Equifax Comes Clean About Previous Hacking Attack in March

Equifax Comes Clean About Previous Hacking Attack in March”

A few days later, Equifax brought in security consulting firm Mandiant, now a unit of FireEye and associated with many high-profile forensics investigations including the Yahoo breach previous year, when data on more than 1 billion accounts were exposed. The company late Friday announced the immediate retirement of David Webb, its chief information officer, and Susan Mauldin, its head security officer. Mauldin came under scrutiny for her credentials to be a CSO.

Given the scope of a growing number of major data breaches, each one is harder to top, although security experts know there's no bottom limit to what could be next.

The company named Mark Rohrwasser as interim chief information office and Russ Ayres as interim chief security officer.

Equifax also provided its most detailed timeline of the breach yet, although it raised as many questions as it answered. The key passages explain that the company "observed suspicious network traffic" on July 29th, "continued to monitor network traffic and observed additional suspicious activity" on the 30th and "took offline the affected web application that day". But it came down to a flaw in a tool created to build web applications, the company said in a press release this week.

At this point, Equifax's retelling grows cloudy.

They were using Apache Software and that company discovered a flaw in their program. The dispute portal was brought back online soon after.

The next point on the company's list says "Equifax's Security organization was aware of this vulnerability at that time, and took efforts to identify and to patch any vulnerable systems in the company's IT infrastructure".

It apparently missed at least one vulnerable system.

The news hasn't gotten better since Equifax disclosed that it was hacked on September 7.

But elsewhere in the statement, Equifax just-about-confesses that those efforts either missed the Struts implementation or failed to patch it properly.

Equifax has been castigated for how it has handled the breach, which it did not disclose publicly for weeks after discovering it. Many have complained that inconsistent information has been offered and that phone lines have been jammed. The company says it has addressed many of those problems. Equifax is offering credit freezes to customers free of charge through November.

And on August 2 Equifax contacted Mandiant, a professional cybersecurity firm, to help the company assess what data had been compromised. Equifax admitted it during its announcement on Friday.

Like this



20 September 2017
(LEN) Price Target Raised to $49.00 at JPMorgan Chase & Co
It worsened, as 56 investors sold LEN shares while 153 reduced holdings. 57 funds opened positions while 141 raised stakes. The stock of Stillwater Mining Company (NYSE:SWC) has "Outperform" rating given on Wednesday, July 20 by FBR Capital.

20 September 2017
Elliott, Cowboys provide litmus test for Broncos' D-line fix
I think the way the Broncos want to play offense, running the ball and setting up the play action pass, will keep this one close . But with names like Tomlinson and King questioning Elliott's heart, it's going to be a long week for him and Cowboys fans.

20 September 2017
Helios and Matheson Analytics Inc. (HMNY) — Trend Analysis Report
Helios and Matheson Analytics Inc .'s average Book Value per Share Growth Rate was 168.1 percent during the past 12 months. The difference between the expected and actual EPS was $-0.65/share, which represents an Earnings surprise of -282.6%.

20 September 2017
Kenneka Jenkins: Rosemont Official Decry Calls for FBI Involvement
But Chief Stephens insisted the police were making progress. "At no time have I doubted the work that is being done", he said. However, cameras never actually recorded her entering the freezer, prompting her mother to suspect foul play was involved.

20 September 2017
Housing Starts Dip in August
July's sales pace was revised up to 1.19 million units from the previously reported 1.16 million units. Year-to-date, single-family starts are 8.9 per cent above their level over the same period last year.

20 September 2017
Anti-police protest turns violent in St. Louis
Stockley argued that before firing he had ordered Smith to show his hands and believed the suspect was reaching for a handgun. Some people vented about the court's decision to acquit Stockley, while others called for some city leaders to step down.

20 September 2017
May hopes to boost Bombardier on trade mission to Canada
Prime Minister Theresa May at a meeting today of the two leaders who are pressing Boeing to drop its challenge. International Trade Commission to investigate subsidies of Montreal-based Bombardier's C Series aircraft.

20 September 2017
Buy or sell Iowa football's flawless start
In what can be seen as harmlessly eccentric or subtle psych warfare, Iowa has famously painted the visitor's locker room pink. With James Butler set to miss this weekend's game against Penn State, Wadley will get all the touches he can handle.

20 September 2017
Punahou's Macfarlane to fight for a world title
Macfarlane is 5-0 in Bellator with three submission wins, including a first-round armbar victory over Jessica Middleton in April. The reality show will determine the inaugural champion of the UFC's newest female weight class by way of a tournament.

20 September 2017
Monument to inventor of world-renowned Kalashnikov rifle unveiled in Moscow
In Soviet times he was twice honoured as "Hero of Socialist Labour" and became a Stalin Prize and Lenin Prize laureate. Tuesday's ceremony included military music and a blessing by a Russian Orthodox priest, The Guardian reports .