The Equifax Breach Settlement Offer is Real, For Now

Millions of people likely just received an email or snail mail notice saying they’re eligible to claim a class action payment in connection with the 2017 megabreach at consumer credit bureau Equifax. Given the high volume of reader inquiries about this, it seemed worth pointing out that while this particular offer is legit (if paltry), scammers are likely to soon capitalize on public attention to the settlement money. Continue reading The Equifax Breach Settlement Offer is Real, For Now

Intuit to Share Payroll Data from 1.4M Small Businesses With Equifax

Financial services giant Intuit this week informed 1.4 million small businesses using its QuickBooks Online Payroll and Intuit Online Payroll products that their payroll information will be shared with big-three consumer credit bureau Equifax starting later this year unless customers opt out by the end of this month.

Intuit says the change is tied to an “exciting” and “free” new service that will let millions of small business employees get easy access to employment and income verification services when they wish to apply for a loan or line of credit. Continue reading Intuit to Share Payroll Data from 1.4M Small Businesses With Equifax

Bryson Koehler, Equifax CTO, Discusses the Road Ahead in Data Security Infrastructure

Byson Koehler, the Equifax CTO and CISO, delivered the keynote at DevSecOps Days during the 2020 RSAC. Equifax contributed to multiple sessions and panels during the conference. The message was consistent: “Yes, we had a major problem. Here’s what… Continue reading Bryson Koehler, Equifax CTO, Discusses the Road Ahead in Data Security Infrastructure

The “Big Hack” That Actually Happened – Chinese Military Implicated in Equifax Breach

In October 2018, Bloomberg published an article titled “The Big Hack: How China Used a Tiny Chip to Infiltrate U.S. Companies,” that sent shockwaves around the world. The implication – Chinese spies infiltrated nearly 30 U.S. companies… Continue reading The “Big Hack” That Actually Happened – Chinese Military Implicated in Equifax Breach

U.S. Charges 4 Chinese Military Officers in 2017 Equifax Hack

The U.S. Justice Department today unsealed indictments against four Chinese officers of the People’s Liberation Army (PLA) accused of perpetrating the 2017 hack against consumer credit bureau Equifax that led to the theft of personal data on nearly 150 million Americans. DOJ officials said the four men were responsible for carrying out the largest theft of sensitive personal information by state-sponsored hackers ever recorded.  Continue reading U.S. Charges 4 Chinese Military Officers in 2017 Equifax Hack

Equifax Breach: Four Members of Chinese Military Charged with Hacking

Feds have charged four members of the Chinese People’s Liberation Army (PLA) in connection with the infamous 2017 Equifax breach. Continue reading Equifax Breach: Four Members of Chinese Military Charged with Hacking

A Chief Security Concern for Executive Teams

Virtually all companies like to say they take their customers’ privacy and security seriously, make it a top priority, blah blah. But you’d be forgiven if you couldn’t tell this by studying the executive leadership page of each company’s Web site. That… Continue reading A Chief Security Concern for Executive Teams

Scanning for Flaws, Scoring for Security

Is it fair to judge an organization’s information security posture simply by looking at its Internet-facing assets for weaknesses commonly sought after and exploited by attackers, such as outdated software or accidentally exposed data and devices? Fair… Continue reading Scanning for Flaws, Scoring for Security

Equifax Has Chosen Experian. Wait, What?

A year after offering free credit monitoring to all Americans on account of its massive data breach that exposed the personal information of nearly 148 million people, Equifax now says it has chosen to extend the offer by turning to a credit monitoring service offered by a top competitor — Experian. And to do that, it will soon be sharing with Experian contact information that affected consumers gave to Equifax in order to sign up for the service.  Continue reading Equifax Has Chosen Experian. Wait, What?

Experts Urge Rapid Patching of ‘Struts’ Bug

In September 2017, Equifax disclosed that a failure to patch one of its Internet servers against a pervasive software flaw — in a Web component known as Apache Struts — led to a breach that exposed personal data on 147 million Americans. Now security experts are warning that blueprints showing malicious hackers how to exploit a newly-discovered Apache Struts bug are available online, leaving countless organizations in a rush to apply new updates and plug the security hole before attackers can use it to wriggle inside. Continue reading Experts Urge Rapid Patching of ‘Struts’ Bug