In one of the largest reported online breaches in US history, hackers exploited a “website application vulnerability” to compromise sensitive details of nearly 143 million Equifax customers.
Credit rating firm Equifax has confirmed that hackers accessed SSNs, birth dates, and financial information of millions of customers.
Equifax discovered the breach in mid-July, more than a month after unnamed hackers first exploited a vulnerability in its website. Considering that Equifax holds sensitive personal and financial data belonging to 820 million customers, the revelation was expected to create a lot of chaos in financial markets.
And it did. Following Equifax’s admission of the breach, the credit rating firm’s stock fell 13% in New York and is expected to fall further. According to Bloomberg, three senior officials at Equifax reportedly sold their shares in the weeks prior to the announcement.
Equifax’ Chief Financial Officer, the president of U.S. information solutions, and the president of workforce solutions sold a combined $1.7 million in stock in the first week of August. Equifax has dispelled the notion that these officials were in the know, claiming that they had no information regarding the breach before it was officially announced.
“I apologise to consumers and our business customers for the concern and frustration this causes. We pride ourselves on being a leader in managing and protecting data, and we are conducting a thorough review of our overall security operations,” said Richard Smith, CEO of Equifax.
According to the agency, between May and July, hackers were able to exploit a “U.S. website application vulnerability to gain access to certain files”. Information thus compromised included personal identifying information for about 182,000 consumers and credit card details of another 209,000 customers.
“Often we see privilege or administrator accounts being used to gain super-user status in the infrastructure which enables attackers to plant malware and circumvent security measures to access what would be otherwise secure records and databases. Privilege Access Management is proving to be one of the most foundational measures that a company can take to control and manage this risk,” said Andrew Clarke, EMEA Director at One Identity.
“Other factors include user education coupled with best security practices embracing tools such as firewalls; patch management and vulnerability assessment to close loop-holes and limit exposure. In addition, the fact the attack occurred from mid-May to mid-July points to the fact that tools such identity analytics and risk intelligence are not in place or working effectively here,” he added.
Image source: Culik Law