Collaborate Disseminate
More than a week after it said most people would be eligible to enroll in a free year of its TrustedID identity theft monitoring service, big three consumer credit bureau Equifax has begun sending out email notifications to people who were able to take the company up on its offer. But in yet another security stumble, the company appears to be training recipients to fall for phishing scams. Continue reading Equifax or Equiphish?
More than a week after it said most people would be eligible to enroll in a free year of its TrustedID identity theft monitoring service, big three consumer credit bureau Equifax has begun sending out email notifications to people who were able to take the company up on its offer. But in yet another security stumble, the company appears to be training recipients to fall for phishing scams. Continue reading Equifax or Equiphish?
By Waqas
Plenty of consumers decided to go for a credit freeze
This is a post from HackRead.com Read the original post: Experian Flaw Lets Attacker Obtain Credit Freeze PIN and Access Account
Continue reading Experian Flaw Lets Attacker Obtain Credit Freeze PIN and Access Account
Your daily round-up of some of the other stories in the news Continue reading News in brief: Experian PIN fail; SEC hacked; AI vs terror
An alert reader recently pointed my attention to a free online service offered big-three credit bureau Experian that allows anyone to request the personal identification number (PIN) needed to unlock a consumer credit file that was previously frozen at Experian. Continue reading Experian Site Can Give Anyone Your Credit Freeze PIN
Bloomberg published a story this week citing three unnamed sources who told the publication that Equifax experienced a breach earlier this year which predated the intrusion that the big-three credit bureau announced on Sept. 7. To be clear, this earlier breach at Equifax is not a new finding and has been a matter of public record for months. Furthermore, it was first reported on this Web site in May 2017. Continue reading Equifax Breach: Setting the Record Straight
Government agencies have contacted Equifax’s largest competitors to learn more about the potential for cyberattacks on the credit monitory industry as a whole, a senior federal official told CyberScoop. The recently revealed breach at Equifax — one of three multinational corporations that rely on comparable software to manage consumers’ credit reports and other highly sensitive records — caused upwards of 143 million records to be compromised and drew immediate attention by federal law enforcement. But other federal agencies, like the Department of Homeland Security, have been focusing on understanding the threat posed to the larger industry, according to the senior federal official, who spoke to CyberScoop on condition of anonymity to discuss an ongoing government investigation. The official said that because Equifax’s biggest competitors — namely TransUnion and Experian — also rely on the software like Apache Struts, a popular web server application, the outreach was necessary in order to learn more about the industry’s […]
The post In wake of Equifax breach, government shines light on entire industry appeared first on Cyberscoop.
Continue reading In wake of Equifax breach, government shines light on entire industry
It’s likely that whomever was responsible for the giant data breach at credit reporting giant Equifax likely targeted an old version of the Apache Struts framework, according to a senior government official who spoke on condition of anonymity to discuss an ongoing investigation. The attackers, the official said, appear to have relied on a known vulnerability in the open-source web application that was disclosed in March 2017. The vulnerability is different from that one that was widely reported on last week. The official’s comments to CyberScoop are the first from a government source regarding the cause behind one of the largest data breaches in history, which was publicly announced last week. The official cautioned that while the Struts vulnerability is currently considered the mostly likely avenue, an investigation is ongoing and still developing. The FBI is currently working with Equifax in order to fully investigate the cause of the breach […]
The post U.S. officials looking at Apache vulnerability as cause for Equifax breach appeared first on Cyberscoop.
Continue reading U.S. officials looking at Apache vulnerability as cause for Equifax breach
It remains unclear whether those responsible for stealing Social Security numbers and other data on as many as 143 million Americans from big-three credit bureau Equifax intend to sell this data to identity thieves. But if ever there was a reminder that you — the consumer — are ultimately responsible for protecting your financial future, this is it. Here’s what you need to know and what you should do in response to this unprecedented breach. Continue reading The Equifax Breach: What You Should Know
I cannot recall a previous data breach in which the breached company’s public outreach and response has been so haphazard and ill-conceived as the one coming right now from big-three credit bureau Equifax, which rather clumsily announced Thursday that an intrusion jeopardized Social security numbers and other information on 143 million Americans. Continue reading Equifax Breach Response Turns Dumpster Fire