The FTC is looking into the Equifax breach

Share

Following the recent announcement that hackers had gained access to consumer data from Equifax, Pennsylvania Secretary of Banking and Securities Robin L. Wiessmann on Thursday advised consumers to take control of their personal and financial data.

The company's stock dropped another 8% in early trading Thursday following the FTC statement. The vulnerability was Apache Struts CVE-2017-5638. "CAA did not handle or retain any of the information provided to Equifax", said Ian Jack, CAA managing director of communications and government relations. However, Equifax stated that the three executives were not aware of the breach when their stock was sold. The two-month gap between when the patch was issued and when the attackers breached Equifax's network was a particularly unsafe time, as hackers began immediately exploiting the flaw on websites that didn't apply the fix, according to technology website Ars Technica. It appears that the credit firm failed to install the security updates that came to patch it up.

The patch would have been time consuming as it involved rebuilding hundreds of apps using the new updated software. "We continue to work with law enforcement as part of our criminal investigation, and have shared indicators of compromise with law enforcement", the statement noted. The agency suggests signing up for credit monitoring and identity theft protection. Those pages contained more than 14,000 unencrypted personal records, including DNIs - Argentina's version of Social Security numbers. "However, in light of the intense public interest and the potential impact of this matter, I can confirm that FTC staff is investigating the Equifax data breach", spokesman Peter Kaplan said in a brief email statement. Any number pressed on the keypad can lead to more robocalls.

Equifax CEO Richard Smith has agreed to testify on October 3 before a U.S. House of Representatives panel, the company said Thursday. That's, uh, not a good look for Equifax's data security team.

Pakistan attaches great importance to its relations with Afghanistan: FM Asif
Pakistan reports indicate that Asif will soon visit Moscow to discuss the USA strategy. China has been forced to condemn terrorist based organisations.

Information of the breach was finally released to the public on September 7, approximately four months after the breach occurred.

Attorney General Marty Jackley is alerting South Dakotans that a data breach of Credit bureau reporter Equifax, has affected 200,000 people in our state.

The bigger question to many cyber-security experts is why some of Equifax's crown jewels were accessible essentially from the open internet, a question that Equifax has not addressed.

Share