top of page
This site was designed with the
.com
website builder. Create your website today.Start Now

Equifax waited Months to Fix this Vulnerability


Equifax appears to have waited months to fix a well-known security vulnerability in its software, enabling hackers to compromise the personal information of as many as 143 million US consumers.

“We know that criminals exploited a US website application vulnerability,” the company said in a blog post late Wednesday, confirming that the flaw had affected its open-source software, called Apache Struts.

The NY Post first reported on Friday that Equifax privately told analysts that hackers were able to break into their systems via a vulnerability in Apache Struts.

Separately Thursday, the Federal Trade Commission said it has opened an investigation into the Equifax data breach, a rare public disclosure that sent shares tumbling to their lowest in more than two years.

“The FTC typically does not comment on ongoing investigations. However, in light of the intense public interest and the potential impact of this matter, I can confirm that FTC staff is investigating the Equifax data breach,” spokesman Peter Kaplan said in a brief email statement.

Equifax’s stock dropped another 9 percent on Thursday morning to $90.60, down from $142 before the hack was announced.

Equifax was hacked starting in May until July 29, when it was discovered by the company, according to a public statement from credit bureau.

On Wednesday, Equifax confirmed that the specific vulnerability dates back to March.

Apache had made multiple patches, or fixes, available to its customers for free after discovering security problems six months ago — raising the possibility that the hack could have been prevented if Equifax had just downloaded the patch in March.

Apache hasn’t commented on the hack.

The company likewise faces a class-action lawsuit that threatens to put the company out of business, as well as multiple investigations from states including New York and Massachusetts. Equifax’s CEO Richard Smith has been called to testify before the U.S. Congress on Oct 3.

Thanks to Kevin Dugan of the New York Post, for contributing this article. Kevin is the senior Wall Street Reporter at the NY Post.


Bob Seccaspina

 

Bob has had 25 years of Sales, Marketing and Management experience in  the IT field.  He has been responsible for revenue growth and gaining market share by executing brand strategies, and building organization capabilities through direct and channel teams.

 

Bob has built high-performance teams through hands-on, active coaching and through identifying and attracting and retaining high-performing human resources.

 

He has worked with CEO’s, CIO’s, and senior business executives to help deliver on growth and cost efficiencies.  He has created initiatives through strategies that capitalized on market trends, leading to exponential organizational growth.

Other Posts
More IT on the web

 

IT Force

 

Follow Me
  • IT-Force-Logo_edited
  • LinkedIn Social Icon
  • Facebook Basic Black
  • Twitter Basic Black
  • YouTube Basic Black
Search By Tags
No tags yet.
bottom of page