Information accessed in the breach included first and last names, Social Security numbers, birth dates, addresses and, in some instances, driver's license numbers for an estimated 143 million Americans, based on Equifax' analysis. While the failure to update Struts was a key failure, analysis of the breach found further faults in Equifax' system that made it easy for the breach to occur, including the insecure network design which lacked sufficient segmentation, potentially inadequate encryption of personally identifiable information (PII), and ineffective breach detection mechanisms. At least 34 servers in twenty different countries were used at different points during the breach, making tracking the perpetrators difficult. The activities went on for 76 days until Jwhen Equifax discovered the breach and subsequently, by July 30, 2017, shut off the exploit. Using encryption to further mask their searches, the hackers performed more than 9000 scans of the databases, extracted information into small temporary archives that were then transferred off the Equifax servers to avoid detection and removed the temporary archives once complete. The information first pulled by the hackers included internal credentials for Equifax employees, which then allowed the hackers to search the credit monitoring databases under the guise of an authorized user. The hackers used the exploit to gain access to internal servers on Equifax' corporate network. Īs determined through postmortem analysis, the breach at Equifax started on when Equifax had yet to update its credit dispute website with the new version of Struts. Security experts found an unknown hacking group trying to find websites that had failed to update Struts as early as Maas to find a system to exploit. A key security patch for Apache Struts was released on Maafter a security exploit was found and all users of the framework were urged to update immediately. Equifax had been using the open-source Apache Struts as its website framework for systems handling credit disputes from consumers. The data breach into Equifax was principally through a third-party software exploit that had been patched, and Equifax failed to update their servers with it.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |