Skip to content
Naked Security Naked Security

Learning from the Equifax breach [VIDEO]

Equifax - what we know, what we can do now, and what happens next...

We know you’ve probably heard about the Equifax breach many times already, and read all sorts of advice about it, but we also know that many of you – especially outside America – still aren’t quite sure what it all means and what to do.

Paul Ducklin and Mark Stockley can help you with that!

Rather than writing a pre-prepared list of answers, they went live online to take your questions and help you figure out what we should be doing about breaches of this sort.

For example:

  • What is Equifax, and how do you even know if you’re a customer?
  • What happened here, and how could you stop it happening in your company?
  • How did Equifax respond, and was there a better way they could have dealt with it?
  • What should we do now?
  • Would GDPR have made any difference, if this had happened a year from now in Europe?

Watch now…

(Can’t see the video directly above this line? Watch on Facebook instead.)


This site can’t be reached’s server DNS address could not be found.


Hmm. Turns out You have to put www DOT freeze DOT equifax DOT com.

Sorry about that.


Yes, I figured that out too.

Here’s another question for you: In the US, there are three credit organizations, Equinox, Experian, and TransUnion. What’s to stop a bad guy from taking my PII and abusing it with some agency that does its checking with Experian or TransUnion? Wouldn’t you have to freeze your information at all three places?


For those of us who have things like deafness to contend with (and an immense distaste for videos), would you all PLEASE DO SOMETHING AND PRINT INFORMATIONAL CONTENTS AS WELL AS PRESENT THEM IN ‘LIVE’ FORMAT. You could as well note that the average rate of comprehension and retention ‘live’ is about 30-40% as compared to 60% + reading with attention and without the (inherent) distractions of a video presentation itself. Yes, this says quite a lot about traditional teaching methods. It’s only been known since I was a child in the 50s or just possibly a bit earlier, so give everyone time I suppose.


Information about the Equifax data breach is available at the URL below (and linked from the first sentence in the article above). We’re updating it as more information comes to light and have been since about a day before we filmed the video.

Our audience is large, diverse and doesn’t exist in one channel, so neither do we. Different people like to consume information in different formats and in different contexts.

The bulk of information we make available is in written articles on this site but we also produce podcasts and videos because they allow us and our readers, viewers and listeners to explore topics in different ways. What we like abut the Facebook Live format is that it allows viewers to ask us questions directly. Having written about the breach on Thursday evening we thought we would make ourselves available for a Q&A on the Friday.


If you look back through Naked Security, you’ll notice that videos make up something like 1% to 2% of what we publish, and that when we produce a video that deals with an important “current affairs” topic, we never produce a video only. We write an article (or, as in the Equifax case, multiple articles) *and* do a video.

I accept that you find the videos usless because you can’t hear them. But have you stopped to think about people whose vision isn’t great, who need to use screen reader software that makes printed articles a time-consuming hassle to read word by giant magnified word? Maybe they find our videos a welcome variation on the written form because they can just sit back and listen?

Spoken and written English are essentially two different languages, and different people enjoy them differently. We publish both ways, because we can, and because many people like the choice. Simple as that.


No sound with the video.


Works for me. I’ve tested it from numerous OSes/devices. When you start the video, check the loudspeaker icon in the bottom right of the video player window – it can be turned off indepdently of your computer’s sound settings. If the speaker has a little X next to it, try clicking it and the sound should turn on.


What video? And as far as feckBook goes, no effin’ way.


Strange question to ask, “What video?” After all, you have obviously figured out where it is – it’s hosted on Facebook (inevitably, because it was done as a Facebook Live). I’d hazard a guess that if you can’t see it, then it’s invisible because you have a content blocker like NoScript running. That’s why we put the in little grey bar saying, “Can’t see the video above this line?”

As for swearing at Facebook as if the company were going to bleed your privacy just for watching a video, and thus implicitly criticising us for daring to have truck with The Zuck…well, you can watch Facebook videos without having an account (or without logging in if you do have one).

Lots of our community do have Faceook accounts; lots of them enjoy Facebook Live; lots of them enjoy videos in addition to written articles…

…yet you seem to be suggesting to everyone that they are putting themselves at some sort of risk by watching this video.

So I think you need to offer some evidence or explanation for why you feel so strongly. It might simply be that you don’t like Facebook and want to keep your clicks away from them, but I think you owe us an explanation so we can see if there really is a technical or practical risk for us to continue using Facebook Live. I simply can’t see that there is a risk, and that it’s an acceptable social media platform for us to embrace.


I’ve never had a Facebook account but I WAS able to watch the video. I use the uBlock Origin blocker and it did not interfere.

Curiously, when I started the video, the audio default was set to Mute on the player (not my computer). This is unusual and took me several seconds to figure out, after which I reset the video to the beginning. Maybe next time you could set the default to On instead of Mute.


Leave a Reply

Your email address will not be published. Required fields are marked *

Subscribe to get the latest updates in your inbox.
Which categories are you interested in?
You’re now subscribed!