It’s been more than a month since Equifax publicly disclosed a data breach that impacted 145.5 million Americans, but many consumers are still questioning if the services offered as a result of the hack will help prevent further threats to personal information.
Cybersecurity experts, including Shaji Khan and Maurice Dawson of the University of Missouri-St. Louis’ information systems department, encourage individuals to consider the credit monitoring and freezing services offered by Equifax and practice basic cybersecurity hygiene.
The UMSL assistant professors joined “St. Louis on the Air” host Don Marsh on St. Louis Public Radio | 90.7 KWMU Monday to discuss these topics as well as additional security measures. The full conversation can be found here.
While there is nothing consumers could have done to avoid being victims of the Equifax breach, there are steps individuals can take to alleviate the negative impacts and learn more about general identity theft protection. A few of Khan’s recommendations are listed below.
- Visit the Equifax security website to check if you have been impacted and enroll in the free one-year TrustID Premier. Even if notifications suggest that you have not been impacted, it is still a good idea to enroll before the January 31 deadline.
- Consider placing a credit freeze if it suits your situation, but only after weighing the pro and cons. The credit freeze must be done through all major credit monitoring agencies – Equifax, Experian and TransUnion – individually. The hold can be lifted or removed at your discretion, but fees may be applied to these transactions.
- An alternative to a full-on freeze is a fraud alert, which allows creditors to obtain copies of your credit report, but they must take steps to verify your identity.
- Be vigilant and watch all credit card and bank statements regularly, and make use of all alerts offered by your financial institution.
- Try to file your taxes early.
- A useful resource to learn more about theft protection is IdentityTheft.gov.
Beyond the fallout from the Equifax breach and the follow-up steps, Khan and Dawson also recommend taking basic cybersecurity measures. These include keeping software up to date, using anti-virus and firewall, taking regular backups on an external hard disk, being wary of downloading files from the internet, using software from official app stores and taking caution when clicking on links.
From a commercial perspective, Dawson notes organizations will never be 100 percent secure, but measures should be in place to mitigate losses when they occur.
“The problem is a lot of organizations feel that security is something that happens at the end rather than security needs to be thought of up front,” he said during the “St. Louis on the Air” interview. “That mentality is always causing problems with organizations.”
Moving forward, Dawson looks toward a stronger push for cybersecurity education from the National Security Agency and Department of Homeland Security. Currently, only 228 higher education institutions, including UMSL, are accredited by the two organizations.
Those interested in continuing the cybersecurity discussion are invited to attend STLCyberCon 2017 on Nov. 17 in the J.C. Penney Conference Center. The regional conference serves as a bridge between industry and academia, bringing together researchers, practitioners, students and community members.