Collaborate Disseminate
In another entry for the ‘what were they thinking’ file, a second former Equifax executive has been charged with insider trading in advance of the company’s massive data breach announcement last September. Continue reading Second former Equifax staffer charged with insider trading
Attackers use the approach to look like legitimate traffic and hide data exfiltration in plain sight. Continue reading Financial Services Sector Rife with Hidden Tunnels
In the days following revelations last September that big-three consumer credit bureau Equifax had been hacked and relieved of personal data on nearly 150 million people, many Americans no doubt felt resigned and powerless to control their information. But not Jessamyn West. The 49-year-old librarian from a tiny town in Vermont took Equifax to court. And now she’s celebrating a small but symbolic victory after a small claims court awarded her $600 in damages stemming from the 2017 breach. Continue reading Librarian Sues Equifax Over 2017 Data Breach, Wins $600
Even after the massive data breach allowed hackers to steal the personal information of 148 million Equifax customers, thousands of companies are still using the software that made the breach possible. According to Fortune, Maryland-based cybersecurity firm Sonatype identified as many as 10,801 organizations that have downloaded an old version of Apache Struts — the same free, open-source software that hackers exploited to swipe the names, social security numbers, birthdays, addresses, and other identifiers from Equifax’s databases. Of the organizations that downloaded the vulnerable version of the software, seven of the businesses were Fortune Global 100 tech companies, eight were Fortune Global 100 automakers, and 15 were Fortune Global 100 financial services or insurance firms, according to Fortune. The Apache Software Foundation has released seven patched versions of the software since March 2017. Apache Struts is used as an app building tool, and usually as a framework for online payment systems. […]
The post Over 10,000 companies downloading software vulnerable to Equifax hack appeared first on Cyberscoop.
Continue reading Over 10,000 companies downloading software vulnerable to Equifax hack
Almost 20 percent of Americans froze their credit file with one or more of the big three credit bureaus in the wake of last year’s data breach at Equifax, costing consumers an estimated $1.4 billion, according to a new study. The findings come as lawmakers in Congress are debating legislation that would make credit freezes free in every state.
The figures, commissioned by small business loan provider Fundera and conducted by Wakefield Research, surveyed some 1,000 adults in the U.S. Respondents were asked to self-report how much they spent on the freezes; 32 percent said the freezes cost them $10 or less, but 38 percent said the total cost was $30 or more. The average cost to consumers who froze their credit after the Equifax breach was $23.
A credit freeze blocks potential creditors from being able to view or “pull” your credit file, making it far more difficult for identity thieves to apply for new lines of credit in your name. Continue reading Survey: Americans Spent $1.4B on Credit Freeze Fees in Wake of Equifax Breach
The SEC says that Jun Ying would have lost over $117,000 if he’d waited until after the public disclosure of the breach to sell his stocks. Continue reading Former Equifax exec charged with stock dumping before breach disclosure
A recent consumer survey suggests that half of all Americans still haven’t checked their credit report since the Equifax breach last year exposed the Social Security numbers, dates of birth, addresses and other personal information on nearly 150 million people. If you’re in that fifty percent, please make an effort to remedy that soon.
Credit reports from the three major bureaus — Equifax, Experian and Trans Union — can be obtained online for free at annualcreditreport.com — the only Web site mandated by Congress to serve each American a free credit report every year. Continue reading Checked Your Credit Since the Equifax Hack?
Equifax said that an additional 2.4 million Americans have been impacted by a 2017 data breach, bringing the total of those implicated to around 148 million people. Continue reading Equifax Adds 2.4 Million More People to List of Those Impacted By 2017 Breach
A KrebsOnSecurity series on how easy big-three credit bureau Equifax makes it to get detailed salary history data on tens of millions of Americans apparently inspired a deeper dive on the subject by Fast Company, which examined how this Equifax division has been one of the company’s best investments. In this post, I’ll show you how to opt out of yet another Equifax service that makes money at the expense of your privacy. Continue reading How to Opt Out of Equifax Revealing Your Salary History
Equifax has re-opened a Web site that lets anyone look up the salary history of a large portion of the American workforce using little more than a person’s Social Security number and their date of birth. The big-three credit bureau took the site down just hours after I wrote about it on Oct. 8, and began restoring the site eight days later saying it had added unspecified “security enhancements.” Continue reading Equifax Reopens Salary Lookup Service