September 7, 2017 — Equifax Inc. (NYSE: EFX) today announced a cybersecurity incident potentially impacting approximately 143 million U.S. consumers. Criminals exploited a U.S. website application vulnerability to gain access to certain files. Based on the company’s investigation, the unauthorized access occurred from mid-May through July 2017. The company has found no evidence of unauthorized activity on Equifax’s core consumer or commercial credit reporting databases.
The information accessed primarily includes names, Social Security numbers, birth dates, addresses and, in some instances, driver’s license numbers. In addition, credit card numbers for approximately 209,000 U.S. consumers, and certain dispute documents with personal identifying information for approximately 182,000 U.S. consumers, were accessed. As part of its investigation of this application vulnerability, Equifax also identified unauthorized access to limited personal information for certain UK and Canadian residents. Equifax will work with UK and Canadian regulators to determine appropriate next steps. The company has found no evidence that personal information of consumers in any other country has been impacted.
Equifax discovered the unauthorized access on July 29 of this year and acted immediately to stop the intrusion. The company promptly engaged a leading, independent cybersecurity firm that has been conducting a comprehensive forensic review to determine the scope of the intrusion, including the specific data impacted. Equifax also reported the criminal access to law enforcement and continues to work with authorities. While the company’s investigation is substantially complete, it remains ongoing and is expected to be completed in the coming weeks.“This is clearly a disappointing event for our company, and one that strikes at the heart of who we are and what we do. I apologize to consumers and our business customers for the concern and frustration this causes,” said Chairman and Chief Executive Officer, Richard F. Smith. “We pride ourselves on being a leader in managing and protecting data, and we are conducting a thorough review of our overall security operations. We also are focused on consumer protection and have developed a comprehensive portfolio of services to support all U.S. consumers, regardless of whether they were impacted by this incident.”
Equifax has established a dedicated website, www.equifaxsecurity2017.com, to help consumers determine if their information has been potentially impacted and to sign up for credit file monitoring and identity theft protection. The offering, called TrustedID Premier, includes 3-Bureau credit monitoring of Equifax, Experian and TransUnion credit reports; copies of Equifax credit reports; the ability to lock and unlock Equifax credit reports; identity theft insurance; and Internet scanning for Social Security numbers – all complimentary to U.S. consumers for one year. The website also provides additional information on steps consumers can take to protect their personal information. Equifax recommends that consumers with additional questions visit www.equifaxsecurity2017.com or contact a dedicated call center at 866-447-7559, which the company set up to assist consumers. The call center is open every day (including weekends) from 7:00 a.m. – 1:00 a.m. Eastern time.
In addition to the website, Equifax will send direct mail notices to consumers whose credit card numbers or dispute documents with personal identifying information were impacted. Equifax also is in the process of contacting U.S. state and federal regulators and has sent written notifications to all U.S. state attorneys general, which includes Equifax contact information for regulator inquiries.
Equifax has engaged a leading, independent cybersecurity firm to conduct an assessment and provide recommendations on steps that can be taken to help prevent this type of incident from happening again.
CEO Smith said, “I’ve told our entire team that our goal can’t be simply to fix the problem and move on. Confronting cybersecurity risks is a daily fight. While we’ve made significant investments in data security, we recognize we must do more. And we will.”
About Equifax
Equifax is a global information solutions company that uses trusted unique data, innovative analytics, technology and industry expertise to power organizations and individuals around the world by transforming knowledge into insights that help make more informed business and personal decisions.
Headquartered in Atlanta, Ga., Equifax operates or has investments in 24 countries in North America, Central and South America, Europe and the Asia Pacific region. It is a member of Standard & Poor’s (S&P) 500® Index, and its common stock is traded on the New York Stock Exchange (NYSE) under the symbol EFX. Equifax employs approximately 9,900 employees worldwide.
Forward-Looking Statements
This release contains forward-looking statements and forward-looking information. These statements can be identified by expressions of belief, expectation or intention, as well as estimates and statements that are not historical fact. These statements are based on certain factors and assumptions with respect to the investigation of the cybersecurity incident to date. While the company believes these factors and assumptions to be reasonable based on information currently available, they may prove to be incorrect.
