Cybersecurity Incident & Important Consumer Information

 

No Evidence of Unauthorized Access to Core Consumer or Commercial Credit Reporting Databases

Company to Offer Free Identity Theft Protection and Credit File Monitoring to All U.S. Consumers

September 7, 2017 — Equifax Inc. (NYSE: EFX) today announced a cybersecurity incident potentially impacting approximately 143 million U.S. consumers. Criminals exploited a U.S. website application vulnerability to gain access to certain files. Based on the company’s investigation, the unauthorized access occurred from mid-May through July 2017. The company has found no evidence of unauthorized activity on Equifax’s core consumer or commercial credit reporting databases.

The information accessed primarily includes names, Social Security numbers, birth dates, addresses and, in some instances, driver’s license numbers. In addition, credit card numbers for approximately 209,000 U.S. consumers, and certain dispute documents with personal identifying information for approximately 182,000 U.S. consumers, were accessed. As part of its investigation of this application vulnerability, Equifax also identified unauthorized access to limited personal information for certain UK and Canadian residents. Equifax will work with UK and Canadian regulators to determine appropriate next steps. The company has found no evidence that personal information of consumers in any other country has been impacted.

Equifax discovered the unauthorized access on July 29 of this year and acted immediately to stop the intrusion. The company promptly engaged a leading, independent cybersecurity firm that has been conducting a comprehensive forensic review to determine the scope of the intrusion, including the specific data impacted. Equifax also reported the criminal access to law enforcement and continues to work with authorities. While the company’s investigation is substantially complete, it remains ongoing and is expected to be completed in the coming weeks.“This is clearly a disappointing event for our company, and one that strikes at the heart of who we are and what we do. I apologize to consumers and our business customers for the concern and frustration this causes,” said Chairman and Chief Executive Officer, Richard F. Smith. “We pride ourselves on being a leader in managing and protecting data, and we are conducting a thorough review of our overall security operations. We also are focused on consumer protection and have developed a comprehensive portfolio of services to support all U.S. consumers, regardless of whether they were impacted by this incident.”

Equifax has established a dedicated website, www.equifaxsecurity2017.com, to help consumers determine if their information has been potentially impacted and to sign up for credit file monitoring and identity theft protection. The offering, called TrustedID Premier, includes 3-Bureau credit monitoring of Equifax, Experian and TransUnion credit reports; copies of Equifax credit reports; the ability to lock and unlock Equifax credit reports; identity theft insurance; and Internet scanning for Social Security numbers – all complimentary to U.S. consumers for one year. The website also provides additional information on steps consumers can take to protect their personal information. Equifax recommends that consumers with additional questions visit www.equifaxsecurity2017.com or contact a dedicated call center at 866-447-7559, which the company set up to assist consumers. The call center is open every day (including weekends) from 7:00 a.m. – 1:00 a.m. Eastern time.

In addition to the website, Equifax will send direct mail notices to consumers whose credit card numbers or dispute documents with personal identifying information were impacted. Equifax also is in the process of contacting U.S. state and federal regulators and has sent written notifications to all U.S. state attorneys general, which includes Equifax contact information for regulator inquiries.

Equifax has engaged a leading, independent cybersecurity firm to conduct an assessment and provide recommendations on steps that can be taken to help prevent this type of incident from happening again.

CEO Smith said, “I’ve told our entire team that our goal can’t be simply to fix the problem and move on. Confronting cybersecurity risks is a daily fight. While we’ve made significant investments in data security, we recognize we must do more. And we will.”

About Equifax

Equifax is a global information solutions company that uses trusted unique data, innovative analytics, technology and industry expertise to power organizations and individuals around the world by transforming knowledge into insights that help make more informed business and personal decisions.

Headquartered in Atlanta, Ga., Equifax operates or has investments in 24 countries in North America, Central and South America, Europe and the Asia Pacific region. It is a member of Standard & Poor’s (S&P) 500® Index, and its common stock is traded on the New York Stock Exchange (NYSE) under the symbol EFX. Equifax employs approximately 9,900 employees worldwide.

