Equifax discovered the intrusion on July 29, but only 3 months the agency notified customers the incident (on September 7) that occurred between mid-May and late July. The breach affects roughly 143 million U.S. consumers and involves names, social security numbers, dates of birth, addresses and, in some cases, driver’s license numbers, credit card numbers and dispute documents.
Now security experts warn hackers are offering for sale the precious data and warned users to be vigilant on phishing attempts and scams.
The U.S. Federal Trade Commission (FTC) who is investigating the incident issued an alert regarding scam phone calls.
“Ring, ring. “This is Equifax calling to verify your account information.” Stop. Don’t tell them anything. They’re not from Equifax. It’s a scam. Equifax will not call you out of the blue.” states the alert issued by Equifax.
“That’s just one scam you might see after Equifax’s recent data breach. Other calls might try to trick you into giving your personal information.”
Shortly after the Equifax data breach was disclosed, various hackers started offering the data but without demonstrating to possess them.
Many websites appeared on the Tor network, in one case hackers set up a site to blackmail Equifax, they requested the payment of 600 bitcoin (roughly $2.7 million) to avoid the release of all the data, except the credit card numbers.
It was a hoax and once discovered the hackers closed the website.
“Shortly after this breach was made public, a darknet website had popped up claiming to be selling access to the Equifax data. The hackers claim that they did not anticipate receiving such a trove of data, and need to monetize the attack quickly. They state that they will release the entire data set on September 15th, 2017 (one week from the time of the writing). They are asking for 600 BTC, or ~$2.6 million USD.” reported the Weapons Grade Shinanigans.
— Catalin Cimpanu (@campuscodi) September 8, 2017
Recently a group calling itself Equihax started a crowdfunding to collect 600 bitcoin or 8,400 Ethereum to release the precious data, the hackers also offered 1 million data entries for 4 bitcoin ($12,500).
The hackers leaked the records of Donald Trump, Kim Kardashian, and Bill Gates to proof the authenticity of the data and shared many screenshots demonstrating the access to the Equifax system
Also in this case it was a scam and leaked data were already available online, while the screenshots were clearly forged.
It is easy to predict that other scam websites will emerge in the darknet offering the Equifax data.
(Security Affairs – data breach, cybercrime)
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.