Stories
Slash Boxes
Comments

SoylentNews is people

posted by Fnord666 on Monday September 18 2017, @09:41AM   Printer-friendly
from the retired-or-fired dept.

Submitted via IRC for SoyCow5743

On Friday, Equifax announced that two top executives would be retiring in the aftermath of the company's massive security breach that affected 143 million Americans.

According to a press release, the company said that its Chief Information Officer, David Webb, and Chief Security Officer, Susan Mauldin, would be leaving the company immediately and were being replaced by internal staff. Mark Rohrwasser, who has lead Equifax's international IT operations, is the company's new interim CIO. Russ Ayres, who had been a vice president for IT at Equifax, has been named as the company's new interim CSO.

The notorious breach was accomplished by exploiting a Web application vulnerability that had been patched in early March 2017.

However, the company's Friday statement also noted for the first time that Equifax did not actually apply the patch to address the Apache Struts vulnerability (CVE-2017-5638) until after the breach was discovered on July 29, 2017.

Source: https://arstechnica.com/tech-policy/2017/09/equifax-cio-cso-retire-in-wake-of-huge-security-breach/

Also at https://www.bleepingcomputer.com/news/security/equifax-releases-new-information-about-security-breach-as-top-execs-step-down/


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 4, Interesting) by Thexalon on Monday September 18 2017, @12:32PM (2 children)

    by Thexalon (636) on Monday September 18 2017, @12:32PM (#569724)

    Their "actual customers" are businesses that want to run credit checks on ordinary people. Which, since many businesses use credit rating as a measure of overall responsibility, is more than you might think. For instance, it's pretty common for employers to run credit checks on people they're considering hiring (which makes it harder if you have bad credit to get a job, making it harder to fix your credit).

    --
    The only thing that stops a bad guy with a compiler is a good guy with a compiler.
    Starting Score:    1  point
    Moderation   +2  
       Interesting=1, Informative=1, Total=2
    Extra 'Interesting' Modifier   0  
    Karma-Bonus Modifier   +1  

    Total Score:   4  
  • (Score: 0) by Anonymous Coward on Monday September 18 2017, @05:43PM

    by Anonymous Coward on Monday September 18 2017, @05:43PM (#569822)

    So we need to cross our fingers that whoever is behind this breech sells it to their "actual customer" for less and undercuts Equifax's business.

  • (Score: 2) by frojack on Wednesday September 20 2017, @07:02PM

    by frojack (1554) on Wednesday September 20 2017, @07:02PM (#570786) Journal

    run credit checks on ordinary people.

    Gee, its too bad Equifax is powerless to protect credit rating of the ordinary people [equifax.com] who's data was breached.

    --
    No, you are mistaken. I've always had this sig.