The cybersecurity incident reported by Equifax on Friday (September 7) is likely the highest-impact breach yet recorded, according to a leading researcher in the field.
“Imagine a hurricane that affected half the population of the United States. We’re approaching 50% of the US population being impacted by this breach,” says Dr. Jason M. Pittman, a professor in Capitol Technology University’s cybersecurity program.
Up to 143 million Americans may have had personal data exposed in the breach, Equifax has indicated. According to the company, criminals were able to access personal information such as names, social security numbers, birthdates, addresses and driver’s license numbers. Credit card numbers for around 209,000 consumers were likely stolen.
"The people’s identities that are in that data set are severely impacted,” Pittman said. “You’re looking at long-term extensions of identity theft. Stolen identities aren’t going to be used now -- they are going to be used in a year. That’s typical of how the criminal element works with such data."
Identity theft can have more power to harm than theft of credit card data, he said. While credit card companies and individuals can act quickly to cancel stolen cards and halt purchases, identity information is permanent.
"A credit card number, I just change it. Little impact on me. With a social security number, birthdate and name, we’re talking about a person’s biological identity," Pittman said. "Is the federal government going to change 150 million social security numbers? The potential for long-term damage is extreme."
Pittman and his colleagues in Capitol’s cybersecurity program are working to train and educate a corps of professionals to help meet the grave challenges posed by incidents such as the Equifax breach. The university was the first in the nation to launch a doctoral degree in the field, and also offers degrees at the master’s and undergraduate levels. Capitol is a Department of Homeland Security and National Security Agency designated Center for Academic Excellence (CAE) in cybersecurity education.
Demand for well-trained cybersecurity professionals has “never been greater,” according to the chair of Capitol’s program, Dr. William Butler.
"We’re doing our part to address the skills gap by keeping our cybersecurity curriculum updated and aligned with the emerging threat horizon," Butler said.