MyEquifax.com is yet another security disaster

One would think that having one of the most high-profile breaches in recent memory would make a company take security to heart, but Equifax is full of surprises. The latest is that its MyEquifax.com site, to which the company invites those affected by its poor security practices to freeze and unfreeze their credit, itself has extremely poor security.

View More MyEquifax.com is yet another security disaster

Vulnerable software that helped cause Equifax breach still being used by major U.S. corporations

TwitterFacebook

Someone at these companies, please update your software!

Hundreds of major U.S. corporations are using the same flawed version of server software that led to the 2017 Equifax breach, according to open source software automation firm, Sonatype. 

In a report published by TechCrunch, Sonatype’s data shows that two-thirds of Fortune 500 companies downloaded unsecure versions of the software, Apache Struts, in the last six months of 2018. Close to 150 million people had their personal information stolen by hackers who broke into the credit reporting agency’s systems. Some of the data stolen included names, social security numbers, birth dates, and addresses.  Read more…

More about Equifax, Equifax Hack, Tech, Cybersecurity, and Big Tech Companies

View More Vulnerable software that helped cause Equifax breach still being used by major U.S. corporations

Most of the Fortune 100 still use flawed software that led to the Equifax breach

Almost two years after Equifax’s massive hack, the majority of Fortune 500 companies still aren’t learning the lessons of using vulnerable software. In the last six months of 2018, two-thirds of the Fortune 500 companies downloaded a vulnerable version of Apache Struts, the same vulnerable server software that was used by hackers to steal the […]

View More Most of the Fortune 100 still use flawed software that led to the Equifax breach

Equifax breach was ‘entirely preventable’ had it used basic security measures, says House report

A House Oversight Committee report out Monday has concluded that Equifax’s security practices and policies were sub-par and its systems were old and out-of-date, and bothering with basic security measures — like patching vulnerable systems — could’ve prevented its massive data breach last year. It comes a little over a year after Equifax, one of […]

View More Equifax breach was ‘entirely preventable’ had it used basic security measures, says House report

Marriott’s poor data breach response is putting victims at risk of phishing

Last Thursday, Marriott sent out millions of emails warning of a massive data breach — some 500 million guest reservations had been stolen from its Starwood database. One problem: the email sender’s domain didn’t look like it came from Marriott at all. Marriott sent its notification email from “email-marriott.com,” which is registered to a third […]

View More Marriott’s poor data breach response is putting victims at risk of phishing

Equifax slapped with UK’s maximum penalty over 2017 data breach

Credit rating giant Equifax has been issued with the maximum possible penalty by the UK’s data protection agency for last year’s massive data breach. Albeit, the fine is only £500,000 because the loss of customer data occurred when the UK’s prior privacy regime was in force — rather than the tough new data protection law, […]

View More Equifax slapped with UK’s maximum penalty over 2017 data breach

Alibaba’s Ant Financial denies stealing from Equifax

Ant Financial has denied claims that it covertly raided Equifax — the U.S. credit firm that was hit by a hack last year — to grab information, including code, confidential data and documents to help recruit staff for its own credit scoring service. The Alibaba affiliate, which is valued at over $100 billion, launched Sesame […]

View More Alibaba’s Ant Financial denies stealing from Equifax

Sonatype raises $80 million to build out Nexus platform

Sonatype, a cybersecurity-focused open-source company, has raised $80 million from investment firm TPG. The company said the financing will help extend its Nexus platform, which it touts as an enterprise ready repository manager and library, which among other things tracks code and helps to keep everything in the devops pipeline up-to-date and secure. It’s that […]

View More Sonatype raises $80 million to build out Nexus platform

Balbix raises $20M for a predictive approach to enterprise cybersecurity

Security breaches are a disaster for corporate companies, but good news if you’re someone who offers preventative solutions. Today in 2018, wide-ranging attacks on the likes of Equifax, Sony Pictures and Target have only added value to those charged with safeguarding companies. Balbix, one such solutions provider, has pulled in a $20 million Series B to […]

View More Balbix raises $20M for a predictive approach to enterprise cybersecurity

Equifax filing reveals hack was somehow even worse than previous estimates

The 2017 hack of Equifax, already among the largest ever recorded, just got bigger. Well, they’re admitting that it was bigger than they had previously, which amounts to the same thing. Documents filed with the SEC reveal that more people, more IDs, and more info in general was stolen when the company utterly failed to protect its “users,” many of which didn’t even know they were in the database.

View More Equifax filing reveals hack was somehow even worse than previous estimates

Equifax taps former GE exec Mark Begor as its new CEO

It’s been seven months since a major data breach sent shares of Equifax tumbling, and the company is still pulling itself together. On Wednesday, the credit bureau announced it was appointing former GE exec Mark Begor to take over the troubled company’s affairs. The hire comes six months after Equifax’s former CEO Richard Smith resigned and […]

View More Equifax taps former GE exec Mark Begor as its new CEO