Several factors could cause actual results to differ materially from those expressed or implied in the forward-looking statements, including, but not limited to, the final results of the investigation, including the final scope of the intrusion, the type of information accessed and the number of consumers impacted. A summary of additional risks and uncertainties can be found in our Annual Report on Form 10-K for the year ended December 31, 2016, including without limitation under the captions “Item 1. Business — Governmental Regulation” and “– Forward-Looking Statements” and “Item 1A. Risk Factors,” and in our other filings with the U.S. Securities and Exchange Commission. Forward-looking statements are given only as at the date of this release and the company disclaims any obligation to update or revise the forward-looking statements, whether as a result of new information, future events or otherwise, except as required by law.
Contacts:
Ines Gutzmer
Corporate Communications
mediainquiries@equifax.com
404-885-8555
“Your Netflix Account Has Been Suspended”: Phishing Scam To Look Out For
/in News /by abswpadminWhile it’s months since the Netflix phishing scam was first reported, unfortunately, it’s showing no signs of slowing down anytime soon. For those unaware, a popular phishing scam targets Netflix users with an urgent email notifying the user that their account has been suspended and requires immediate action. However, this fake, yet convincing, landing page is just the hacker’s first step toward collecting your sensititve data, sometimes going as far as requiring your social security number, credit card number, and more.
Read the full article from WIRED to learn ways to protect yourself against phishing scams that expose your sensitive data. Have questions? Contact the experts at ABS. We’re more than happy to provide you with the advice and service you need to protect your systems and information, and have the tools and technicians to do the job right to meet your needs.
Accenture the Latest Breach of Client Data
/in News /by abswpadminIn what seems to be a never ending cycle of news headlines surrounding data breaches, Accenture, a giant in the tech and cloud industries, appears to be the latest major company to breach client data. Reported as an accident, the company left four of its AWS S3 buckets open to the public, and ultimately, exposed hundreds of gigabytes of sensitive data.
Unfortunately, this isn’t the first case of major companies exposing sensitive client data in the way that Accenture has most recently. Verizon’s breach of 14 million customers was also reported to be the result of an AWS S3 cloud server misconfiguration.
While the news headlines will sadly continue, there are steps that can be taken to be proactive with the cybersecurity of your business and/or personal data. At ABS, we work with you to find the best solution for your business, install the necessary hardware and software, and provide service when you need it. Give us a call to see how we can protect your data and business before you find yourself in the middle of the latest data breach.
Credit: Healthcare IT News – “Accenture latest to breach client data due to misconfigured AWS server”
Cybersecurity Incident & Important Consumer Information
/in News /by abswpadminNo Evidence of Unauthorized Access to Core Consumer or Commercial Credit Reporting Databases
Company to Offer Free Identity Theft Protection and Credit File Monitoring to All U.S. Consumers
September 7, 2017 — Equifax Inc. (NYSE: EFX) today announced a cybersecurity incident potentially impacting approximately 143 million U.S. consumers. Criminals exploited a U.S. website application vulnerability to gain access to certain files. Based on the company’s investigation, the unauthorized access occurred from mid-May through July 2017. The company has found no evidence of unauthorized activity on Equifax’s core consumer or commercial credit reporting databases.
The information accessed primarily includes names, Social Security numbers, birth dates, addresses and, in some instances, driver’s license numbers. In addition, credit card numbers for approximately 209,000 U.S. consumers, and certain dispute documents with personal identifying information for approximately 182,000 U.S. consumers, were accessed. As part of its investigation of this application vulnerability, Equifax also identified unauthorized access to limited personal information for certain UK and Canadian residents. Equifax will work with UK and Canadian regulators to determine appropriate next steps. The company has found no evidence that personal information of consumers in any other country has been impacted.
Equifax discovered the unauthorized access on July 29 of this year and acted immediately to stop the intrusion. The company promptly engaged a leading, independent cybersecurity firm that has been conducting a comprehensive forensic review to determine the scope of the intrusion, including the specific data impacted. Equifax also reported the criminal access to law enforcement and continues to work with authorities. While the company’s investigation is substantially complete, it remains ongoing and is expected to be completed in the coming weeks.“This is clearly a disappointing event for our company, and one that strikes at the heart of who we are and what we do. I apologize to consumers and our business customers for the concern and frustration this causes,” said Chairman and Chief Executive Officer, Richard F. Smith. “We pride ourselves on being a leader in managing and protecting data, and we are conducting a thorough review of our overall security operations. We also are focused on consumer protection and have developed a comprehensive portfolio of services to support all U.S. consumers, regardless of whether they were impacted by this incident.”
