The latest on the monster Equifax data breach and how to protect yourself, AT&T Arris routers vulnerable to attack and 711 million email details discovered in largest ever spambot.
Equifax hack – 44 million British customers affected
Late last week news broke that Equifax a major credit reporting agency had 143 million consumer records stolen.
At the time it was widely believed that these records were largely confined to US consumers but it has since emerged that the personal data of up to 44 million UK citizens has been stolen.
If you’re wondering whether your data may have gone AWOL too it’s probably a good bet to assume that it has.
Alongside Experian, Equifax is THE de facto
repository for credit history of UK consumers. You may not be aware that it holds information on you but you shouldn’t bet against it.
Many UK companies including BT, Capital One and British Gas use Equifax as a default service to establish customer credentials and payment histories.
The UK’s information commissioner is investigating how the
almighty cock up
breach is affecting UK customers.
We’ll keep you posted as more details emerge.
We didn’t know anything… honest
The massive hack is believed to have happened between May and July of this year.
Equifax claimed to have discovered it on the 29 July but didn’t actually let on until late last week.
When news of the mega-hack emerged Equifax’s share price unsurprisingly plunged.
In a bizarre coincidence (?) three senior executives at Equifax sold shares worth a combined £1.3 million a few days after hack was discovered.
The company said the three executives “had no knowledge that an intrusion had occurred at the time they sold their shares”.
Early investigations reveal…
According to reports Equifax appears to have been targeted initially because:
- The company has millions of active credit cards on file belonging to people who pay Equifax to monitor their credit reports and alert them to potential fraud. It is thought this data was immediately sought by the hackers.
- Active credit card numbers can fetch higher prices on the dark web than more personal data because they can be used immediately by fraudsters
- The web application the attackers used to breach Equifax’s network granted access to both the credit card files and back-end systems storing consumer data profiles
- However, some of the hackers’ behaviour suggests they were also looking for financial and personal information on individuals, which is more commonly associated with higher-level forms of identity theft
What can you do to protect yourself?
Be proactive if you think your data might be a target, for instance, if you pay Equifax to monitor your credit reports or if you consider yourself a ‘high net worth’ individual.
- Call the fraud department at your bank or credit card company
- Look at credit card and bank statements frequently
In a sense you need to raise a red flag with your bank so they are also aware that there is potential for fraud on your account/s.
- Banks and financial services companies have powerful behavioural analysis software running behind the scenes.
- As such they can track and detect unusual activity on your credit card or bank account/s.
Also check BullGuard Premium Protection
. It’s been developed for instances like these and immediately alerts you when some tries to use your personal data.
Security flaws in Arris AT&T routers
Routers sold or given away by AT&T, and branded Arris have a number of security vulnerabilities, some of them very serious.
Estimates as to the number of routers affected ranges from thousands to 138,000. The flaws enable attackers to:
- Gain remote access to an affected device, giving full control over the router.
- View and change the Wi-Fi router name and password, and alter the network's setup, such as rerouting internet traffic to a malicious server.
- Control a module that's dedicated to injecting advertisements into unencrypted web traffic, a common ploy used by internet providers and web companies. As such a hacker could inject malware into web traffic
The flaws were uncovered by a security researcher
however it doesn’t mean they have been exploited by attackers.
Arris said it was verifying the finding and it will take any required action to protect subscribers who use its routers.
If you have an Arris branded router keep an eye on the company’s support web page: http://www.arris.com/support/
711 million emails found in ‘largest’ spambot
- The spambot is sending out ‘fingerprinting’ spam emails that identify operating systems vulnerable to Ursnif.
- When these are identified it sends out a second batch of a few thousand targeted emails that are loaded with malware.
- These emails often come days or even weeks after the initial spam mails and typically masquerade as invoices from delivery services, hotels, or insurance companies.
The email addresses are now on the Have I Been Pwned
This website can be used to discover whether your email address has been discovered in a data breach.
If any of your email addresses appear on this website as being ‘pwned’ be sure to change your password to minimum 10 characters with a combination of upper and lower case letters, symbols and numbers.