Equifax: A Lesson in Password Security.

…and it was a lesson learned the hard way.

Equifax Inc. is the oldest of the three largest American Credit Agencies and is one of the most well-renowned consumer credit reporting agency across the globe. They collect information on over 800 million individual consumers and more than 88 million businesses worldwide.

So, between May and July this year, they were the victim of a cybersecurity breach. Or more accurately, their customers were victims of a cybersecurity breach. Around 143 million American customers to be exact. That’s almost half of the entire population of the US. Then there is the 400,000 to 44 million British and Canadian information that was also compromised. Not good.


“[The Equifax breach] very possibly is the most severe of all for a simple reason: the breath-taking amount of highly sensitive data it handed over to criminals. By providing full names, Social Security numbers, birth dates, addresses, and, in some cases, driver license numbers, it provided most of the information banks, insurance companies, and other businesses use to confirm consumers are who they claim to be.”

— Dan Goodin, Why the Equifax breach is very possibly the worst leak of personal info ever. (Ars Technica, 2017)

So how was the oldest and one of the biggest Credit Agencies in America subject to a data breach?

By not taking simple steps to ensure that proper regulations were put in place; Equifax is now in an embarrassing position in which they’re having to apologize to A LOT of people.

Equifax now has to deal with the fact that thousands of customers’ personal details were made easily accessible. As well as that, they have had 36 US Senators call upon the federal agency to investigate into why 3 of the company executives came to sell almost £1.5 million worth of shares in the 6 weeks interim between the actual breach and the announcement of the breach. Yes, you read that right. It took Equifax 6 weeks to tell the public that their personal details had been accessed. AND the pièce de résistance for Equifax is that they are now potentially being sued for $70 billion – making it the largest class-action lawsuit in US History. All because they used ‘admin’ as their username. And the password? Well, that was ‘admin’ too.

To make matters worse, after the breach, they employed a cybersecurity team to investigate and to help stop this from happening again, and the team found that throughout the company, most workers login’s and passwords, given to them by Equifax, was simply their last name. For both the username and password. Both. Occasionally, their first initial was put into the mix too.

How’re they fixing their mess?

They’re taking steps now to clear up the mess they’ve made, but that doesn’t change the fact that almost a quarter of a million people’s details were made accessible due to negligence. As a result, Equifax created the www.equifaxsecurity2017.com website for U.S. consumers to “see if your personal information is potentially impacted.” Let’s be honest: It looks like a fraud site. It’s frighteningly bare-bones and the URL differs from Equifax’s main site. Some peoples browsers are throwing up phishing warnings due to back-end configuration issues, and Equifax even asks for your social security number to confirm whether it leaked your social security number. What?! How have they still not learned?!

Finally, if you would rather read about how you can prevent being hacked, how to create a much better password than ‘admin’ and how to spot a website that you really shouldn’t be visiting signup to receive our 4 part article on hacking before anyone else by completing our registration form.

This article was written listening to…

Sonny Rollins – God Bless The Child
Louis Armstrong – Hello Dolly
Duke Ellington –  New Orleans Street
Andre Previn – Called on the Account of Rain.

Author: Marie Roberts

Leave a Reply

Notify of

Tell us about yourself

Want to see if we can help? Fill in your details below and let's see what we can achieve together

Our Blog

Explore our blog for impactful resources, insightful articles, and ideas that inspire action.

What is Marketing Automation?

What is Marketing Automation Solution? Marketing automation solution refers to software platforms and technologies designed for marketing departments and organisations to more…

Read article

10 sales lead generation commandments

Sales lead generation We're skipping the intro and getting straight to the point, here are 10 commandments that will make…

Read article

15 Tried-and-Tested Lead Generation Ideas

The whole lead generation process is tough -- especially when you only rely on traditional methods. Sending cold emails and scraping…

Read article

Are you sure?

By disagreeing you will no longer have access to our site and will be logged out.

Privacy Preference Center

Strictly Necessary

Cookies that are necessary for the site to function properly.



These are used to track user interaction and detect potential problems. These help us improve our services by providing analytical data on how users use this site.

_ga, _gat, _gid

Close your account?

Your account will be closed and all data will be permanently deleted and cannot be recovered. Are you sure?