Dear Visitor,

Our system has found that you are using an ad-blocking browser add-on.

We just wanted to let you know that our site content is, of course, available to you absolutely free of charge.

Our ads are the only way we have to be able to bring you the latest high-quality content, which is written by professional journalists, with the help of editors, graphic designers, and our site production and I.T. staff, as well as many other talented people who work around the clock for this site.

So, we ask you to add this site to your Ad Blocker’s "white list" or to simply disable your Ad Blocker while visiting this site.

Continue on this site freely
  HOME     MENU     SEARCH     NEWSLETTER    
CUSTOMER RELATIONSHIP MANAGEMENT NEWS. UPDATED ABOUT A MINUTE AGO.
You are here: Home / Linux/Open Source / Equifax's Troubles Get Even Worse
Equifax's Troubles Worsen Amid New Disclosure About Breach
Equifax's Troubles Worsen Amid New Disclosure About Breach
By Ken Sweet and Michael Liedtke Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
PUBLISHED:
SEPTEMBER
15
2017
Credit agency Equifax traced the theft of sensitive information about 143 million Americans to a software flaw that could have been fixed well before the burglary occurred, further undermining its credibility as the guardian of personal data that can easily be used for identity theft.

Equifax identified a weakness in an open-source software package called Apache Struts as the technological crack that allowed hackers to heist Social Security numbers, birthdates, addresses and full legal names from a massive database maintained primarily for lenders.

Security for Dummies

The disclosure, made late Wednesday, cast the company's damaging security lapse in an even harsher light. The software problem was detected in March and a recommended software patch was released shortly afterward. Equifax said the database intrusion began in May and continued until July.

Security experts said Equifax had more than enough opportunity to block intruders by sealing the security hole. "There is no excuse for not following basic cybersecurity hygiene," said Nate Fick, CEO of the security firm Endgame. "Some heads should definitely roll for this; it's only a question of how many."

The company didn't respond to inquiries on Thursday.

Equifax was already under fire for not disclosing the break-in until Sept. 7 -- nearly six weeks after the company discovered it -- as well as for its handling of consumer inquiries about their exposure whether their personal information had been compromised and how they could protect their identities.

The Enron Comparison

On Thursday, Sen. Charles Schumer, D-New York, called for the resignations of CEO Richard Smith and Equifax's entire board of directors unless the company offers consumers more comprehensive identity-theft protection for the next decade. So far, Equifax is merely offering free credit monitoring for a year. It's also temporarily waiving fees for people who freeze their credit records to prevent identity thieves from defrauding them.

"What has transpired over the past several months is one of the most egregious examples of corporate malfeasance since Enron," Schumer said, invoking the name of a notorious company that manipulated energy markets and eventually went bankrupt.

Investors are clearly concerned about Equifax's fate. The company's stock has lost nearly a third of its value since it disclosed the breach. Three Equifax executives, including the company's chief financial officer, preserved a significant chunk of their wealth by selling stock worth a combined $1.8 million just after management learned of the breach, but well before the public was notified.

Equifax said last week that the officials didn't know about the breach at the time of those sales.

More Investigation

In another sign of the storm swirling around Equifax, the Federal Trade Commission took the unusual step of announcing it has opened a probe into the company's practices.

The FTC is not the only Washington authority looking into the breach. The Consumer Financial Protection Bureau previously announced its own investigation, and the House Financial Services Committee plans to hold hearings on the breach in early October when Smith is scheduled to testify. Politicians from both major parties are calling for additional investigations by Congress or the Department of Justice, raising the possibility of criminal charges.

A proposal to impose sweeping reforms on Equifax and its two main peers, TransUnion and Experian, also has been drawn up by Rep. Maxine Waters, D-California.

© 2017 Associated Press under contract with NewsEdge/Acquire Media. All rights reserved.

Image credit: iStock.

Tell Us What You Think
Comment:

Name:

Like Us on FacebookFollow Us on Twitter
MORE IN LINUX/OPEN SOURCE
CRM DAILY
NEWSFACTOR NETWORK SITES
NEWSFACTOR SERVICES
© Copyright 2017 NewsFactor Network. All rights reserved. Member of Accuserve Ad Network.