Equifax Suffered Data Breach After It Failed to Patch Old Apache Struts Flaw

So basically this was a known flaw which which hackers were actively using.. and a patch was out to fix it about 2 months prior(March 6th) to the breach occurring.

Pretty retarded.

It's intentional.

I'd bet this a fucked up financial gain strategy actually.

Ok, they're in the dog house now - but this is how it works...

Millions will rush to put a free initial lock on their credit. It costs around $7 - $10 to then unlock it so a creditor can see it (if you apply for a loan/credit/etc.) Then you have to pay the same amount to re-lock your credit.

Not to mention the millions that will now sign up for their credit protection program. Sure, it's free at first, but that monitoring service will expire.

Ka-Ching!

Someone Made a Fake Equifax Site. Then Equifax Linked to It.

[link to www.nytimes.com (secure)]

For weeks, Equifax customer service has been directing victims to a fake phishing site

[link to www.theverge.com (secure)]

Equifax Releases Details on Cybersecurity Incident, Announces Personnel Changes
9/15/17

ATLANTA — As part of the company’s ongoing review of the cybersecurity incident announced September 7, 2017, Equifax Inc. (NYSE: EFX) today made personnel changes and released additional information regarding its preliminary findings about the incident.

The company announced that the Chief Information Officer and Chief Security Officer are retiring. Mark Rohrwasser has been appointed interim Chief Information Officer. Mr. Rohrwasser joined Equifax in 2016 and has led Equifax’s International IT operations since that time. Russ Ayres has been appointed interim Chief Security Officer. Mr. Ayres most recently served as a Vice President in the IT organization at Equifax. He will report directly to the Chief Information Officer. The personnel changes are effective immediately.

[link to www.equifaxsecurity2017.com (secure)]

Incredible!

No one is this stupid. Like I said, this has to be intentional.

They're stuck in the 90's