Equifax has established a dedicated website, www.equifaxsecurity2017.com, to help consumers determine if their information has been potentially impacted and to sign up for credit file monitoring and identity theft protection. The offering, called TrustedID Premier, includes 3-Bureau credit monitoring of Equifax, Experian and TransUnion credit reports; copies of Equifax credit reports; the ability to lock and unlock Equifax credit reports; identity theft insurance; and Internet scanning for Social Security numbers – all complimentary to U.S. consumers for one year. The website also provides additional information on steps consumers can take to protect their personal information. Equifax recommends that consumers with additional questions visit www.equifaxsecurity2017.com or contact a dedicated call center at 866-447-7559, which the company set up to assist consumers. The call center is open every day (including weekends) from 7:00 a.m. – 1:00 a.m. Eastern time.
In addition to the website, Equifax will send direct mail notices to consumers whose credit card numbers or dispute documents with personal identifying information were impacted. Equifax also is in the process of contacting U.S. state and federal regulators and has sent written notifications to all U.S. state attorneys general, which includes Equifax contact information for regulator inquiries.
Equifax has engaged a leading, independent cybersecurity firm to conduct an assessment and provide recommendations on steps that can be taken to help prevent this type of incident from happening again.
CEO Smith said, “I’ve told our entire team that our goal can’t be simply to fix the problem and move on. Confronting cybersecurity risks is a daily fight. While we’ve made significant investments in data security, we recognize we must do more. And we will.”
About Equifax
Equifax is a global information solutions company that uses trusted unique data, innovative analytics, technology and industry expertise to power organizations and individuals around the world by transforming knowledge into insights that help make more informed business and personal decisions.
Headquartered in Atlanta, Ga., Equifax operates or has investments in 24 countries in North America, Central and South America, Europe and the Asia Pacific region. It is a member of Standard & Poor’s (S&P) 500® Index, and its common stock is traded on the New York Stock Exchange (NYSE) under the symbol EFX. Equifax employs approximately 9,900 employees worldwide.
Forward-Looking Statements
This release contains forward-looking statements and forward-looking information. These statements can be identified by expressions of belief, expectation or intention, as well as estimates and statements that are not historical fact. These statements are based on certain factors and assumptions with respect to the investigation of the cybersecurity incident to date. While the company believes these factors and assumptions to be reasonable based on information currently available, they may prove to be incorrect.
Several factors could cause actual results to differ materially from those expressed or implied in the forward-looking statements, including, but not limited to, the final results of the investigation, including the final scope of the intrusion, the type of information accessed and the number of consumers impacted. A summary of additional risks and uncertainties can be found in our Annual Report on Form 10-K for the year ended December 31, 2016, including without limitation under the captions “Item 1. Business — Governmental Regulation” and “– Forward-Looking Statements” and “Item 1A. Risk Factors,” and in our other filings with the U.S. Securities and Exchange Commission. Forward-looking statements are given only as at the date of this release and the company disclaims any obligation to update or revise the forward-looking statements, whether as a result of new information, future events or otherwise, except as required by law.
Contacts:
Ines Gutzmer
Corporate Communications
mediainquiries@equifax.com
404-885-8555
Louisville Business First Highlights ABS’ New Development
/in News /by abswpadminAs covered recently in Louisville Business First, ABS has its eyes set on a new and exciting development in the Clifton neighborhood. The plans for the estimated $3M project would be a huge step forward in terms of growing the ABS team, and continuing a mission of proving top-notch quality service for customers.
The attached photo shows plans for the project’s 30,000 square foot exterior located at Payne and Charlton streets. The interior space will come complete with a kitchen, conference room, and workout facility along with light commercial and office space.
ABS is excited and motivated for the future of the company and the positive impact this development should have for those we serve each and every day in the business world. Stay tuned for more updates to come regarding the future of ABS—we’re certainly eager to share what’s on the horizon!
