Report on the Equifax Data Breach of 2017: A Comprehensive Analysis

Verified

Added on 2023/04/26

AI Summary

This report provides a comprehensive analysis of the Equifax data breach of 2017, a significant security incident that exposed the personal data of millions of individuals. The report details the overview of the attack, including the timeline and the extent of the data compromised, which included names, dates of birth, social security numbers, and credit card details. It further discusses the impacts of the breach on affected individuals and the organization, highlighting the long-lasting effects and the challenges faced by consumers. A significant portion of the report is dedicated to the financial impact of the breach on Equifax, including the costs associated with investigations, settlements, and the implementation of enhanced security measures. The report concludes with recommendations for preventing future data breaches, such as implementing credit freezes, fraud alerts, and utilizing credit monitoring services, emphasizing the importance of robust security strategies and policies to safeguard data assets.

Running head: EQUIFAX DATA BREACH OF 2017
Equifax Data Breach of 2017
Name of the Student
Name of the University
Author’s note

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

1EQUIFAX DATA BREACH OF 2017
Executive Summary
This report is based on the discussion about the Equifax data breach that had occurred in 2017.
The security breach had been considered as the most important breach and had leaked the vital
information of employees. This report discusses about the overview of the attack and discusses
the major consequences of the attack. The impacts of the data breach have also been taken into
consideration. Based on the data breach, the financial impacts of the breach on the organisation
have been considered. Based on the discussion within this research, the conclusions and
recommendations have also been provided within the report.

2EQUIFAX DATA BREACH OF 2017
Table of Contents
1. Introduction..................................................................................................................................2
2. Discussion....................................................................................................................................2
2.1 Overview of the Attack..........................................................................................................2
2.2 Impacts of the Equifax Attack...............................................................................................3
2.3 Financial Impact of the Data Breach.....................................................................................3
3. Conclusion...................................................................................................................................4
4. Recommendation.........................................................................................................................5
References........................................................................................................................................7

3EQUIFAX DATA BREACH OF 2017
1. Introduction
In the year 2017, the hike of data breaches had affected most of the people and
organisations from all over the world. One of the most important data breach is the Equifax data
breach. In the wake of the attack, many people and organisations who came to know about the
attack had taken serious steps for protecting their data from theft (Gressin, 2017). They had
researched about several techniques based on which they have been able to take appropriate kind
of precautionary steps. These kind of data breaches pose a major risk for the people and also for
the majority of business organisations. In this data breach, the personal data of millions of people
such as license numbers, dates of birth, social security numbers and email addresses were
majorly leaked.
2. Discussion
2.1 Overview of the Attack
On May 7, 2017 the executives at Equifax had submitted a statement of record to the
Securities and Exchange Commission. They statement of record had detailed the extent of data
breach within the company. The data breach had affected nearly 143 million people. The data in
the statement had also been shared with the congressional committees based on performing
investigation on the breach.
Equifax had also reported that the names, dates of birth and social security numbers of
143 million US people had been exposed (Mikhed & Vogan, 2018). In some instances, there had
been an additional breach of data of credit card numbers of nearly 209,000 individuals. The
management of the organisation had reported that certain kind of dispute documents that had
been submitted by other consumers had contested in credit reports and had also been exposed.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

4EQUIFAX DATA BREACH OF 2017
2.2 Impacts of the Equifax Attack
The Equifax attack that had reported the names and other details of the persons involved
within the organisation. The data security officials have often warned that the different effects of
the data breach could have long-lasting effects (UK cybersecurity incident update | Equifax UK,
2019). A survey was conducted on the employees within the organisation. Based on the
conducted survey, it was found that the majority of the people who were being surveyed had
reported that they were mostly aware of the breach (Vladeck, 2015). Nearly one-third of the
people involved within the attack had discovered that their information had been severely
compromised.
Investigations within the incident have highlighted the most challenging aspects of the
data breach. One of the most challenging aspect within the data breach is that the consumers did
not have a choice about the inclusion of their data within the system. In the next steps of the data
breach incident, the primary website of Equifax had been displaying debug codes (Omolara et
al., 2018). It has further been discussed that the display of debug codes should never happen
within the server due to several security reasons.
2.3 Financial Impact of the Data Breach
The massive data breach at Equifax had costed an approximate cost at $90 million. This
figure has been estimated by the organisation and the chief financial officer. The total costs of
the data breach that had compromised sensitive data within the organisation that consists of
nearly 147 million people (Bouveret, 2018). Further investigations based on discovering other
kind of impacts to the organisation had costed over $600 million. The overall cost had also
included the costs based on resolving government-based investigations within the incident and
other civil lawsuits.