Forward-Looking Statements

This release contains forward-looking statements and forward-looking information. These statements can be identified by expressions of belief, expectation or intention, as well as estimates and statements that are not historical fact. These statements are based on certain factors and assumptions with respect to the investigation of the cybersecurity incident to date. While the company believes these factors and assumptions to be reasonable based on information currently available, they may prove to be incorrect.

Several factors could cause actual results to differ materially from those expressed or implied in the forward-looking statements, including, but not limited to, the final results of the investigation, including the final scope of the intrusion, the type of information accessed and the number of consumers impacted. A summary of additional risks and uncertainties can be found in our Annual Report on Form 10-K for the year ended December 31, 2016, including without limitation under the captions “Item 1. Business — Governmental Regulation” and “– Forward-Looking Statements” and “Item 1A. Risk Factors,” and in our other filings with the U.S. Securities and Exchange Commission. Forward-looking statements are given only as at the date of this release and the company disclaims any obligation to update or revise the forward-looking statements, whether as a result of new information, future events or otherwise, except as required by law.

Contacts:

Ines Gutzmer
Corporate Communications
mediainquiries@equifax.com
404-885-8555

ABS new office rendering

Louisville Business First Highlights ABS’ New Development

As covered recently in Louisville Business First, ABS has its eyes set on a new and exciting development in the Clifton neighborhood. The plans for the estimated $3M project would be a huge step forward in terms of growing the ABS team, and continuing a mission of proving top-notch quality service for customers.

The attached photo shows plans for the project’s 30,000 square foot exterior located at Payne and Charlton streets. The interior space will come complete with a kitchen, conference room, and workout facility along with light commercial and office space.

ABS is excited and motivated for the future of the company and the positive impact this development should have for those we serve each and every day in the business world. Stay tuned for more updates to come regarding the future of ABS—we’re certainly eager to share what’s on the horizon!

For full article, visit: https://www.bizjournals.com/louisville/news/2017/07/07/louisville-it-firm-proposes-3m-clifton-development.html (Subscription Required)

Petya Virus

Another Battle in the War of Cybersecurity

The Petya Virus is the newest cyber attack circling the globe and experts believe it to be even more dangerous than other recent threats. The Petya Virus first originated in Ukraine and was thought to be ransomware, but has been discovered to be something much worse. When the attack hits, a message appears on a user’s computer monitor stating that their data is being held until they pay a fee of about $300. In return the user receives a digital key that they are assured will unlock their data. However, unless the user has a recent backup of their data they are often forced to pay the price or lose their files.

This process describes a typical ransomware attack, but as mentioned before there is something different about the Petya Virus. Matt Suiche, founder of the cyber security firm Comae, analyzed the virus and came to the conclusion that the virus is a “wiper.” This means that Petya completely destroys the computer’s hard drive and a victim of the attack will not receive their data back even after electing to pay the fee.

There are speculations that the hackers behind the Petya Virus are not a group of cyber thieves looking to make money, but potentially a national state looking to cause harm on other states and nations. Over 60% of attacks occurred in the Ukraine, but the other 40% spread across the globe to the United States, Asia and other parts of Europe. Constant cyber attacks, especially one as destructive as Petya, are causing concern among nations across the world.

The rise in cyber attacks makes it even more imperative that users are constantly updating their tech systems with the latest software and security. To learn more about the importance of updates, read ABS’s recent blog, Protect Your Devices with Routine Updates

With security breaches on the rise, it is imperative for all companies to have a backup and recovery plan in place. Read more about disaster recovery and ways to protect your crucial data here, Back up and Disaster Recovery

We understand that ransomware and security can be a complicated topic, but we are here for you. If you have questions or concerns about the security of your IT, contact ABS. We can find the right solution for your needs.

Microsoft Releases Security Patch due to Looming Threats

Could last month’s WannaCry Ransomware attacks be considered a “warning shot” in the war of cybersecurity? Microsoft seems to think so.