For full article, visit: https://www.bizjournals.com/louisville/news/2017/07/07/louisville-it-firm-proposes-3m-clifton-development.html (Subscription Required)
Another Battle in the War of Cybersecurity
/in News /by abswpadminThe Petya Virus is the newest cyber attack circling the globe and experts believe it to be even more dangerous than other recent threats. The Petya Virus first originated in Ukraine and was thought to be ransomware, but has been discovered to be something much worse. When the attack hits, a message appears on a user’s computer monitor stating that their data is being held until they pay a fee of about $300. In return the user receives a digital key that they are assured will unlock their data. However, unless the user has a recent backup of their data they are often forced to pay the price or lose their files.
This process describes a typical ransomware attack, but as mentioned before there is something different about the Petya Virus. Matt Suiche, founder of the cyber security firm Comae, analyzed the virus and came to the conclusion that the virus is a “wiper.” This means that Petya completely destroys the computer’s hard drive and a victim of the attack will not receive their data back even after electing to pay the fee.
There are speculations that the hackers behind the Petya Virus are not a group of cyber thieves looking to make money, but potentially a national state looking to cause harm on other states and nations. Over 60% of attacks occurred in the Ukraine, but the other 40% spread across the globe to the United States, Asia and other parts of Europe. Constant cyber attacks, especially one as destructive as Petya, are causing concern among nations across the world.
The rise in cyber attacks makes it even more imperative that users are constantly updating their tech systems with the latest software and security. To learn more about the importance of updates, read ABS’s recent blog, Protect Your Devices with Routine Updates
With security breaches on the rise, it is imperative for all companies to have a backup and recovery plan in place. Read more about disaster recovery and ways to protect your crucial data here, Back up and Disaster Recovery
We understand that ransomware and security can be a complicated topic, but we are here for you. If you have questions or concerns about the security of your IT, contact ABS. We can find the right solution for your needs.
Microsoft Releases Security Patch due to Looming Threats
/in News /by abswpadminCould last month’s WannaCry Ransomware attacks be considered a “warning shot” in the war of cybersecurity? Microsoft seems to think so.
On June 13, 2017 Microsoft released new security patches with the purpose of protecting computers from the “elevated risk for destructive cyberattacks.” The looming threat is so imminent that Microsoft not only sent out the update to supported versions of Windows, but toWindows XP and Windows Server 2003 as well. This is especially notable because these two operating systems are no longer under support of Microsoft, yet received downloadable protection anyways.
It is currently unknown if Microsoft has a confirmed suspicion of an upcoming attack from government officials or security researchers. But it seems this patch is more than just a routine security update. Eric Doerr, general manager of the Microsoft Security Response Center, states that security updates “address vulnerabilities that are at [heightened] risk of exploitation due to past nation-state activity and disclosures.” This means it is likely Microsoft has received some type of warning of future strikes.
As the battle of of cybersecurity continues forward, it is important to protect yourself and your computer with all the shields possible. So keep on the lookout for critical updates to assure software safety.
Protect Your Devices with Routine Updates
/in News /by abswpadminIf you have a smartphone, computer, or just about any other tech device, you’re all too familiar with push notifications or messages prompting you to update. And whether the update is needed for adding features, fixing bugs, or larger scale program and security improvements, studies from Pew Research Center among others show that nearly 50% of people choose to delay updates simply because it’s not “convenient” in that moment.
We get it. Maybe you’re working quickly to meet a deadline, send an email, or just want to finish that video you’re watching on your phone. Regardless, the last thing you want to do is stop what you’re doing and wait for that time-consuming update to run its course. If you’ve experienced this, you’re probably more likely to select the “remind me later” option rather than “update now”, without much debate.
While lack of convenience or bad timing has a lot to do with why we choose to delay or ignore updates altogether, it’s becoming crucial now more than ever that we break that cycle. Whether you realize it or not, ransomware strikes are causing even the larger players in the tech world to rethink security. From Apple, Microsoft, and their competitors, no one is immune to a cyber attack. And with ransomware and cyber security breaches on the rise these days, yearly software and security updates just don’t cut it anymore.
