HARRISBURG, Pa., Sept. 21, 2017 /PRNewswire-USNewswire/ -- Following the recent announcement that hackers had gained access to consumer data from Equifax, one of the three major credit-reporting agencies, Secretary of Banking and Securities Robin L. Wiessmann today advised Pennsylvania businesses to take additional measures to protect their customers' personal and financial data.
The department regularly shares cybersecurity information and resources with businesses it supervises, including banks and credit unions, investment advisers, and consumer lenders. Wiessmann encourages all businesses to review their cybersecurity measures in light of the Equifax breach.
"While our financial services community has long recognized the importance of cybersecurity, it is incumbent on all businesses to stay current with and follow cybersecurity best practices," said Wiessmann. "The Department of Banking and Securities Cybersecurity Task Force provides cybersecurity resources for the business community because we recognize the existential threat that hackers and other online criminals present to businesses."
Wiessmann advises that businesses can take several steps to protect themselves and Pennsylvania consumers, including performing due diligence on contracts they may have with Equifax and other companies that handle confidential customer information. Additionally, Wiessmann advises businesses to ask themselves these basic questions:
- Should our business update our password requirements and expiration procedures? How often do we require our clients to change/update their passwords?
- Does our business require the use of multifactor authentication for accessing sensitive data?
- How does our business verify the identity of clients? Do we have procedures in place to catch obvious warning signs, such as mismatched dates, address discrepancies, and multiple incorrect login attempts?
- Does our business manually verify information, rather than relying solely on electronic documents, which are easier to manipulate?
- How are our employees trained in handling stressful "emergency" calls, so they can expedite assistance without falling into a criminal's trap?
"Even if your business does not conduct financial transactions online, stolen information can be used to impersonate, deceive, and steal, potentially devastating both businesses and individuals" said Wiessmann. "All business leaders must recognize that it is not a question of 'if' their organization will be hacked, but 'when' – if they have not already been targeted."
The department offers online resources that can help businesses and consumers protect themselves from cyberthieves: www.dobs.pa.gov/Businesses/cybersecurity/Pages/default.aspx
The department's Cybersecurity Task Force is focused on providing resources to help maintain the integrity of Pennsylvania's financial services marketplace. Businesses and consumers are invited to connect to the department through Facebook and Twitter, or subscribing to the department's newsletter.
MEDIA CONTACT: Ed Novak, 717-783-4721
SOURCE Pennsylvania Department of Banking and Securities