Alleged hackers of the credit reporting agency Equifax are demanding a $2.3 million ransom in bitcoins.
The Equifax Hack
On September 7, 2017, news broke that the credit report agency Equifax was the victim of a major data leak. According to reports, hackers were able to access highly sensitive information like social security numbers, credit card numbers, and other personal data of 143 million US citizens. Experts suggest that the Equifax leak is among the largest in US history and the biggest known leak in 2017 so far. According to regulatory filings, executives of Equifax sold shares worth $1.8 million three days before the breach was publicly known.
Hackers Demand 600 BTC Ransom
According to Mashable, a deep web site has emerged that is selling the sensitive information of Equifax for 600 BTC or approximately $2.5 million at the time of this writing. The alleged Equifax hackers issued the following statement and ransom demand:
We are two people trying to solve our lives and those of our families. We did not expect to get as much information as we did, nor do we want to affect any citizen. But we need to monetize the information as soon as possible. Every day that passes is worth less, and the limit will be on September 15th. That day all the information except the credit cards will be published. It’s a necessary damage for companies like Equifax to learn. If up to day 15 they pay the requested amount all the information and all the backups will be deleted. Our word may seem insufficient but we do not gain anything by posting personal information if it is not absolutely necessary.
The hackers are demanding a hefty ransom until September 15, or else they will publicly release all sensitive information that they currently possess. There is currently no proof that site operators are actually the ones that hacked Equifax.
Preventing Future Data Leaks
Hacks of centralized databases (#Equifax) are inevitable. Decentralization of personal identity information storage is the only way forward!
— Vinny Lingham (@VinnyLingham) September 8, 2017
There is a clear risk that centralized services that store so much sensitive information might also become future victims of similar attacks. Decentralized services like Civic, offer identity verification based on blockchain technology.
The benefit of such decentralized services is the fact that they don’t store sensitive information on centralized servers. Instead, the data is stored and encrypted on a public blockchain – a data storage method far less prone to hacks and leaks than traditional storage protocols.
What are your thoughts on the hackers motives? Do you think that Equifax should pay the ransom? Let us know in the comments below!
Images courtesy of Pixabay