On June 13, 2017 Microsoft released new security patches with the purpose of protecting computers from the “elevated risk for destructive cyberattacks.” The looming threat is so imminent that Microsoft not only sent out the update to supported versions of Windows, but toWindows XP and Windows Server 2003 as well. This is especially notable because these two operating systems are no longer under support of Microsoft, yet received downloadable protection anyways.

It is currently unknown if Microsoft has a confirmed suspicion of an upcoming attack from government officials or security researchers. But it seems this patch is more than just a routine security update. Eric Doerr, general manager of the Microsoft Security Response Center, states that security updates “address vulnerabilities that are at [heightened] risk of exploitation due to past nation-state activity and disclosures.” This means it is likely Microsoft has received some type of warning of future strikes.

As the battle of of cybersecurity continues forward, it is important to protect yourself and your computer with all the shields possible. So keep on the lookout for critical updates to assure software safety.

Protect Your Devices with Routine Updates

If you have a smartphone, computer, or just about any other tech device, you’re all too familiar with push notifications or messages prompting you to update. And whether the update is needed for adding features, fixing bugs, or larger scale program and security improvements, studies from Pew Research Center among others show that nearly 50% of people choose to delay updates simply because it’s not “convenient” in that moment.

We get it. Maybe you’re working quickly to meet a deadline, send an email, or just want to finish that video you’re watching on your phone. Regardless, the last thing you want to do is stop what you’re doing and wait for that time-consuming update to run its course. If you’ve experienced this, you’re probably more likely to select the “remind me later” option rather than “update now”, without much debate.

While lack of convenience or bad timing has a lot to do with why we choose to delay or ignore updates altogether, it’s becoming crucial now more than ever that we break that cycle. Whether you realize it or not, ransomware strikes are causing even the larger players in the tech world to rethink security. From Apple, Microsoft, and their competitors, no one is immune to a cyber attack. And with ransomware and cyber security breaches on the rise these days, yearly software and security updates just don’t cut it anymore.

We can only do our very best to put the right systems and practices in place to stay ahead of malicious activity, and ultimately, keep our data secure. So, next time you get interrupted with that update reminder, take a second to ask yourself, “Can I spare some time?”

Have questions about updates? ABS can help. Our trained team of IT professionals know what to look for when updating your devices and work systems, and will get you on your way to working as safely and efficiently as possible.

Disclaimer: If you’re a BYOD company, be sure to ask before updating on your own. Your company may have specified rules, restrictions, & policies in place.

Netshape Technologies Logo

SUCCESS STORY: NetShape Technologies Partners with ABS for Data Center Migration and SAN Consolidation

When NetShape Technologies (http://www.netshapetech.com/), a global manufacturer and metal components supplier with sites located in North America, Asia and Europe, needed to move their data center, they came to ABS for help. The complex project involved relocating their hardware from Louisville to Chicago as well as implementing and configuring a new Storage Area Network (SAN)—and a smooth transition was crucial to NetShape’s operations.

“These are the kinds of high-level coordination and integration projects that many ABS clients aren’t aware we provide,” said Jeff Hall, ABS’s Sales Director. “But as evidenced here, not only do we offer these services, we excel at them.”

Roy Hayes, Systems Administrator for NetShape, would agree. “The help that ABS provided has been incredible,” he said. “We had planned to be down for three days and there was doubt if it could actually be done on a three-day holiday weekend. But the ABS team was able to make it happen in one day. We really appreciate the time they put into this project to make it a success.”

Patty Burkland, CFO at NetShape, added, “Many hours went into planning this move to ensure it would go smoothly and the results speak for themselves. The ABS team provided invaluable assistance and we truly appreciate the partnership.”

The NetShape project is a prime example of ABS’s ability to deliver on time and on budget, no matter the expectations. It’s also proof positive of our commitment to accomplishing each project’s technical goals while also helping our clients achieve their larger business goals by ensuring they receive the full benefit of our wide-ranging expertise and knowledge.