5EQUIFAX DATA BREACH OF 2017
The different impacts of the data breach on the incident had made a negative impact over
the organisation (Zou et al., 2018). The data breach had incurred a bad reputation to the
organisation. The organisation had thus put focus on implementing different security measures
within the organisation. In addition to the several expenses that had incurred, the earnings of
Equifax group had also been affected (Rasoulian et al., 2017). This was mostly possible due to
customer dissatisfaction after the data breach incident.
Equifax is further forecasting at $60 and $75 million based on spending on the
implementation of security aspects within the organisation (Roderick, 2014). They would
implement the best form of security strategies and would also hire experienced security officials
who would be able to suggest the best form of security measures within the organisation. In
certain reports after the incident, it was seen that Equifax had been involved in the process of
sending different kinds of erroneous notification letters within a small percentage of affected
people (Solove & Citron, 2017). After the breach of data within the agency records, the company
had been reaching to people affected in the breach and had also offered free kind of credit
monitoring and several remediation efforts.
3. Conclusion
Based on the discussion supported, it has been concluded that the incident of data breach
had mostly affected the people and reputation of the organisation. The data breach incident had a
unique scope. It had offered lessons to the business organisation that have been operating in the
economic sector. In the recent times, it has been seen that the major amount of data is stored on
the cloud platform and other forms of electronic systems. This has thus increased the chances of
vulnerability within the system based on potential hacks. The attack on the Equifax systems had

6EQUIFAX DATA BREACH OF 2017
also brought a major impact over the financial systems of the organisation. The reputation of the
organisation had also been put on stake.
Although it would be difficult to prevent the attackers from conducting such attacks, the
inclusion of a proper kind of security strategy would be important and provide impact to the
organisation. Thus it could be concluded that improvement of security standards and policies
would be able to prevent any other kind of data breach and thus ensure security of the data assets
of the organisation.
4. Recommendation
From the conclusions supported in the research, it has been concluded that the impact of
the data breach had been large and many employees and other people were also included within
the scenario. Based on the attack, there could be certain kind of recommendation within the
system at Equifax. There could be certain recommendations for the organisation that should be
followed in order to prevent the concern of the breach.
A credit freeze would be able to freeze the credit report of an individual. The method of
credit freeze would mean that the potential creditors would not be able to access the credit report.
In order to freeze the details of the card, each of the credit reporting companies should be
contacted. The second important strategy that should be implemented is based on placing a fraud
alert on the credit report. This would make it hard for the identity thief to open the account of an
individual.
Different credit monitoring services would also be responsible for the tracking of
important changes within the credit reports. This would also include applications for a new loan
or credit card. These services would monitor the activities and thus alert an individual based on

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

7EQUIFAX DATA BREACH OF 2017
the detection of any kind of suspicious activity. The final recommendation based on protecting
the data of the organisation is based on protection from theft of ID of an individual. The ID theft
protection would be able to provide the monitoring of credit file at more than one credit reporting
agencies. These kind of recommendations would be able to implement the best kind of security
services based on protection of the data assets against the data breach incidents and thus
improving the security of the data of individuals.

8EQUIFAX DATA BREACH OF 2017
References
Bouveret, A. (2018). Cyber risk for the financial sector: a framework for quantitative
assessment. International Monetary Fund.
Gressin, S. (2017). The Equifax data breach: What to do. Federal Trade Commission,
Washington, DC.
Mikhed, V., & Vogan, M. (2018). How data breaches affect consumer credit. Journal of Banking
& Finance, 88, 192-207.
Omolara, A. E., Jantan, A., Abiodun, O. I., Singh, M. M., Anbar, M., & Kemi, D. V. (2018).
State-of-the-art in big data application techniques to financial crime: a survey. Int. J.
Comput. Sci. Network Secur., 18(7), 6-16.
Rasoulian, S., Grégoire, Y., Legoux, R., & Sénécal, S. (2017). Service crisis recovery and firm
performance: insights from information breach announcements. Journal of the Academy
of Marketing Science, 45(6), 789-806.
Roderick, L. (2014). Discipline and power in the digital age: The case of the US consumer data
broker industry. Critical Sociology, 40(5), 729-746.
Solove, D. J., & Citron, D. K. (2017). Risk and Anxiety: A Theory of Data-Breach Harms. Tex.
L. Rev., 96, 737.
UK cybersecurity incident update | Equifax UK. (2019). Retrieved from
https://www.equifax.co.uk/incident
Vladeck, D. C. (2015). Consumer Protection in an Era of Big Data Analytics. Ohio NUL
Rev., 42, 493.

9EQUIFAX DATA BREACH OF 2017
Zou, Y., Mhaidli, A. H., McCall, A., & Schaub, F. (2018, August). I've got nothing to lose:
consumers' risk perceptions and protective actions after the equifax data breach.
In Proceedings of the Fourteenth USENIX Conference on Usable Privacy and
Security (pp. 197-216). USENIX Association.