It’s easy to imagine that an incident that was among the most notable security breaches in recent history should make companies pay attention to security however Equifax has a lot of surprise. The most recent is that the www.myequifax com site, on which it invites people who are affected by its security measures to stop freezing and unfreezing their credit, has an extremely weak security. Read the article about www MyEquifax com is yet another security disaster.
Also Visit: Netflix chile costa rica peruspanglervariety
It’s all been documented through security analyst Brian Krebs who discovered the issue during a specific investigation, but while creating an account on the site himself. He discovered it was that “getting an account on www MyEquifax com was simple. It was actually very simple.”
www MyEquifax com
When it comes to credit and banking Identity is an extremely crucial element to establish. This is the reason why, when you visit www MyEquifax com It asks you to provide an email address and then an identification number, followed by your Social Security number and date of birth.
Must Visit: Report robloxanastasiowired – Delaware BPO CALL Scam
A minor issue: SSN and DOB were among the personal information leaked within the Equifax breach, to begin with! It doesn’t even verify whether you are the owner of the email address you provide. It asks some security questions, however, as Krebs says, they are usually public information like the street you reside on or the maiden name of your mother as such, and therefore insignificant for security purposes.
Once you’ve successfully “verified” with this process If you are “verified,” you can request a security freeze of your credit report or defrost it if frozen.
Don’t fret — If you’ve set up an account with a PIN in the past when you set this up but didn’t require it, you don’t have to. Yes, this unsecured website does not specifically require a PIN even though it is necessary to enter a PIN to make the same requests by email or phone. When Krebs approached a company representative regarding this, they replied:
www MyEquifax com is yet another security disaster
We have created an experience that complies with security standards (using multi-factor approach and layered method to confirm the identity of the user) and also reflects specific user comments on how to manage security freezes and alerts on the internet without the need of PIN. The account setup process that involves the creation of an account username and password is based on user inputs as well as other elements to establish, verify and verify that the user’s identity is linked to the person who is using the account every single time.
Also Visit: Orlandobased 25m series abs 50msoderstrom orlando
All of this isn’t factual. Security standards that are as basic as confirmation of email addresses isn’t “embraced,” and multi-factor authentication is a breeze to circumvent.
This is a pity, however it’s at least Equifax isn’t the only one The report suggests that the credit report agencies Transunion as well as Experian have also have methods of getting through PINs. You’d think Equifax after having not been able to secure its systems earlier, would be looking to make its system more secure — even if it was to meet standard requirements would be nice.
Also Visit: 15Minutes4Me: Know all about the test & Who’s The Creator?
As Krebs notes however, it’s your responsibility to establish an account that has your real email address and other information in case you don’t you’re pretty sure everyone with a few points could set it up, and gain the power to freeze and remove your credit.