equifax warned about vulnerability didnt patch it
Last Updated : GMT 06:49:16
Arab Today, arab today
Arab Today, arab today
Last Updated : GMT 06:49:16
Arab Today, arab today

Former CEO Richard Smith

Equifax warned about vulnerability, didn't patch it

Arab Today, arab today

Arab Today, arab today Equifax warned about vulnerability, didn't patch it

Equifax warned about vulnerability, didn't patch it
Washington - Arab Today

 Equifax said Monday an investigation into the massive data breach at the credit agency discovered 2.5 million additional potential victims, bringing the total to 145.5 million.

Interim chief executive Paulino do Rego Barros, made the disclosure in a statement, saying, "Our priorities are transparency and improving support for consumers. I will continue to monitor our progress on a daily basis."

The statement said the cybersecurity firm Mandiant made the new estimate after a forensic review of the incident, which is believed to be one of the worst breaches because of the sensitivity of data leaked.

The review "also has concluded that there is no evidence the attackers accessed databases located outside of the United States," the Equifax statement said.

Mandiant found that about 8,000 Canadian consumers were impacted by the hack, fewer than the initial estimate of 100,000. The company said a review of the impact on British consumers was still being analyzed.

Separately Monday, former CEO Richard Smith said in testimony prepared for a congressional hearing that the security team at Equifax failed to patch a vulnerability in March after getting a warning about the flaw.

Smith, in a statement to a congressional committee released, offered a timeline of the cyber attack which leaked social security numbers and other sensitive data.

Smith said in prepared remarks to a House panel that the company on March 9 circulated an internal memo warning about a software flaw identified by the government's Computer Emergency Response Team (CERT).

He added that Equifax policy would have required a patch to be applied within 48 hours and that this was not done -- but he could not explain why.

Equifax's information security department ran scans that should have identified any systems that were vulnerable but failed to identify any flaws in the software known as Apache Struts.

"I understand that Equifax's investigation into these issues is ongoing," he said in the statement.

"The company knows, however, that it was this unpatched vulnerability that allowed hackers to access personal identifying information."

Smith said he was notified of the breach on July 31, but was not aware "of the scope of this attack." He informed the company's lead director three weeks later, on August 22, and board meetings were held on the matter August 24 and 25.

Equifax, one of the major agencies gathering data used in credit ratings for banks, has come under fire for waiting until September 7 to publicly disclose the breach, and investigators are looking into stock sales by two senior executives in August.

Smith stepped down last week amid the investigation, while indicating he would remain in a consulting capacity during the investigation, which includes a congressional hearing Tuesday.

Smith offered a fresh apology for the attack, saying in his statement: "As CEO I was ultimately responsible for what happened on my watch. Equifax was entrusted with Americans' private data and we let them down.

Source: AFP

arabstoday
arabstoday

Name *

E-mail *

Comment Title*

Comment *

: Characters Left

Mandatory *

Terms of use

Publishing Terms: Not to offend the author, or to persons or sanctities or attacking religions or divine self. And stay away from sectarian and racial incitement and insults.

I agree with the Terms of Use

Security Code*

equifax warned about vulnerability didnt patch it equifax warned about vulnerability didnt patch it

 



Name *

E-mail *

Comment Title*

Comment *

: Characters Left

Mandatory *

Terms of use

Publishing Terms: Not to offend the author, or to persons or sanctities or attacking religions or divine self. And stay away from sectarian and racial incitement and insults.

I agree with the Terms of Use

Security Code*

equifax warned about vulnerability didnt patch it equifax warned about vulnerability didnt patch it

 



GMT 09:27 2017 Tuesday ,10 October

Macron takes EU reform push to Germany book fair

GMT 12:50 2017 Sunday ,03 December

Shiffrin bags first downhill win

GMT 10:33 2016 Friday ,08 April

Carter v Nonu as Racing eye Toulon's scalp

GMT 10:57 2017 Wednesday ,09 August

Iran's Rouhani names female VPs

GMT 11:21 2017 Monday ,20 February

Tunisian court tries suspects over violence charges

GMT 20:52 2017 Thursday ,30 November

Honeywell to maintain A380, B777 components for Emirates

GMT 02:36 2017 Thursday ,23 November

Casablanca’s president hails achievement

GMT 19:18 2017 Wednesday ,18 October

Investment sector attend Saudi Investment Initiative

GMT 07:08 2016 Tuesday ,28 June

Hodgson pays price for sorry England

GMT 16:44 2017 Monday ,17 July

Industrial energy city will provide jobs

GMT 16:06 2017 Sunday ,23 April

Prince Khaled bin Salman appointed US ambassador

GMT 14:00 2017 Wednesday ,19 April

Young professionals meet

GMT 09:35 2017 Friday ,17 November

Mugabe refuses to stand down in talks

GMT 14:26 2017 Monday ,02 October

Macron backs Spanish unity in call with Rajoy

GMT 18:15 2018 Wednesday ,05 September

Shaikh Khalid bin Hamad receives Bahraini researcher
Arab Today, arab today
 
 Arab Today Facebook,arab today facebook  Arab Today Twitter,arab today twitter Arab Today Rss,arab today rss  Arab Today Youtube,arab today youtube  Arab Today Youtube,arab today youtube

Maintained and developed by Arabs Today Group SAL.
All rights reserved to Arab Today Media Group 2021 ©

Maintained and developed by Arabs Today Group SAL.
All rights reserved to Arab Today Media Group 2021 ©

arabstoday arabstoday arabstoday arabstoday
arabstoday arabstoday arabstoday
arabstoday
بناية النخيل - رأس النبع _ خلف السفارة الفرنسية _بيروت - لبنان
arabstoday, Arabstoday, Arabstoday