2017 Equifax Breach Summary

Incident Report Summary:

In July 2017, Equifax experienced a significant data breach impacting approximately 147 million individuals. Compromised data included names, addresses, dates of birth, Social Security numbers, drivers license numbers, and credit card information of around 200,000 customers who paid for credit reports.

Detailed Overview:

The breach originated in March 2017 when a vulnerability was discovered in Apache Struts, an open-source framework used by Equifax for enterprise Java applications. Despite a patch release on March 7, Equifax administrators failed to apply it to affected systems on March 9. On March 15, scheduled scans to identify vulnerabilities yielded no flags or systems requiring patching. The breach likely began on March 10, with attackers becoming active on May 13, 2017, moving through compromised servers until July. Exploiting poor data governance, attackers accessed databases containing information on millions. Encryption of data hindered detection, exacerbated by Equifax’s failure to renew a public key certificate in July 2019, discovered only on July 29, 2019. Equifax internally investigated for a month before disclosing the incident on September 8, 2017. Despite the breach affecting nearly 143 million Americans, no cases of fraud or identity theft have been traced back to the incident. Equifax spent $1.4 billion on security upgrades, offering affected customers a meager $125 compensation. In February 2020, the U.S. DOJ charged four Chinese military members, underlining the severity of the attack.

Major Findings:

  • Attackers accessed Equifax’s internal systems through a third party.
  • Equifax neglected to renew public key certificates for almost 10 months.
  • Failure to patch Apache Struts as instructed.
  • Approximately 147 million people were affected.
  • The attack, believed to be Chinese state-sponsored, aimed at espionage, not theft.

Recommendations for Remediation:

  • Implement network segmentation for heightened security.
  • Enhance data governance, restricting access to sensitive information.
  • Regularly patch and update databases to counter daily cyber threats.
  • Conduct awareness and training for staff on timely security measures.

Conclusion:

This cyberattack stands as one of the most significant in history, impacting a vast number of individuals. It underscores the importance of addressing key findings, particularly instances where employees neglect cybersecurity measures. Comparison with other major incidents reveals a recurring theme of losses stemming from inadequate patching or cybersecurity system upgrades, whether due to ignorance or budget constraints.

Share:

Facebook
Twitter
Pinterest
LinkedIn

Upcoming Events

Social Media

Most Popular

Get The Latest Updates

Subscribe To Our Weekly Newsletter

No spam, notifications only about new products, updates.

Categories

Related Posts

Entry level IT jobs with no experience necessary

If you’re looking for entry-level IT jobs with no experience, here are some good options: 1. Help Desk Technician Responsibilities: Troubleshooting basic computer issues, resetting passwords, setting up accounts. Skills:

Where to begin in Cybersecurity?

If you have zero knowledge and zero experience, these are the best introductory videos and courses to get started quickly and effectively: Best Introductory Video (Fastest Way to Learn) 📺

Getting Into Cybersecurity: A Roadmap for Beginners

Getting Into Cybersecurity: A Roadmap for Beginners Cybersecurity is one of the fastest-growing fields in tech, offering rewarding careers, competitive salaries, and the opportunity to protect organizations from evolving digital

Top 10 CyberSecurity Certifications 2024

Top 10 Cybersecurity Certifications for Professionals Whether you’re an aspiring cybersecurity enthusiast or a seasoned expert, there’s a certification tailored for you. The following is an alphabetical compilation of 10

Scroll to Top