Whatever the project, whenever the deadline—even on holidays—ABS has IT covered.

Intel logo

Intel’s Latest Security Issue: Your PC May Be at Risk

There has been a recent discovery of a security problem with a portion of Intel’s firmware. The

issue allows hackers to forgo authentication to receive access to the management side of the PC.

This is a real threat because the bug allows attackers to gain full administrative access and view

private data, which can then be exposed to the public.

 

To learn more, and to read the list of products affected by the bug, read the following article,

published by It News: https://www.itnews.com.au/news/intel-system-management-security-hole-worse-than-feared-460772

 

If you feel you are vulnerable to this attack, call the ABS Help Desk. There you will find a team of

local technicians who are ready and excited to help you. With “The ABS Way” you will receive

personalized and relationship-driven help to get you on your way.

Maryhurst Journey of Hope Luncheon

ABS Attends Maryhurst Journey of Hope Luncheon 2017

The Maryhurst Journey of Hope Luncheon held at The Louisville Marriott Downtown on Friday, May 12, was a great opportunity for guests to become, “the hope our children need.” This annual fundraiser has shaped into a tremendous opportunity for Maryhurst to honor their outstanding alumni and benevolent supporters. At the 2017 luncheon, Maryhurst presented numerous scholarships and honored their Alumna of the Year, Tammy Smith. But, most importantly, the Journey of Hope Luncheon focused on Maryhurst’s vision to imagine communities free of abuse and filled with hope for every child and family.

A few Advanced Business Solutions employees were fortunate enough to attend the Journey of Hope Luncheon. Elizabeth Dallenbach, Beth Mamrak and Meghan Logue felt honored to spend their afternoon learning about and celebrating the accomplishments of Maryhurst. It was especially notable that the women had the opportunity to listen to guest speaker Sadiqa Reynolds, who is the first woman in ninety-five years to hold the position as President and CEO of the Louisville Urban League.

As always, the Journey of Hope Luncheon was an incredible and touching event. It reminded us that it is truly important to take time out of our busy schedules to appreciate the wonderful work that organizations like Maryhurst are doing for our community. We are already looking forward to the event in 2018!

For more information on Maryhurst and the Journey of Hope Luncheon, visit: https://www.maryhurst.org/journey-hope- luncheon-2017/

Google Fiber

What Google Fiber Means for Louisville

You may have heard the recent news that Louisville, KY has been selected as the latest market for the rollout of Google Fiber, a high-speed internet provider to rival Spectrum/Time Warner Cable and AT&T as the big players in the local area. But, what does Google Fiber mean for Louisville? A few things…

First of all, Google is without a doubt a huge name in the internet space, but with its new ties to Louisville, local internet providers now have a level of competition they’ve not faced in our city. Lucky for us, competiton from other players in the industry should result in both lower pricing and better quality service overall. Why? Options. No longer will a customer be faced with feeling as if they need to stay with their current provider even after a poor experience. With nowhere to turn, many customers may have felt “stuck” with their provider, but now that can change. Broadband companies in the area will now feel the pressure of providing high quality service and products or watch their customer base decline as they jump ship to a competitor in the space.

Being in the business, we know how much the services and products these companies charge actually cost to implement and service. A lot of what we come to expect from our local internet providers comes from a lack of challenge or significant threat to their business model.

Google Fiber should certainly be seen as a threat. Their business model is completely different than most internet providers. Why? Because the Google model hasn’t been perverted yet in this space. It’s fresh. It’s different, and for all the right reasons.

Google understands that their stake in this is to drive as many people on the internet using their services as possible, so in turn they will do this as cheaply as they can because they make their money on ads, when people search Google, etc. Their main interest is connecting as many people as they can so that their advertising is worth more money. It’s mutually beneficial, because while a user surfing the web may or may not care about the ads side of things, they are still benefitting from being on the internet using a good quality service.