We can only do our very best to put the right systems and practices in place to stay ahead of malicious activity, and ultimately, keep our data secure. So, next time you get interrupted with that update reminder, take a second to ask yourself, “Can I spare some time?”
Have questions about updates? ABS can help. Our trained team of IT professionals know what to look for when updating your devices and work systems, and will get you on your way to working as safely and efficiently as possible.
Disclaimer: If you’re a BYOD company, be sure to ask before updating on your own. Your company may have specified rules, restrictions, & policies in place.
SUCCESS STORY: NetShape Technologies Partners with ABS for Data Center Migration and SAN Consolidation
/in News /by abswpadminWhen NetShape Technologies (http://www.netshapetech.com/), a global manufacturer and metal components supplier with sites located in North America, Asia and Europe, needed to move their data center, they came to ABS for help. The complex project involved relocating their hardware from Louisville to Chicago as well as implementing and configuring a new Storage Area Network (SAN)—and a smooth transition was crucial to NetShape’s operations.
“These are the kinds of high-level coordination and integration projects that many ABS clients aren’t aware we provide,” said Jeff Hall, ABS’s Sales Director. “But as evidenced here, not only do we offer these services, we excel at them.”
Roy Hayes, Systems Administrator for NetShape, would agree. “The help that ABS provided has been incredible,” he said. “We had planned to be down for three days and there was doubt if it could actually be done on a three-day holiday weekend. But the ABS team was able to make it happen in one day. We really appreciate the time they put into this project to make it a success.”
Patty Burkland, CFO at NetShape, added, “Many hours went into planning this move to ensure it would go smoothly and the results speak for themselves. The ABS team provided invaluable assistance and we truly appreciate the partnership.”
The NetShape project is a prime example of ABS’s ability to deliver on time and on budget, no matter the expectations. It’s also proof positive of our commitment to accomplishing each project’s technical goals while also helping our clients achieve their larger business goals by ensuring they receive the full benefit of our wide-ranging expertise and knowledge.
Whatever the project, whenever the deadline—even on holidays—ABS has IT covered.
Intel’s Latest Security Issue: Your PC May Be at Risk
/in News /by abswpadminThere has been a recent discovery of a security problem with a portion of Intel’s firmware. The
issue allows hackers to forgo authentication to receive access to the management side of the PC.
This is a real threat because the bug allows attackers to gain full administrative access and view
private data, which can then be exposed to the public.
To learn more, and to read the list of products affected by the bug, read the following article,
published by It News: https://www.itnews.com.au/news/intel-system-management-security-hole-worse-than-feared-460772
If you feel you are vulnerable to this attack, call the ABS Help Desk. There you will find a team of
local technicians who are ready and excited to help you. With “The ABS Way” you will receive
personalized and relationship-driven help to get you on your way.
ABS Attends Maryhurst Journey of Hope Luncheon 2017
/in News /by abswpadminThe Maryhurst Journey of Hope Luncheon held at The Louisville Marriott Downtown on Friday, May 12, was a great opportunity for guests to become, “the hope our children need.” This annual fundraiser has shaped into a tremendous opportunity for Maryhurst to honor their outstanding alumni and benevolent supporters. At the 2017 luncheon, Maryhurst presented numerous scholarships and honored their Alumna of the Year, Tammy Smith. But, most importantly, the Journey of Hope Luncheon focused on Maryhurst’s vision to imagine communities free of abuse and filled with hope for every child and family.
A few Advanced Business Solutions employees were fortunate enough to attend the Journey of Hope Luncheon. Elizabeth Dallenbach, Beth Mamrak and Meghan Logue felt honored to spend their afternoon learning about and celebrating the accomplishments of Maryhurst. It was especially notable that the women had the opportunity to listen to guest speaker Sadiqa Reynolds, who is the first woman in ninety-five years to hold the position as President and CEO of the Louisville Urban League.
As always, the Journey of Hope Luncheon was an incredible and touching event. It reminded us that it is truly important to take time out of our busy schedules to appreciate the wonderful work that organizations like Maryhurst are doing for our community. We are already looking forward to the event in 2018!
For more information on Maryhurst and the Journey of Hope Luncheon, visit: https://www.maryhurst.org/journey-hope- luncheon-2017/