Please fill in the form below to subscribe to our blog

Categories

Tags

Australia BullPhishID BullPhish ID Canada commercial credential stuffing cyberattack cybercrime cybersecurity Dark Web dark web credential loss Dark Web ID dark web monitoring dark web threat Data Breach Data Breach Alerts data compromised data loss prevention data theft France hacking healthcare insider threats Japan MSPs MSP Solutions MSP Space nation-state hackers Passly passwords phishing phishing resistance phishing resistance training ransomware remote working retail security security awareness training SMB cybersecurity stolen credentials supply chain risk The Week in Breach third party risk United Kingdom United States

Equifax’s Giant Security Breach – Inside Job?

September 08, 2017

Equifax’s giant cybersecurity breach announced yesterday – one of the worst ever – compromised the personal information of almost half the U.S. – potentially 143 million Americans. Residents in the U.K. and Canada were also affected. Based on Equifax’s investigation, the unauthorized access occurred from mid-May through July 2017.

This breach is more catastrophic than the Office of Personnel Management (OPM) breach in June 2015 not only because of the volume of people affected but because of what was taken. Equifax says that cyber criminals have accessed our names, social security numbers, birth dates, addresses and the numbers of some driver’s licenses. Gulp.

Theft of personally identifiable information (PII) is scary…and painful. PII can’t be changed or replaced. You can’t change your mother’s maiden name, your social security number or your date of birth. It’s attached to you for life. So the impact of this data breach will be long lasting.

The other frightening element is that the exact date of the breach and who executed it is still not known. As such, we don’t know the intent of the individual or individuals who have the data. Will they try to sell it on Dark Web forums? Is it a nation-state, as it was in the OPM hack? It appears Equifax doesn’t know.

Some of the more successful, damaging hacks in recent years have been very well-planned and very well-executed. Oftentimes, antagonists plan their exploit for months, even years. A compromise of this type would no doubt have required months of planning and months of stealthy execution in order for them to know where and how to extract the data.

Tactical tools and motivation are the first things that organizations look at when they suffer a compromise. The first step upon hack is to look at potentially vulnerable systems that haven’t been patched and look at individuals who have access and can social engineer or collude with individuals on the inside. In this instance, Equifax made the rudimentary error of failing to patch a vulnerability in Apache Struts, a web application development framework. Given the volume of data, we can only speculate that there was some type of insider involvement here.

SUSPECT YOU OR A CUSTOMER HAVE BEEN PART OF A BREACH? We can help.  Enroll in Personal Identity Monitoring Here https://www.idagent.com/products/access-identity-management/ or email us today to find out more.