@Cprman wrote:
https://www.bloomberg.com/news/articles/2017-10-02/ex-equifax-ceo-says-human-tech-failures-allowed-b...
Wow basically back in march they had Apache software that needed a security patch. The deparment of Homeland Security notified them and they just never did it. The actual hack sounds like it was months later.
Hope this leads to some chanages, where companies realize the financial impact of security breaches and starting running tigheter ships. I mean such a basic thing.
"The Apache Software Foundation had issued a patch for the flaw in March, two months before hackers began accessing sensitive information on Equifax’s servers on May 13."
This Bloomberg article from Sept.29 indicates Equifax was hacked much earlier than May 13, as in March 10, and adds come conspiracy theory:
The Equifax Hack Has the Hallmarks of State-Sponsored Pros
- Nike Zheng, a Chinese cybersecurity researcher from a bustling industrial center near Shanghai, probably knew little about Equifax or the value of the data pulsing through its servers when he exposed a flaw in popular backend software for web applications called Apache Struts. Information he provided to Apache, which published it along with a fix on March 6, showed how the flaw could be used to steal data from any company using the software.Within 24 hours, the information was posted to FreeBuf.com, a Chinese security website, and showed up the same day in Metasploit, a popular free hacking tool. On March 10, hackers scanning the internet for computer systems vulnerable to the attack got a hit on an Equifax server in Atlanta, according to people familiar with the investigation.
- Before long, hackers had penetrated Equifax. They may not have immediately grasped the value of their discovery, but, as the attack escalated over the following months, that first group—known as an entry crew—handed off to a more sophisticated team of hackers. They homed in on a bounty of staggering scale: the financial data—Social Security numbers, birth dates, addresses and more—of at least 143 million Americans. By the time they were done, the attackers had accessed dozens of sensitive databases and created more than 30 separate entry points into Equifax's computer systems. The hackers were finally discovered on July 29, but were so deeply embedded that the company was forced to take a consumer complaint portal offline for 11 days while the security team found and closed the backdoors the intruders had set up.
That the "entry crew" that found Equifax had not installed the Apache fix for the vulnerability once found what they had and then handed it off to a "more sophisticated team of hackers would indicate state sponsored hacking. I've suspected that, because there has been no known attempts to use the information so far. Criminal hackers, like the "ransomware" folks would be tripping over themselves in attempts to get rich off the data. State sponsored hackers, the Chinese or Russians, would be content to sit on it, deciding how they could best use it to exert influence over the U.S.Oh, and this"
- "Eventually the intruders installed more than 30 web shells, each on a different web address, so they could continue operating in case some were discovered. Groups known to exploit web shells most effectively include teams with links to Chinese intelligence, including one nicknamed Shell Crew. Some investigators within Equifax reached the conclusion that they were facing Chinese state hackers relatively quickly after analyzing the Moloch data, according to a person briefed on those discussions. If the Equifax breach was a purely criminal act, one would expect at least some of the stolen data, especially the credit card numbers that were taken, to have showed up for sale on the black market. That hasn't happened".
And one other thing - not only do the hackers have credit & personal info on 145 million Americans, they most likely have the credit & personal info on Trump, his family, his Cabinet offcials, and ever member of Congress.
