Back in 2017, Equifax, one of the three major credit bureaus in the US, made a major security blunder that leaked millions of sensitive information, including Social Security numbers, addresses, driver’s license numbers, and credit card details. The company estimated that the data of 145.5 million people (almost half the US population) were exposed. But according to recent reports, there may be millions more affected by the leaks.

What happened?
On March 1, Equifax reported that the names and driver’s license numbers of approximately 2.4 million Americans were stolen. According to the company, sensitive information like home addresses, home states, or the license issue and expiration dates were not leaked. Equifax said these breaches were discovered only recently because their forensic investigations primarily focused on stolen Social Security numbers.

In response, the company said that anyone affected would be notified directly. They’re also now offering a security program designed to prevent identity theft and credit tampering. However, given the company’s poor track record, not many are willing to enroll.

When the company first announced the breach in September last year, the tool used to check whether an account had been hacked didn’t work and came up with false positives. Fortunately, there are other things you can do to protect yourself.

Monitor your credit
Consider looking through your credit reports for any suspicious spending. If you spot any new accounts, loans, and other payments you don’t recognize, contact your credit card company to report fraudulent transactions.

Check the dark web
Compromised data is often sold to the highest bidder on the dark web, so most Equifax data can probably be found there. To see whether your personal information has indeed been compromised, sign up for dark web monitoring services. Then consult with a security professional to discuss your options.

Place a credit freeze
One way you can prevent hackers from opening credit cards and making payments in your name is to freeze your credit. When you implement this, anyone masquerading as you will be required to provide a PIN to unfreeze your account. Contact the credit bureaus (Equifax, Experian, TransUnion) to activate this service.

Set fraud alerts
When you set a fraud alert, credit card companies and businesses must verify your identity before opening an account or making any payments. Together with a credit freeze, alerts will make it extremely difficult for hackers to steal your identity.

Learn to identify phishing scams
Because Equifax is notifying data breach victims directly through email, hackers could take this opportunity to send fake messages that direct users to dangerous websites. As such, knowing how to identify phishing scams (suspicious URL links, attachments, and spelling errors) is vital.

Dealing with data breaches is a long and frustrating process, especially for businesses that just want to focus on growing their operations. So if you have any security concerns, call us today. We have the cybersecurity expertise to protect you.

The post Millions more affected by Equifax leaks appeared first on Complete Technology Resources, Inc..

For all the time we spend discussing the complexity of internet security, there are a few simple things you can do. Avoiding websites that aren’t secured with the HTTPS protocol is one of them. It’s a habit that can be developed with a better understanding of what the padlock icon in your web browser’s address bar represents.

HTTPS Encryption

Older web protocols lack data encryption. When you visit a website that doesn’t use HTTPS, everything you type or click on that website is sent across the network in plain text. So, if your bank’s website doesn’t use the latest protocols, your login information can be intercepted by anyone with the right tools.

HTTPS Certificates

The second thing outdated web browsing lacks is publisher certificates. When you enter a web address into your browser, your computer uses an online directory to translate that text into numerical addresses (e.g., www.google.com = 8.8.8.8) then saves that information on your computer so it doesn’t need to check the online directory every time you visit a known website.

The problem is, if your computer is hacked it could be tricked into directing www.google.com to 8.8.8.255, even if that’s a malicious website. Oftentimes, this strategy is implemented to send users to sites that look exactly like what they expected, but are actually false-front sites designed to trick you into providing your credentials.

HTTPS created a new ecosystem of certificates that are issued by the online directories mentioned earlier. These certificates make it impossible for you to be redirected to a false-front website.

What this means for daily browsing

Most people hop from site to site too quickly to check each one for padlocks and certificates. Unfortunately, HTTPS is way too important to ignore. Here are a few things to consider when browsing:

• If your browser marks a website as “unsafe” do not click “proceed anyway” unless you are absolutely certain nothing private will be transmitted.
• There are web browser extensions that create encrypted connections to unencrypted websites (HTTPS Everywhere is great for Chrome and Firefox).
• HTTPS certificates don’t mean anything if you don’t recognize the company’s name. For example, goog1e.com (with the 'l' replaced with a one) could have a certificate, but that doesn’t mean it’s a trustworthy site.

Avoiding sites that don’t use the HTTPS protocol is just one of many things you need to do to stay safe when browsing the internet. When you’re ready for IT support that handles the finer points of cybersecurity like safe web browsing, give our office a call.

The post HTTPS is something to care about appeared first on Complete Technology Resources, Inc..