If you have not been living in a cage, you should have heard about the breach of security in Equifax. The company is known as a credit reporting company, functional both in USA and UK. The hack occurred due to unfixed Apache vulnerabilities that the service did not fix in time. Now, another news is starting to circulate about this leakage. While it is already considered one of the biggest (and most dangerous) leak of the year, this description is about to reach a different level of severity.
More than 15 million of UK people compromised by the leak
It was assumed that approximately 400,000 thousand of UK clients have to worry about their credit card info and other personally-identifiable details. However, this number has sky rocked to reach 15.2 million of British people. These statements appeared in the official website of Equifax which updated concerned clients about the ongoing investigation.
The service is currently establishing contact with compromised users and informing them about the dangers they are facing. In the post, service also reminds users that via email communication, it will never require credit card or other personal details.
If you receive such a message, hackers are targeting you with a phishing scam. This is a very rational warning for cautious people: even the tragedy of hurricane Harvey allowed scammers to spread fake email letters, urging users to make donations to the victims.
Also, Equifax included that UK clients should worry about their email addresses, user names, passwords, secret questions, partial credit card details, driving license number and phone numbers. This information has been accessed by hackers.
These victims will be offered monitoring services free-of-charge to make sure that phone numbers or other personal information would not be exploited for vicious plans. If you have any questions for this service, you can contact it via [email protected] or a phone number of 0207 554 1856.
At the end of the published article, the President for Europe at Equifax named Patricio Remon concluded:
“Once again, I would like to extend my most sincere apologies to anyone who has been concerned about or impacted by this criminal act. Let me take this opportunity to emphasise that protecting the data of our consumers and clients is always our top priority.
It has been regrettable that we have not been able to contact consumers who may have been impacted until now, but it would not have been appropriate for us to do so until the full facts of this complex attack were known, and the full forensics investigation was completed.
I urge anyone who receives a letter from Equifax to take advantage of the remedial services being offered to help mitigate against any risk, or to contact us should you have any questions.”
Equifax websites hacked: deliver malicious Flash Player
Despite these beautiful words, Quifax does not see the end of its problems. Just today, security researchers noticed that Equifax website was hacked once again. This time: for the purpose of spreading fake Adobe Flash Player. A researcher named Randy Abrams visited the site on Wednesday and got redirected to a malicious domain.
Source: equifax.com, arstechnica.com.