What the Equifax Hack Taught Us (And Why You Should Be Concerned)
When Equifax first reported their massive hack in September of 2017, they estimated that the personal information of 143-million Americans had been breached, which is nearly half of the U.S population.
"On a scale of 1 to 10 in terms of risk to consumers, this is a 10," said Avivah Litan, a fraud analyst at Gartner in an article for The New York Times.
Why? Because the hack put countless consumers' most-sensitive data in the hands of cyber thieves, including social-security numbers, driver's-license numbers, names, addresses, birth dates, credit-card numbers, and more.
"This is about as bad as it gets," said Pamela Dixon, executive director of the World Privacy Forum, a nonprofit research group, in an article on Yahoo. "If you have a credit report, chances are you may be in this breach. The chances are much better than 50 percent."
"This is about as bad as it gets. If you have a credit report, chances are you may be in this breach. The chances are much better than 50 percent."
But What Exactly Does This Mean to You -- and Your Business?
On a personal level, the Equifax hack may have exposed private data, including your social-security number, to the dark web. But can hackers really do much damage once they obtain that information?
Simply put -- yes.
They can open a credit card, buy a house in your name, take out a car loan, file taxes, steal your tax return, and even claim your kids as dependents.
However, the ramifications go much further than that.
The Equifax hack may have also put your company in danger of a lawsuit.
If you use a verification company that requires social-security numbers in order to provide employment or income history, you've already put your employees' personal information at risk -- and put your company at risk of a liability lawsuit. (Or even multiple lawsuits.)
George LaRocque, principal analyst and founder of HRWins.com, discussed this risk in an article for Human Resource Executive Online. He said:
"If your background check vendor reveals your employee's sensitive background check data to the wrong people, it can lead to harsh negative consequences. Since so much personal data is in a background check, it's a target."
Unsurprisingly, in October of 2017, Equifax revised their estimate of consumers affected in the hack to a staggering 145.5-million people - yet that number is still far from final. In fact, when asked if there is a way to quantify how many people's information had been breached in the hack, John Ulzheimer, a credit expert and former employee at Equifax and credit-score firm FICO, said in an article for USA Today, "There's no way to know, and there may never be a way to know."
Fran Rosch, executive vice president at security software firm Symantec, agrees. He noted, "It can take months and even years before the scammers act on the information."
Brian Krebs, of Krebs on Security, firmly believes that requiring sensitive data for authentication must stop. "The sobering reality is that we have no business using these static identifiers (SSN, DOB, address, previous address, income, mother's maiden name) for authentication," said Krebs. "And yet this practice remains rampant across vast sectors of the American economy today."
VerificationManager: The Only SSN-Free Solution for Employers
Los Angeles Times warns, "After every major breach, lawmakers talk about taking action, but seldom go further than holding a hearing or two. If that happens this time, it won't be long until the next monster breach."
A data breach, like the Equifax hack, is bound to happen again. And when it does, you might find that you are the one held liable for the theft of your employees' social-security numbers.
This exact threat is why VerificationManager was created to be a SSN-free solution.
VerificationManager is the only company that provides secure, automated processing of verification of income (VOI) and verification of employment (VOE) requests without the use of social-security numbers, thanks to a proprietary, patent-pending process.
And our service is completely free for your organization, which means there are no monthly fees, data storage fees, implementation fees, or per-request fees.
- If you currently outsource employment verifications that require the use of social-security numbers, make the switch to VerificationManager now. VerificationManager is the most responsible choice you can make when SSN theft is an ongoing threat.
- If your HR department or payroll staff has been completing verification tasks manually and you've been searching for a solution to this problem, VerificationManager is it. By automating the process for you, VerificationManager saves you time and money.
Keep Your Company Safe With VerificationManager
In a time when cyber attacks are becoming a greater -- and more common -- threat, continuing to outsource verification to companies that require social-security numbers is a growing risk.
After all, as an article on TechCrunch says, "Social-security numbers are a privacy nightmare. While a consumer who gets hacked can replace credit-card numbers and other account details, a social-security number is relatively permanent, linked to a real identity throughout a person's lifespan."
Don't gamble with your business' reputation -- or livelihood -- any longer. Stay one step ahead of hackers and liability lawsuits by completely eliminating the need for social-security numbers with VerificationManager.