Upgrade to NIST-aligned risk architecture for your distributed team.

Explore Cybersecurity & Compliance

Equifax Hacking Incident: Lessons Learned

An analysis of the Equifax data breach and the mistakes made in their incident response, with actionable advice for businesses on how to handle a data breach.

Equifax Issues Response on Hacking Incident

What would you do if you discovered that your business’s database was hacked and a huge number of your customers’ data was leaked? In this case, it helps to have a good incident response plan in place, so your business won’t suffer the same fate as Equifax.

What Happened to Equifax?

Equifax, the large American credit agency, announced in September 2017 that its database was hacked, resulting in a leak of consumers’ private data, including personally identifiable information of around 143 million US citizens. The leaked data included names, social security numbers, addresses, birthdates, and credit card and driver’s license numbers.

Equifax responded by setting up a new site, www.equifaxsecurity2017.com, to help customers determine whether they had been affected.

Soon after, Equifax’s official Twitter account tweeted a link that directed customers to www.securityequifax2017.com — which is actually a fake phishing site. Fortunately for Equifax’s customers, the fake site was set up by a software engineer who wanted to use it for educational purposes and to expose flaws in Equifax’s incident response practice. No further harm was done, but Equifax was left with additional embarrassment.

So What Did Equifax Do Wrong?

One of the biggest mistakes Equifax made was setting up a new website outside of its main domain, equifax.com. Since phishers can’t create a web page on a company’s main domain, hosting the new site there would have made it easy for customers to verify legitimacy. By using a new standalone domain, Equifax made it trivially easy for bad actors to register convincing lookalike domains.

What’s clear from this is that Equifax had never planned for a data leak — an unforgivable oversight by a company that handles the information of over 800 million consumers and more than 88 million businesses worldwide.

Don’t Repeat Equifax’s Mistake

Whether your business is a small startup or a large enterprise, you need to prepare for a data breach. Besides having a comprehensive network defense plan, you also need to have the right incident response plan in place.

After discovering a leak, you should:

  1. Be upfront with your customers and notify them as soon as possible.
  2. Establish a clear message that includes:
    • How the leak occurred
    • How the leak could affect your customers
    • How you will prevent future attacks
    • What your company will do to support affected customers
  3. Create a web page under your company’s primary domain to keep customers updated — never a standalone domain.

A robust incident response plan is a must. Feel free to talk to our experts about how you can develop one before you ever need it.

Ready to transform your IT?

Join businesses in San Diego and beyond who trust Versa IT for expert managed services, responsive support, and flat-rate pricing.

Get a Free Consultation (858) 427-4832