Credit reporting company Equifax suffers old-fashioned data breach

We spend a lot of time focusing on cybersecurity solutions, but it’s important to remember that information security isn’t just about protecting electronic records from hackers – as Equifax has just proven.

Katie Manning from Maine arrived home from work Monday evening to find more than 300 Equifax credit reports, all addressed to her, but belonging to other people. She now has a stack of envelopes containing the names, dates of birth, Social Security numbers, current and previous addresses, and bank and loan account numbers of 300 strangers sat on her kitchen table.

“I checked my credit report the other day online with Equifax and the next thing I know I have 300 pieces of mail sitting in my mail box,” she told local news service CBS 13. “I’m not supposed to have this information. This is unbelievable. Someone has messed up,” she added.

Equifax vice president of corporate communications Tim Klein commented: “This is a high priority. Obviously, this is a serious situation. I’m going to get our security and forensics team involved.”

Equifax is one of the three largest credit agencies in the US – alongside Experian and TransUnion.

Information security is an enterprise-wide concern

A good information security management system (ISMS) covers people and processes as well as technology, and addresses information wherever it’s collected, processed, or stored. ISO 27001, the international standard for best-practice information security, sets out the requirements of an enterprise-wide ISMS that covers the whole organization.

Accredited ISO 27001 registration demonstrates to your customers that you have implemented effective security processes based on international best practices, and regular auditing shows that you maintain the quality of your information security posture. As well as increasing organizational efficiency, the assurance that accredited registration provides helps you gain new business and retain existing customers. Annual registrations to the Standard in the US have increased 36% year-on-year according to the latest ISO figures.

IT Governance ISO 27001 Packaged Solutions

Thanks to IT Governance’s fixed-price ISO 27001 Packaged Solutions, US organizations can take advantage of expert ISO 27001 consultancy to implement an ISO 27001-compliant ISMS for as little as $14,995, and organizations with fewer than 20 members of staff can achieve ISO 27001 registration for as little as $7,650.

With its unique combination of standards, books, toolkits, software, training, and online consultancy, IT Governance’s Get A Lot Of Help package provides US organizations with all they need to implement the Standard and ensure the security of their information.

Don’t give your information away: implement information security best practices today.

ISO 27001 Packaged Solutions

One Response

  1. Fernando Rose March 27, 2015