Scotsman Guide > News > September 2017 > News Story

 Enter your e-mail address and password below.

  •  
  •  

Forgot your password? New User? Register Now.

News Archives

 
Subscribe icon Subscribe to our weekly e-newsletter, Top News.

Equifax breach could be worst in history


The hack reported last week by Equifax will go down as one of the worst data breaches in history, and could prove to be the most damaging ever for American consumers, many security experts contend.

Anonymous criminals committed the crime, but cybersecurity experts told Scotsman Guide News that the blame for exposing sensitive information belonging to roughly half of the U.S. population lies with Equifax, which has a history of data breaches.  

cybercrime“I firmly believe they could have prevented this,” said Tim Crosby, a senior security consultant with Austin, Texas-based Spohn Consulting.

Equifax reported last Thursday that it discovered on July 29 that cybercriminals exploited “a U.S. website application vulnerability” to gain access. Equifax determined that as many as 143 million people were compromised.

The information included Social Security numbers, birth dates, addresses and, in some cases, drivers-license information. Also, the credit card numbers of 209,000 U.S. consumers were exposed. Information on consumers residing in the United Kingdom and Canada also was breached.

Equifax believes the attack occurred in mid-May and continued until it was discovered nearly two months later.  

“This is a pretty scary thing,” Crosby said. “It is going to affect the other credit reporting agencies, who are going to have to be on their toes. We know somebody has the information. We don’t know how widely it has been distributed, or who got it yet.”

Repeated breaches

Equifax has been breached or admitted to mishandling sensitive consumer information five times since 2005, according to the website privacyrights.org. Most recently it was reported in May 2016 that hackers breached its W-2 Express Website, exposing tax and salary information on 431,000 Kroger employees.

In October 2010, Equifax agreed to pay a $1.6 million fine to settle a complaint with the Federal Trade Commission, after admitting to selling information on people who had been late in paying their mortgages. This affected 17,000 consumers. The company had two other smaller incidents in 2010 and 2006. 

“In my opinion, this is the super jackpot of cybersecurity compromise,” said Jeffrey Bernstein, the managing director of Critical Defence. Bernstein doubted that the hackers will ever be caught. They may have already sold the information on a shadowy "dark web," a number of small private networks that can't be accessed through traditional search engines. Equifax could face severe penalties, Bernstein said. 

“This type of breach should never happen,” Bernstein added. “A company like Equifax has a very high-profile, high-threat environment that they operate in. They have a treasure trove of data, of our private data, and they need to protect it.”

Equifax officials were not immediately available for comment.

As of Monday, Equifax had provided no additional information on how cybercriminals accessed its database. Web applications can be any program accessed over a network connection. Typically, a person logs in with a user name and password. Facebook and LinkedIn are two well-known examples of web applications.

Hackers often develop attack tools to exploit vulnerabilities in these programs, engaging in a cat-and-mouse game. Companies, in turn, must constantly test their web applications for vulnerabilities and provide fixes.

 


 

Questions? Contact at (425) 984-6017 or victorw@scotsmanguide.com.

Bubble 1 Comments

By submitting this comment, you agree to comply with our Terms of Use.



  1. Posted: Oct 19, 2017  10:02 ET    Updated: Oct 19, 2017  10:07 ET
    By: Landon Shanahan | AnswerSh
    1. 0


Cyber attacks have become popular lately. 45 thousand attempted attacks in 74 countries around the world - it's the consequences of the virus 'WannaCry'. And no one can foresee them or somehow stop them, but it is possible and necessary to be prepared for such situations. Therefore, serious attention should be paid to cybersecurity. Studying at the university on computer systems, we searched for and studied the vulnerabilities of various systems. Some answers to my questions I found on the site that help me with homework and where I understood the work of other systems.


 

The text exceeds the maximum number of characters allowed.


Are you sure you want to permanently delete this blog comment? This action cannot be reversed.



You must enable your community profile to use this feature.

Cancel Enable profile

You have flagged this post for inappropriate content.

Please explain below. Thank you.

Cancel Submit

Get the latest news and articles from Scotsman Guide straight to your inbox.


Send me the following e-mails:





Learn more about Scotsman Guide e-mails

Thank you for signing up to receive e-mails from Scotsman Guide.

A confirmation e-mail has been sent to the address you provided.

For questions regarding your e-mail subscriptions please contact Circulation@ScotsmanGuide.com or call (800) 297-6061.


Fins A Lender Post a Loan
Residential Find a Lender Commercial Find a Lender
Follow Us:Visit Scotsman Guide Facebook pageVisit Scotsman Guide LinkedIn pageVisit Scotsman Guide g+ pageVisit Scotsman Guide Twitter page
 
 
 
 

 
 

© 2018 Scotsman Guide Media. All Rights Reserved.  Terms of Use  |  Privacy Policy