A British financial regulator fined American credit reporting agency Equifax 11 billion pounds for its role in one of the world’s largest data breaches. Chinese military hackers in 2017 exploited a vulnerability in Equifax’s online dispute portal to download the personal data of nearly 14 million residents of the United Kingdom as well as approximately…

Amid significant increases in both malware and network attacks, multiple Apache Struts vulnerabilities – including one used in the devastating Equifax data breach – appeared for the first time on WatchGuard’s list of most popular network attacks in Q3 2019. Massive fallout from the Equifax breach The report also highlights a major rise in zero…

Could an Equifax-sized data breach happen again?

Many global financial services organizations are targeted by sophisticated cyberattackers in an attempt to steal critical data and personally-identifiable information (PII), according to Vectra. Vectra disclosed that cyberattackers build hidden tunnels to break into networks and steal information. These tunnels are used to remotely control an attack, known as command-and-control, and steal data, known as…

Equifax, former CEO reveal more details about the devastating breach

Mandiant has concluded the forensic part of its Equifax breach investigation, and the results are as follows: 2.5 million additional US consumers were potentially impacted, bringing the total to 145.5 million The initial estimate of some 100,000 Canadian citizens being impacted was incorrect: in the end, the information of some 8,000 Canadian consumers was compromised,…

Equifax CEO Steps Down After Massive Data Breach

Equifax chairman and CEO Richard Smith stepped down Tuesday, just weeks after the company disclosed a massive data breach that exposed more than 143 million U.S. individuals. Paulino do Rego Barros, Jr., who most recently served as President, Asia Pacific, and is a seven-year veteran of the company, has been appointed as interim Chief Executive Officer. The…

Equifax Sent Breach Victims to Fake Website

Equifax has made another blunder following the massive data breach suffered by the company – it advised some customers on Twitter to access a fake support website set up by a security researcher. Equifax staff advised breach victims on Twitter at least 8 times to access securityequifax2017.com instead of equifaxsecurity2017.com, the website created by the credit reporting agency…

Equifax attackers got in through an Apache Struts flaw?

Have the attackers responsible for the Equifax data breach exploited a vulnerability in Apache Struts, a popular open source framework for developing web applications, to compromise the company’s networks? Equifax has yet to share more details about how the attack was pulled off, but a report by financial services firm Robert W. Baird & Co….