Equifax – Page 23 – WindowsTechs.com

Equifax executives retire one week after massive security breach

Posted on September 15, 2017 by Patrick Howell O'Neill

Two Equifax executives are retiring from Equifax just one week after the credit reporting firm announced a security incident in which over 143 million records were compromised, according to an announcement made late Friday. The Chief Information Officer, David Webb, and Chief Security Officer, Susan Mauldin, are no longer with the company effective immediately. Mark Rohrwasser, who has led Equifax’s international IT operations since 2016, is now interim CIO. Russ Ayres, previously the Vice President in the IT organization at Equifax, is interim CSO and reports directly to Rohrwasser. The move comes as part of a thorough review and reaction to the breach announced on Sept. 7. The internal investigation into the incident, led by the cybersecurity firm Mandiant, is ongoing and the FBI is investigating as well. Equifax also issued updates on its internal investigation noting that it saw “suspicious network traffic” on July 29 and, in the midst of looking into that traffic, found additional suspicious activity. […]

The post Equifax executives retire one week after massive security breach appeared first on Cyberscoop.

Continue reading Equifax executives retire one week after massive security breach→

People can’t read (Equifax edition)

Posted on September 15, 2017 by Robert Graham

One of these days I’m going to write a guide for journalists reporting on the cyber. One of the items I’d stress is that they often fail to read the text of what is being said, but instead read some sort of subtext that wasn’t explicitly said… Continue reading People can’t read (Equifax edition)→

Equifax Confirms March Struts Vulnerability Behind Breach

Posted on September 14, 2017 by Chris Brook

Equifax divulged on Wednesday that the culprit behind this summer’s breach of 143 million Americans was an Apache Struts vulnerability, CVE-2017-5638, patched back in March. Continue reading Equifax Confirms March Struts Vulnerability Behind Breach→

In wake of Equifax breach, government shines light on entire industry

Posted on September 14, 2017 by Chris Bing

Government agencies have contacted Equifax’s largest competitors to learn more about the potential for cyberattacks on the credit monitory industry as a whole, a senior federal official told CyberScoop. The recently revealed breach at Equifax — one of three multinational corporations that rely on comparable software to manage consumers’ credit reports and other highly sensitive records — caused upwards of 143 million records to be compromised and drew immediate attention by federal law enforcement. But other federal agencies, like the Department of Homeland Security, have been focusing on understanding the threat posed to the larger industry, according to the senior federal official, who spoke to CyberScoop on condition of anonymity to discuss an ongoing government investigation. The official said that because Equifax’s biggest competitors — namely TransUnion and Experian — also rely on the software like Apache Struts, a popular web server application, the outreach was necessary in order to learn more about the industry’s […]

The post In wake of Equifax breach, government shines light on entire industry appeared first on Cyberscoop.

Continue reading In wake of Equifax breach, government shines light on entire industry→

Equifax Data Breach – Hack Due To Missed Apache Patch

Posted on September 14, 2017 by Darknet

The Equifax data breach is pretty huge with 143 million records leaked from the hack in the US alone with unknown more in Canada and the UK.

The original statement about the breach is as follows for those that weren’t up to date with it, which came out Sept 7th (4 months AFTER the breach happened).

Equifax Inc. (NYSE: EFX) today announced a cybersecurity incident potentially impacting approximately 143 million U.S.

Read the rest of Equifax Data Breach – Hack Due To Missed Apache Patch now! Only available at Darknet.

Continue reading Equifax Data Breach – Hack Due To Missed Apache Patch→

News in brief: FTC to probe Equifax; Bitcoin price falls on China move; HBO teases GoT finale news

Posted on September 14, 2017 by Kate Bevan

Your daily round-up of some of the other stories in the news Continue reading News in brief: FTC to probe Equifax; Bitcoin price falls on China move; HBO teases GoT finale news→

Equifax breach happened because of a missed patch

Posted on September 14, 2017 by Zeljka Zorz

The attackers who breached Equifax managed to do so by exploiting a vulnerability in its US website, the company has finally confirmed. The vulnerability in question was Apache Struts CVE-2017-5638. A failure to implement available patch CVE-2017-5638 was flagged in March 2017. It was discovered and reported by Chinese developer Nike Zheng. It was quickly patched by the Apache Struts team, but the disclosure was followed by active attacks via two very reliable exploits that … More → Continue reading Equifax breach happened because of a missed patch→

The FTC is officially investigating the Equifax breach

Posted on September 14, 2017 by cyber_admin

The Federal Trade Commission (FTC) announced on Thursday it has launched an investigation into Equifax’s massive data breach, where hackers gained access to the personal information of approximately 143 million U.S. consumers. In an email statement Thursday, FTC spokesman Peter Kaplan said “The FTC typically does not comment on ongoing investigations. However, in light of the intense public interest and the potential impact of this matter, I can confirm that FTC staff is investigating the Equifax data breach.” It’s highly unusual for the FTC to publicly comment on the existence or status of an ongoing investigation. CyberScoop first reported Wednesday that government investigators believed an Apache Struts vulnerability was the entry way for hackers looking to breach Equifax’s servers. The company confirmed that an outdated version of the web application was in fact responsible in a statement published late Wednesday night. This specific vulnerability was originally disclosed in March but had remained […]

The post The FTC is officially investigating the Equifax breach appeared first on Cyberscoop.

Continue reading The FTC is officially investigating the Equifax breach→

Smashing Security podcast #042: Equifax, BlueBorne, and the iPhone X

Posted on September 14, 2017 by Graham Cluley

Equifax’s shambolic response to its huge data breach, a scary-sounding Bluetooth exploit, and Apple’s iPhone X comes with Face ID.
All this and more is discussed in the latest edition of the “Smashing Security” podcast by computer security veterans Gra… Continue reading Smashing Security podcast #042: Equifax, BlueBorne, and the iPhone X→

Equifax CEO called to testify before Congress about breach

Posted on September 13, 2017 by Patrick Howell O'Neill

Equifax’s chief executive was formally invited Wednesday to testify Oct. 3 before Congress by top members of the House Energy and Commerce Committee. The invitation to Chairman and CEO Richard F. Smith comes less than a week after Equifax, a massive multinational credit reporting company, announced a data breach affecting up to 143 million Americans. “We look forward to hearing directly from Mr. Smith on this unprecedented breach that has raised serious questions about the security of consumers’ personal information,” full committee Chairman Greg Walden, R-Ore., and Digital Commerce and Consumer Protection Subcommittee Chairman Bob Latta, R-Ohio, said in a statement. “We know members on both sides of the aisle appreciate Mr. Smith’s willingness to come before the committee and explain how our constituents might be impacted and what steps are being taken to rectify this situation.” The committee has jurisdiction over the Federal Trade Commission and Consumer Financial Protection Bureau, two of the agencies […]

The post Equifax CEO called to testify before Congress about breach appeared first on Cyberscoop.

Continue reading Equifax CEO called to testify before Congress about breach→