Canadian Impact of Equifax Data Breach

Cyber Security

By now just about everyone who reads the news knows of the massive Equifax data breach involving a staggering 143 million customer records, including those of companies, individuals and government.  Equifax is a credit reporting agency that stores information such as social security/social insurance numbers, full names, addresses, birth dates and sometimes drivers’ licenses and credit card numbers. 

These records will be sold to cyber criminals, who will use this information for crimes such as identity theft and spear phishing attacks.  Spear phishing attacks are emails appearing to come from a known or trusted sender, targeting a specific organization or individual.  Their aim can be to obtain confidential information, or to trick the target into clicking on a malicious link or email attachment.  This can result in the cyber criminal gaining access to your computer or network for the purpose of stealing credit card or other confidential information and/or to launch a ransomware attack to extort money. 

Equifax was apparently breached in mid-May, 2017, discovered the breach in July and announced it to the world in early September, 2017.  The cause of this data breach was a web application vulnerability which was made publicly known and should have been patched back in March 2017.  In other words, it was entirely avoidable. 

The vast majority of customers affected are in the U.S., however, a limited number of Canadians may have been affected, according to an announcement on the Equifax Canada web site.  They are still working on finding out how many.  According to CBC news, 10,000 Canadian Automobile Association (CAA) subscribers in Canada have been notified that their information was included in the Equifax data breach. 

As for what to do, Equifax states on their web site:

“We recommend that you remain vigilant of incidents of fraud and identity theft by reviewing account statements and monitoring your credit reports. If you believe you are the victim of identity theft, you should contact the proper law enforcement authorities, including local law enforcement.”

Our recommendation is not only to repeat this Equifax warning to your staff (as well as family and friends), but also to ensure that your organization is educated on how to identify malicious emails.  Cyber criminals have many, very clever methods to make their emails seem legitimate and to entice employees to click where they shouldn’t. 

BSC Solutions Group offers a service that will test how vulnerable your organization is to attacks such as ransomware, followed up by on-demand, on-line training videos to keep your staff on their toes.   It’s an affordable service that could save your organization many hours of downtime, lost data, legal liability and more.   Call us today for more information. 

September 19, 2017 6:14:04 PM

Bill Boisvenue

Leave a Reply

Your email address will not be published. Required fields are marked *



Getting your computer network, phones and software applications to work shouldn’t be a monumental project;
yet we constantly hear from frustrated organizations like yours who call us when they’ve finally
had enough of the poor services and excuses from their current IT support firm.

Our offer of a FREE Service ticket is a no-risk way of introducing our services.
Let us diagnose and work on the computer problem of your choice and
find out what over 25 years of service excellence feels like.

Accepting this free offer in no way obligates you to do any further business with us but of course we hope you will!

1. Because our resources are not unlimited, the free service ticket will cover a maximum of 2 hours of remote support for 1 service issue.
2. Since customers who are the best fit for our services have a minimum of 10 computers, this free offer only applies to organizations of this size.
3. This offer applies only to organizations who are not already a customer of BSC Solutions Group.

Please fill out this form and a BSC Solutions Group “IT Guardian Angel”
will contact you within 24 hours.