The Tale of Equifax’s Breach

In a statement to lawmakers on October 2, 2017, Richard Smith former CEO of Equifax said that one massive hacking attack got executed due to both technology failures as well as human error wherein cyber thugs grabbed sensitive data of over 145m Americans. He presented a well-prepared testimony while the House Energy and Commerce Committee heard him next day. Smith, relaxed from his job at Equifax, retired September 26, 2017.

According to the company, merely 8,000 Canadians were affected and not 100,000 at the most like earlier announced. The breach's notification came to the company from the United States Homeland Security Department, March 9, as Smith testified; however, no security patch was issued. Firstpost.com posted this, October 3, 2017.

Smith's testimony tells that on March 15 the information security wing of Equifax executed scans expecting to identify those computers which were weakened because of the software problem, however, didn't. Consequently, the security flaw stayed on within certain web application of Equifax over a longer period unlike usual while the un-patched flaw let hackers gain admission into PII (personal identifying information).

An investigation by federal authorities into dubious stock sales is being conducted which took place soon following Equifax's discovery of the hack, while its board of directors via one exclusive committee is examining those stocks' trading. Equifax stated it took such matters seriously. Meanwhile, lawmakers have issued warnings regarding increased omissions by the industry for credit reporting that's generally unregulated.

The warning e-mails are likely towards helping take care of confusion among the masses with regards to the Equifax hack, although not certainly be much helpful to victims angry because of their private information getting compromised as also poor handling by the company of the circumstances.

The Congressional testimony by Smith clearly indicates Equifax's knowledge of the security flaw which resulted in the March breach while left un-patched for months. Equifax was in a position to lessen else eschew plenty of the destruction, as also its executives' actions following the breach haven't been of much help. Now it is likely to be long for getting a proper resolution since the mailings would help, however, just somewhat.

» SPAMfighter News - 10/6/2017