The FTC is looking into the Equifax breach

15 September, 2017, 00:35 | Author: Regina Lloyd
  • Regarding Equifax | Make Credit Freezes Free In Illinois

"The vulnerability was Apache Struts CVE-2017-5638", Equifax said in a frequently-asked-questions section of a website it set up to help people affected.

But it's not clear if the credit agency giant went through the time consuming process of updating its systems to fix the bug - leaving themselves open to a major security breach. "CAA did not handle or retain any of the information provided to Equifax", said Ian Jack, CAA managing director of communications and government relations.

Recently, Equifax disclosed the exposed data of around 143 million Americans during a cyberattack.

The vulnerability allows remote attackers to execute arbitrary commands via a #cmd= string in a crafted Content-Type HTTP header, and was patched in March 2017.

'This illustrates how widespread the risk is'. Shares of rival Experian Plc, which trade in London, dropped as much as 6.4 percent on Thursday.




The vulnerability was a critical weakness for many large websites that were built using the software. Since Equifax announced the breach last week, the Attorney General's office has received a number of calls from concerned Arkansans - and hopes more will do the same.

'We know that criminals exploited a USA website application vulnerability. They tumbled to a more than two-year low on Thursday after the company confirmed a fixable web server vulnerability was exploited in the hack, but the stock later recovered somewhat. We continue to work with law enforcement as part of our criminal investigation, and have shared indicators of compromise with law enforcement'. Equifax is offering to affected parties free credit file monitoring and identity theft protection.

The majority of America's adult population was affected by the credit bureau's breach. Equifax Chief Executive Officer Richard Smith, is expected to testify on October 3 before a U.S. House of Representatives panel.

'I apologize to consumers and our business customers for the concern and frustration this causes. That's, uh, not a good look for Equifax's data security team. In an updated statement on its Equifax Security website, it said that it has been "intensely investigating the scope of the intrusion with the assistance of a leading, independent cybersecurity firm to determine what information was accessed and who has been impacted" and the firm determined that the attackers exploited the website application vulnerability. The sales came before the breach was announced to the public.

Recommended:



Popular

Facebook introduces monetization limitations and new advertiser controls
This was revealed by Carolyn Everson, VP global marketing solutions at Facebook , in a blog post . Facebook said it's also releasing new tools so advertisers know what publishers ran their ads.

Syria army tries to encircle Daesh in Deir al-Zor: military source
Russian airstrikes on the western bank of the Euphrates river killed "16 civilians, including five children". Moscow intervened in Syria in September 2015 in support of its ally President Bashar al-Assad.

Relative of ex-Seattle mayor is 5th to accuse him of abuse
CNN reports that Murray, 60, stepped down after his cousin accused him of sexual abuse in an interview with a local newspaper. He apologized to his staff and to the city and said it had become clear that his resignation was best for the city .

Goldman Sachs Expects Hurricane Irma to Hurt Oil Demand
On Monday, Falih and his United Arab Emirates counterpart also agreed to consider an extension beyond March 2018. Oil last traded above $100 a barrel in 2014, the year in which prices began to slide due to excess supply.

Journey, Flower Developer's Next Game May Skip PlayStation
Players take control of the Children of Light, and their goal is to bring the light "where it is needed the most". Since then, a tweet from thatgamecompany indicated that it was coming to these platforms first, not exclusively.

Market Focus on Shares of Cedar Realty Trust Inc (CDR)
Cambridge Investment Research Advisors Inc increased Ishares (IJJ) stake by 26,012 shares to 70,987 valued at $10.31M in 2016Q4. Many consider the equity oversold if the reading is below -80 and overbought if the indicator is between 0 and -20.

Too early to tell if Hurricane Jose could hit Florida
The center's official forecast finds Jose just over 400 miles from Jacksonville, Florida on Sunday morning. As of Tuesday morning, Jose was a low-end Category 1, and could weaken further into a tropical storm.

The New Porsche Cayenne Turbo Accelerates As Quickly As A Manual GT3
Of course, that 0-60 time only happens when the new Cayenne is equipped with the optional Sport Chrono Package. The new Cayenne Turbo is the first SUV to feature an adaptive roof spoiler as a component of its aerodynamics.

Xiaomi Launches The Mi Notebook Pro
Moving on, the keyboard is backlit and the company has claimed that the keyboard area is 19 percent larger than the MacBook Pro. It also features 2 USB-C ports however only 1 port can be used to charge the device, the 2nd port is only for data transfer.

Pippa Middleton comforts Duchess Catherine through morning sickness
The Duchess is herself one of three children, and is believed to have hoped for a trio of children of her own before her mid-30s. Prince William and Kate Middleton have not revealed if they are having a boy or a girl (Photo: Retropix / Splash News).