Stories
Slash Boxes
Comments

SoylentNews is people

Equifax CIO, CSO “Retire” in Wake of Huge Security Breach

posted by Fnord666 on Monday September 18 2017, @09:41AM   Printer-friendly
from the retired-or-fired dept.

MrPlow writes:

Submitted via IRC for SoyCow5743

On Friday, Equifax announced that two top executives would be retiring in the aftermath of the company's massive security breach that affected 143 million Americans.

According to a press release, the company said that its Chief Information Officer, David Webb, and Chief Security Officer, Susan Mauldin, would be leaving the company immediately and were being replaced by internal staff. Mark Rohrwasser, who has lead Equifax's international IT operations, is the company's new interim CIO. Russ Ayres, who had been a vice president for IT at Equifax, has been named as the company's new interim CSO.

The notorious breach was accomplished by exploiting a Web application vulnerability that had been patched in early March 2017.

However, the company's Friday statement also noted for the first time that Equifax did not actually apply the patch to address the Apache Struts vulnerability (CVE-2017-5638) until after the breach was discovered on July 29, 2017.

Source: https://arstechnica.com/tech-policy/2017/09/equifax-cio-cso-retire-in-wake-of-huge-security-breach/

Also at https://www.bleepingcomputer.com/news/security/equifax-releases-new-information-about-security-breach-as-top-execs-step-down/

Original Submission

 
This discussion has been archived. No new comments can be posted.
Equifax CIO, CSO “Retire” in Wake of Huge Security Breach | Log In/Create an Account | Top | 47 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 4, Informative) by Whoever on Tuesday September 19 2017, @01:56AM (2 children)

    by Whoever (4524) on Tuesday September 19 2017, @01:56AM (#570010) Journal

    That's a very interesting and probably correct analysis of events.

    Except that it misses one important point: these CXX people sold shares before the breach was announced. They lied about not knowing about the breach (it's just come out that there was an earlier breach).

    Starting Score:    1  point
    Moderation   +2  
       Interesting=1, Informative=1, Total=2
    Extra 'Informative' Modifier   0  
    Karma-Bonus Modifier   +1  
    Total Score:   4  

  • (Score: 2) by frojack on Wednesday September 20 2017, @06:26PM (1 child)

    by frojack (1554) on Wednesday September 20 2017, @06:26PM (#570761) Journal

    People with stock options sell shares on an automated basis. Precisely to avoid these situations.

    Their portfolio managers have standing instructions to sell some of their option stocks to keep their portfolio diversified.

    They ALL have portfolio managers that handle own-company stock PRECISELY to avoid insider trading. Its virtually a requirement to sit on any board, hold any officer position to put your own-company stock in a trust. The FTC is pretty strict on this.

    Yet there's always some fool who knows nothing about the stockmarket who jumps up screaming INSIDER!!!

    --
    No, you are mistaken. I've always had this sig.

    • (Score: 2) by Whoever on Wednesday September 20 2017, @08:31PM

      by Whoever (4524) on Wednesday September 20 2017, @08:31PM (#570836) Journal

      Except that there doesn't appear to have been a scheduled trade plan in place that would explain these trades.

      What is your deal? You feel compelled to make stuff up so that you can brown-nose wealthy people? Why?

      Yet there's always some fool who knows nothing about the stockmarket who jumps up screaming INSIDER!!!

      Go fuck youself, know-nothing asshole!