Missed patch caused Equifax data breach

www.theregister.co.uk | 9/13/2017 | Staff
bungienet (Posted by) Level 3
Click For Photo: https://regmedia.co.uk/2016/10/28/fail.jpg?x=1200&y=794

Equifax has revealed that the cause of its massive data breach was flaw it should have patched weeks before it was attacked.

The company has updated its www.equifaxsecurity2017.com/ site with a new “A Progress Update for Consumers” that opens as follows:

Equifax - Scope - Intrusion - Assistance - Cybersecurity

Equifax has been intensely investigating the scope of the intrusion with the assistance of a leading, independent cybersecurity firm to determine what information was accessed and who has been impacted. We know that criminals exploited a U.S. website application vulnerability. The vulnerability was Apache Struts CVE-2017-5638. We continue to work with law enforcement as part of our criminal investigation, and have shared indicators of compromise with law enforcement.

As the Apache Foundation pointed out earlier this week,...
(Excerpt) Read more at: www.theregister.co.uk
12 other people are viewing this story
Wake Up To Breaking News!
Freedom is Never Free!
Tagged:
Sign In or Register to comment.