anything like the 14 West Info Sec team, they will respond every time, quickly and with appreciation… even if you happen to be way off base.
Photo Cred: Bloomberg via Getty Images

Paul Xu

VP of Information Security at 14 West

I am a huge proponent of perpetual self-improvement and learning. And I think this is one of the reasons I find working in Information Security to be so rewarding. The field is constantly and rapidly evolving, and so I’m faced with an endless challenge. But this translates to me as endless opportunity. In this field, if you are not eager to learn and face a challenge every day, then you’re putting it all on the line. So I try to build my team with people like myself – that are truly passionate about growing their expertise and protecting businesses and their employees. But I also like to surround myself with people that challenge me, and aren’t afraid to question my decisions or share different perspectives. Because we can’t afford to be one dimensional or get comfortable. We’ve got to stay on our toes.

What is something you do every day in the office?
This probably sounds cliché, but I really do start every morning by checking twitter and news feeds for any news in the security world. It’s either a habit or an obsession – I’m not sure which. Probably both.