WOW: Equifax Had A Patch For Months And Chose Not To Use It
September 15, 2017

Wow, this Equifax story just keeps getting worse. MSN is reporting that Equifax had a patch for 2 months that might have prevented the insane security breach that led to the release of private information of about 143 million Americans.

The Apache Foundation, a company with oversees "open source software" said it pretty bluntly in a statement released yesterday:

"The Equifax data compromise was due to (Equifax') failure to install the security updates provided in a timely manner."

So they knew it was a problem, they were given a security update and they chose not to install it.

Apparently, the "hole" was patched in early March of this year....but Equifax said the unauthorized access didn't happen until mid-May, a full 2 months later. They have no explanation for why, once notified of the vulnerability, they hadn't taken steps to protect their customers.

Hackers stole a litany of information that put victims at risk: social security number, name, date of birth, etc. So your entire identity. Fantastic.

Equifax's response to why they didn't implement the patch:


"¯\_(ツ)_/¯"

Oh, but they did offer free credit monitoring (after the fact) and said: "We are devoting extraordinary resources to make sure this kind of incident doesn’t happen again. We will make changes and continue to strengthen our defenses against cyber crimes."

Funny thing is they could have prevented this...if they had just listened to the cyber security experts in March by implementing the patch. But hey, why listen to the experts.

Oh, and just a reminder: 3 top Equifax executives sold their stock back in early August when they found out about the breach. Smells like insider trading to me.

Can you help us out?

For nearly 20 years we have been exposing Washington lies and untangling media deceit, but now Facebook is drowning us in an ocean of right wing lies. Please give a one-time or recurring donation, or buy a year's subscription for an ad-free experience. Thank you.

Discussion

We welcome relevant, respectful comments. Any comments that are sexist or in any other way deemed hateful by our staff will be deleted and constitute grounds for a ban from posting on the site. Please refer to our Terms of Service for information on our posting policy.
Mastodon