Over 10,000 companies downloading software vulnerable to Equifax hack
Even after the massive data breach allowed hackers to steal the personal information of 148 million Equifax customers, thousands of companies are still using the software that made the breach possible. According to Fortune, Maryland-based cybersecurity firm Sonatype identified as many as 10,801 organizations that have downloaded an old version of Apache Struts — the same free, open-source software that hackers exploited to swipe the names, social security numbers, birthdays, addresses, and other identifiers from Equifax’s databases. Of the organizations that downloaded the vulnerable version of the software, seven of the businesses were Fortune Global 100 tech companies, eight were Fortune Global 100 automakers, and 15 were Fortune Global 100 financial services or insurance firms, according to Fortune. The Apache Software Foundation has released seven patched versions of the software since March 2017. Apache Struts is used as an app building tool, and usually as a framework for online payment systems. […]
The post Over 10,000 companies downloading software vulnerable to Equifax hack appeared first on Cyberscoop.
Continue reading Over 10,000 companies downloading software vulnerable to Equifax hack