Credit card fraud unexpected spiked In August, likely tied to the Equifax breach.
Equifax has announced that a data breach between mid-May and July has potentially affected 143 million Americans whose Social Security numbers, driver’s license numbers, birth dates and addresses were compromised, along with credit card numbers of about 209,000 consumers. According to the report, the personal identifying information of approximately 182,000 U.S. customers involved in credit card disputes was also compromised. The breach is one of the worst ever because of its reach and the kind of information that was exposed.
Equifax chairman and CEO Richard F. Smith asserted, “This is clearly a disappointing event for our company and one that strikes at the heart of who we are and what we do.” Equifax has acknowledged that the data breach was discovered on July 29.
In the wake of the breach announcement, fraud perpetrators already appear to be using personal identification data compromised in attempts to commit crimes, according to a New York Post report quoting Liron Damri, co-founder and COO of fraud prevention specialist at Forter. According to Damri, “We saw a 15 percent increase in the overall fraud attempts in our system in August, which is an unusual time of year to see such a spike.” Normally, online fraud surges happen during the holiday season.
Damri explained that the discovery of the Equifax breach could have led to hackers dumping the compromised data in an effort to profit from it. Similar spikes in credit card fraud also occurred in the wake of the 2015 Target breach and the 2014 hack on Home Depot, with each producing a three-month spike in fraud attempts, according to Damri.
The size and scope of the Equifax breach also means that the ripple effect will last much longer – potentially well into 2018. Damri said, “We have never seen such a massive breach as this.”
The Breach and the way it was handled have also prompted action from Washington, as The Washington Post reported. The FTC has announced that it is opening an investigation into the breach, which is an unusual response that magnifies the enormous stakes involved in the event. Peter Kaplan, acting director of public affairs at the FTC, told the Post, “The FTC typically does not comment on ongoing investigations. However, in light of the intense public interest and the potential impact of this matter, I can confirm that FTC staff is investigating the Equifax data breach.”
The Consumer Financial Protection Bureau is also investigating the Equifax response, and leading members of the House Energy and Commerce, Financial Services and Judiciary committees have also called for hearings on the Breach. Such investigations could likely urge Congress to move forward with tighter data privacy legislation to protect consumers against data breaches and require more rigorous and timely reporting of events.
Rep. Ted Lieu (D-Calif.) also told The Post that he is drafting two new bills that would create minimum data security standards for credit reporting agencies, and bar firms from forcing victims of data breaches into arbitration.
“The scale of the breach and the delay before Equifax notified the public are not acceptable and I believe this breach will cause Congress to act,” Lieu said. “The breach exposed several deficiencies in our law.”