Equifax Data Breach: a Year Ago and no Attacker is in Jail
Investigation report of one of the Biggest Data Breach which exposed the financial information of more than 140 million Americans is given by congressional investigators explaining that how the hackers broke into Equifax system last year.
It was due to this Data Breach that shares of Equifax drop by about 33%. From that point forward, the stock has recouped to about $10 underneath its crest before all the painful news and closed Monday at $134.56 per share. The organization has reported a benefit of $236 million this year, and the second-quarter benefit was down only 12 percent from a similar period a year ago despite the Breach.
Information which was compromised by the Hackers.
Compromised Data includes Consumer Name, Date of Birth, Social Security Numbers, Address, Driver License Numbers and other related information. Financial profile of millions of consumers was exposed in the breach including home loan taken from bank etc.
How Hackers managed to Break the System?
The GAO (Government Accountability Office), the investigative arm of Congress, affirmed that the server which Equifax used for solving online disputes runs on a software which has a weak spot. And the hackers used this weak point to escape and are still unknown.
Hackers behind this whole scene sent about 9,000 queries to dozens to databases which contains personal information for consumer’s and then they methodically extracted the consumer’s information. Hackers perform this activity by hiding behind the Encryption tools.
The assault went unnoticed by Equifax for over about a month and a half. Equifax authorities after the breach said to GAO that the organization has made numerous mistakes like the patch for software vulnerability was not installed by the system administrator.
What has Equifax done?
The company has said that it has taken various steps to fix the issues which were responsible for the breach. Tools with better functionality were also added for effectively monitoring the network traffic, limit traffic between internals servers and tighten the security on who can system access.
Ines Gutzmer, a spokesperson of Equifax said that this year company will amplify investment by more than $200 to enhance security and technology. She said the organization has given buyers more power over their Equifax information and presented a free credit-ready administration in January.
Who Investigate the Case?
The Federal Bureau of Investigation, the Consumer Financial Protection Bureau and the Federal Trade Commission, among others. It isn’t certain whether the FBI examination is restricted to the robbery of data, or in the event that it reaches out to the activities of the organization and its officials.
Controllers in eight states including California, Texas and New York achieved an assent arrange with Equifax expecting it to enhance its cybersecurity hazard. As a component of the assertion, the organization did not concede bad behavior.
Will Equifax be punished?
Even after one year of the data breach, no government organizations have reported any enforcement activities.
“Equifax and other big credit reporting agencies keep profiting off a business model that rewards their failure to protect personal information,” said Sen. Elizabeth Warren, D-Mass., one of the officials who asked for the GAO report. She faulted the Trump organization and Republicans in Congress and has proposed enactment went for avoiding comparable ruptures.
Warren and Rep. Elijah Cummings, D-Md., said they have asked the Consumer Financial Protection Bureau and the FTC what they’re doing about the issue.