Equifax Data Breach
Back in 2017, Equifax suffered the largest data breach of history, exposing the data of approximately 150 million Americans. This is nearly half of the population in the United States. It was the consumer data security scandal of the decade. Hackers stole credit files of hundreds of thousands of Americans, but also British and Canadian nationals, including Social Security numbers, dates of birth and thousands of payment card records in the May 2017 breach.
On Sept. 7, Equifax announced the cybersecurity incident, one of the largest in history. Unauthorized data access occurred from mid-May through July 2017. The breach was discovered on July 29.
The vulnerability that caused the breach was vulnerability Apache Struts CVE-2017-5638. ... The vulnerability was left unpatched until July 29, 2017, although the patch was available for a couple of months and Equifax was notified of the vulnerability. Hackers got into the Equifax systems by exploiting the vulnerability and started running queries. Eventually, they found the data of nearly 150 million users and started transferring data. Finally, Equifax's information security department discovered “suspicious network traffic” and realised they were breached. It was the incident handling and aftermath of the breach that made the situation even worse.
As a result of this incident, the company has now been severely fined. Equifax agreed to spend up to $425 million to help people affected by the data breach, but it appears that the final bill will be in the range of $700 million in fines. At Techforce Cybersecurity, we offer products such as Rapid 7 Insight VM and DarkTrace which could have helped with this type of incident.
Don’t get caught up like Equifax, data breaches can happen to companies big or small, come and talk to us! We are on hello@thetechforce.co.uk and 0333 210 6181.
Related Articles
A typical process and challenges in achieving Cyber Essentials Plus Certification
A typical process and the usual challenges in achieving Cyber Essentials plus certification.
MoreTune into Women in Security LinkedIn Live with Elaine McKechnie For CyberScotland 2021
To coincide with CyberScotland 2021 TechForce is joined by a very special guest Elaine McKechnie.
MoreThere are lots happening in 2021 around the UK - view our picks of CyberSecurity Events
There is a lot happening in 2021 (virtually) for the moment when it comes to cybersecurity - check out the events.
MoreAccelerate Incident and Vulnerability Response
Automation of vulnerability & incident response can yield 6X productivity gain for security & IT teams and be 60% faster at vulnerabilities.
More
FOR LATEST UPDATES SUBSCRIBE HERE: