The Schwartz Report

Blog archive

Massive Equifax Breach Epitomizes Reckless IT Security Practices

Given the scope of a growing number of major data breaches, each one is harder to top, although security experts know there's no bottom limit to what could be next. The compromise of 143 million individual accounts reported by Equifax on Sept. 7 that included names, birthdates and credit card numbers, may be one of the most damaging breaches disclosed to date. Apparently tied to the Equifax breach, news surfaced Friday that information on more than 200,000 credit card accounts were also stolen.

The way Equifax executives and its IT security team appears to have failed to adequately apply patches, the amount of time it took to discover the depth of the breach and the delay in ultimately reporting it certainly paints a picture of a colossal failure at all levels, including the curiosly timed stock sales by top executives (who deny knowledge of the breach at the time of the sale) just days before the disclosure, reported by Bloomberg.

Fallout from the breach has, not surprisingly, led to the reported departures of CIO Dave Webb and CSO Susan Maudlin late last week. Signs of trouble trace back to March 8 when Cisco warned of a security flaw in Apache Struts, the open source, Java-based framework widely used on interactive Web sites,  that already was "being actively exploited," before the July 29 discovery of trouble at Equifax and the Sept. 7 revelation of how many potential customer records were stolen, according to a detailed report published by The Wall Street Journal today.

While the report noted many details remain unknown, it is understood that hackers pillaged information between May and the July 29 discovery. A few days later, Equifax brought in security consulting firm Mandiant, now a unit of FireEye and associated with many high-profile forensics investigations including the Yahoo breach last year, when data on more than 1 billion accounts were exposed.

Initially, Mandiant believed that 50 million accounts were compromised. But as its investigation continued, it determined it was nearly three times that amount, according to the report, which also noted the company registered the EquifaxSecurity2017.com domain for customers to seek information.

The report also noted last week's revelation by Alex Holden, founder of Hold Security, that an Equifax portal in Argentina was "wide open, protected by perhaps the most easy-to-guess password combination ever: 'admin/admin,'" he told the KrebsonSecurity Web site.

The true impact of the Equifax breach is yet to unfold, but it already has brought a new awareness to the risks at hand that many have long overlooked or ignored. How organizations address their own risks in wake of this remains to be seen.

Posted by Jeffrey Schwartz on 09/18/2017 at 7:39 PM


Featured

  • Phishing Tops Concerns in Microsoft Study of Remote Work

    Potential phishing attacks were a top concern of most IT security professionals when organizations switched to remote-work conditions early last year.

  • How To Configure Windows 10 for Intel Optane Memory

    Intel's Optane memory technology can significantly improve the performance of your Windows 10 system -- provided you enable it correctly. A single mistake can render the system unbootable. Here's how to do it the right way.

  • Microsoft and SAP Enhance Partnership with Teams Integration

    Microsoft and SAP this week described continuing partnership efforts on Microsoft Azure, while also planning a Microsoft Teams integration with SAP's enterprise resource planning product and other solutions.

  • Blue Squares Graphic

    Microsoft Previews Azure IoT Edge for Linux on Windows

    Microsoft announced a preview of Azure IoT Edge for Linux on Windows, which lets organizations tap Linux virtual machine processes that also work with Windows- and Azure-based processes and services.

comments powered by Disqus