This is only the beginning. Many believe that the internet is the foundation, the backend, the infrastructure for which everything will be built on moving forward. We’re already seeing that the way people are consuming data and entertainment is moving more and more toward phones, computers, and televisions connected to the internet rather than televisions connected to a cable box.

If Google can position ‘Fiber’ as the physical infrastructure for the future of data and entertainment consumption, using best-in-class technology to provide great service for its customers, it is sure to be a huge success, locally and beyond.

In summary, with Google Fiber coming to Louisville, you can expect more transparency from your provider, faster speeds, higher quality service (even if you choose to stick with your current provider) all because Google has set the bar so high in the competitive space.

Backup & Disaster Recovery: Even More Crucial Today

As technology constantly builds and improves over the years, businesses and people alike are having to adapt and grow along with it. In order to keep up with the fast-pace changes, ABS is constantly upgrading its systems and processes in order to provide top notch tools and solutions for its customers. That’s simply the ABS Way.

So when it comes to backup and disaster recovery, we have a solution and plan to fit properly with an ever-evolving model.

Here’s how it used to work:

In the past, backup and disaster recovery was more about protecting yourself against that .001 percent of a chance that something substantially bad might happen to your business, such as a natural disaster. Your business would want a plan in place for securing your necessary data if your workspace suffered from a flood, fire, theft, or even a major hardware failure. On a day-to-day basis, your backup and disaster recovery may involve something like recovering a file that was deleted, a relatively simple operation. Overall though, you were protecting yourself against threats of a large scale, that thankfully, tended to be a rare event.

Here’s how it works now:

Today, backup and disaster recovery, while continuing to be all of what it was in the past, has now become even more crucial to the day-to-day operation of a business and the protection of its essential data and files.

While you certainly wanted to get your files up and running as quickly as possible after a major catastrophic event to your premise or hardware failure, the natural timeline was much longer back then.

Now, the growing presence of sophisticated hacking schemes like ransomware have IT companies and businesses on their toes daily. Ransomware is a growing scam that can take a number of forms. Essentially, ransomware is spyware or viruses that get on your network, get into your files and encrypt them, holding your files ransom until you pay the hackers their requested dollar amount to release them. This can cause a lot of headaches and financial woes for a company, especially one without the proper backup and disaster recovery plan and system in place to begin with.

The worst part of all? Anyone can, in a matter of seconds, become the latest victim of ransomware. At any moment you or someone at your company could make the mistake of clicking on the wrong file, opening the wrong attachment, or any other method that hackers can find to steal or hold your sensitive data hostage. Ransomware is also becoming more sophisticated. It can often times be nearly impossible to detect once a simple wrong click has begun the process of encrypting your files before you even know that it has happened to you.

We understand that this can be a bit intimidating, but with the right backup and disaster recovery system in place, your business can get back up and running quicker.

In other words, a good backup and disaster recovery solution makes the routine file level recovery operations, that have been around for many years, faster and more efficient. A great solution provides flexibility to recover files from 1 day ago, 1 year ago, and all scenarios in between. While ransomware will unfortunately continue, our customers can rest assured that ABS has recovery options that make it easiere to get their data back quickly and without having to pay a ransom to a criminal. In the event of a distaster of any scale, our job is to get your business back up and running as quickly as possible, while minimizing data loss. Technology is more essential to today’s business environment than ever before, and it’s still growing. It’s much more than convenience. Your business depends on its cooperation and efficiency, daily.

That is why the role that backup & disaster recovery plays now is so crucial. Not only as a means for executing file level backups, but to have methods and solutions in place to adapt to data security problems of tomorrow. With a backup & disaster recovery plan that you can feel confident in, and an IT company like ABS with the right expertise, we’ll work not only to protect you against disaster situations, but every other threat to your business and how it operates daily.

In partnership with industry leading companies like Datto and Veeam, ABS can provide you with not only the most innovative solutions to secure your data, but to provide peace of mind, as well. Need help? Contact us today to learn more.