In early September, Equifax announced a data breach that had been discovered in late July, potentially exposing personally identifiable information (PII) of 143 million consumers across the U.S., U.K. and Canada
[READ: Equifax and why Identity Protection needs to be destroyed and recreated]
Now, as being reported by KrebsonSecurity, it’s clear that Equifax’s lack of security within one of their subsidiaries have made it almost too easy for hackers and ID thieves to access detailed employment and salary history of impacted individuals.
TALX, an Equifax Security Catastrophe
TALX (pronounced “Talks”) was a subsidiary of Equifax that provided payroll, HR and tax services to employers online, and now operates as Equifax Workforce Solutions as of 2012. One of the popular features of TALX, known as “The Work Number” allows for automated verification of employment and income used for prospective employers.
In May, KrebsonSecurity recounted a security breach announced by TALX to its Work Number service, caused by unauthorized account access by hackers who were able to reset account PINs by successfully answering account security questions. By gaining access to this database, hackers can easily obtain, record and index work and salary histories of the 143 Equifax hack victims announced in September 2017, using the PII that was breached and released during the July 2017 breach.
Impacted by Equifax? Here’s what to do:
If you’ve been impacted by the Equifax breach, we’d recommend following the guide below, or following along via Reddit:
Create a 90-day fraud alert – this will require lenders to contact you before new lines of credit can be opened Create a credit freeze – this lets you restrict access to your credit report, in turn making it difficult for ID thieves to open new accounts in your name Sign up for Abine DeleteMe – DeleteMe removes personal information from public