Equifax’s Giant Security Breach – Inside Job?
Equifax’s giant cybersecurity breach announced yesterday – one of the worst ever – compromised the personal information of almost half the U.S. – potentially 143 million Americans. Residents in the U.K. and Canada were also affected. Based on Equifax’s investigation, the unauthorized access occurred from mid-May through July 2017.
This breach is more catastrophic than the Office of Personnel Management (OPM) breach in June 2015 not only because of the volume of people affected but because of what was taken. Equifax says that cyber criminals have accessed our names, social security numbers, birth dates, addresses and the numbers of some driver’s licenses. Gulp.
Theft of personally identifiable information (PII) is scary…and painful. PII can’t be changed or replaced. You can’t change your mother’s maiden name, your social security number or your date of birth. It’s attached to you for life. So the impact of this data breach will be long lasting.
The other frightening element is that the exact date of the breach and who executed it is still not known. As such, we don’t know the intent of the individual or individuals who have the data. Will they try to sell it on Dark Web forums? Is it a nation-state, as it was in the OPM hack? It appears Equifax doesn’t know.
Some of the more successful, damaging hacks in recent years have been very well-planned and very well-executed. Oftentimes, antagonists plan their exploit for months, even years. A compromise of this type would no doubt have required months of planning and months of stealthy execution in order for them to know where and how to extract the data.
Tactical tools and motivation are the first things that organizations look at when they suffer a compromise. The first step upon hack is to look at potentially vulnerable systems that haven’t been patched and look at individuals who have access and can social engineer or collude with individuals on the inside. In this instance, Equifax made the rudimentary error of failing to patch a vulnerability in Apache Struts, a web application development framework. Given the volume of data, we can only speculate that there was some type of insider involvement here.
SUSPECT YOU OR A CUSTOMER HAVE BEEN PART OF A BREACH? We can help. Enroll in Personal Identity Monitoring Here https://www.idagent.com/products/access-identity-management/ or email us today to find out more.