Social security numbers, birthdays and addresses. These were some of the pieces of information that were compromised on July 29 in the Equifax security breach. The credit reporting agency observed suspicious activity on its servers that later lead to a massive security breach, compromising vital pieces of information which are used for everything from obtaining a mortgage to securing a job. On September 7, Equifax announced that over 185,000 records in the U.S. were accessed in the hack, affecting 143 million people.
In recent weeks, Equifax has undergone many leadership changes, and the company has come under fire due to the breach. Two executives retired on September 12, the same day that the company’s CEO, Richard Smith, apologized for the breach in a USA Today article. The turmoil continued when Equifax tweeted out the link to a fake website, securityequifax2017.com, to its followers three times, believing it to be its own. This was announced on September 21, and Smith stepped down five days later.
In the current information age, countless amounts of data are stored on servers trusted by the government. To some extent, American citizens are required to give information to them.
As senior Shaurya Srivastava, a hopeful computer science major, points out, students trust the CollegeBoard and CommonApp with sensitive information, such as addresses and Social Security numbers. Consumers trust Apple, which recently released a new iPhone with facial recognition software. According to Apple, those data are stored in a remote server.
The heightened focus on the storage of data and personal records prompted AP computer science principles teacher Debbie Frazier to sign up for extra monitoring for her home business — just months before the Equifax hack.
“The amount of extra information that I had to provide to them made me really nervous,” Frazier said. “Who’s to say they’re going to keep it secure — this extra stuff about me? And now, look what happened. I thought it was kind of silly, putting all these eggs in one basket. Makes you want to invest in the hollow mattress and shove all your money in there, right?”
According to Frazier, breaches like this aren’t as far outside the realm of possibility as the general public believes: a network is only as secure as its weakest link.
“We are humans and we make lots of mistakes,” Frazier said. “I think a lot of hackers are just looking for those mistakes.”
Srivastava agrees, saying that one small gap in the armor of cybersecurity can lead to the downfall of an entire system.
“If the hacker can manipulate their code to go through that small opening in the code, then they’re able to get all the information,” Srivastava said. “Or a small virus can also do the same thing, breaking the system and then creating more openings for a hacker to get more information.”
Situations like these are becoming increasingly common as people are spending more time with technology. According to CNN, Americans spend an average of 10 hours a day on their screens. As the amount of technology that is used every day increases, so does the amount of information being digitally stored. Information that was collected in the past in the form of paperwork is now collected on data servers, which are not as visible, according to senior Anisha Kollareddy, who also plans on pursuing CS.
“I think a lot of our lives are online and we don’t even realize how much companies are tracking,” Kollareddy said. “Google knows everything about you. It’s kind of creepy, but honestly I’m so used to it that I don’t mind. I don’t think I’ll mind until something bad happens.”
For example, iPhone’s Location Service leads to constant tracking of the position of that phone, which is usually synonymous with the location of its owner. Cars like Tesla’s newest model, the Model S, sense the world around them in order to perform functions. This use of technology is a seemingly confidential way to communicate or store information.
But according to Frazier, even though a large amount of data are stored digitally, this hasn’t necessarily been the only reason for negligence regarding privacy. In many ways, it’s just an outsourced past, like a physical card or paper.
“When I first started working at 13, I carried my social security card around with me in my wallet, so it was with me all the time and anyone could see it if I opened my wallet to show [my] ID or something,” Frazier said. “Then when I went to university, your social security card was your ID number, so you’d use that at the cafeteria to get your food. So you’d tell someone the number or you’d type it in the machine, so it was readily used all the time.”
The difference now may be, as Frazier says, the fact that people are constantly looking for an opportunity to get inside the system. While Kollareddy is wary of the amount of data that are being held in systems, in her opinion, there’s not much that can be done to prevent the use of the data. But, she says, people can start being more safe with their use of the internet by simply being aware of the public nature of their actions.
“I think the main thing is being aware that it’s online, because if you do have something to hide or if someone might be out against you, then you would want to be safer,” Kollareddy said. “It’s important to know that, to be aware of what they can take from you, and make that choice yourself.”
Frazier now wonders what this hack could do to trust in cybersecurity. Equifax is trusted by the government with credit, and now the data agency has experienced a major hack affecting millions. She’s not alone. The Federal Trade Commission is investigating the hack, an investigation that was followed by several congressional committee hearings and that could lead to data privacy legislation from Congress.
“They’re one of the three agencies [along with Experian and TransUnion] trusted with credit, and adults use credit for everything, so it’s going to prevent someone from buying a car, renting an apartment, even getting a job sometimes,” Frazier said. “If we can’t trust one of the three agencies, who can we trust?”
Frazier herself has experienced other issues with her personal accounts being hacked. She and her husband have received three to four letters by her estimate in the past year saying that their credit has been compromised, which was the reason they signed up for more Equifax security in the first place.
However, Frazier believes that breaches like these can be preventable if people stay aware of their surroundings and keep an eye out for potential insecurities around them. One of the most common causes of credit card fraud are readers inside of gas station machines that copy down card numbers. Frazier always checks the exterior before inserting her card, looking for any physical differences that she’s not accustomed to seeing.
“I think [hacks] can be prevented, but I think consumers need to take ownership of the problem too,” Frazier said. “With the right training … you can prevent most of the things that have happened.“
On the other hand, Kollareddy believes the use of data is a fine line, because while there are drawbacks in the form of possible breaches, technology does have its benefits. In Kollareddy’s eyes, the definition of privacy may have changed given how much people share through social media and the sensitive information given to databases, but maybe there’s a reason for it.
“There’s more information [made public] about you,” Kollareddy said. “But it also lets you connect with people more, and I think that’s important, to me at least. You have much more access to information and other people and stronger relationships because of that.”
The question of how to protect data is still up for debate. But awareness might be the first step.