discussion 9

alokreddy
harish.docx
Home>Information Systems homework help>discussion 9

Equifax is one of three nationwide credit-reporting companies that track and rates the financial history of U.S. consumers. The companies are supplied with data about loans, loan payments and credit cards, as well as information on everything from child support payments, credit limits, missed rent and utilities payments, addresses and employer history, which all factor into credit scores.

Equifax in September, 2017 revealed a huge data breach that impacted 143 million customers of its credit and information services. The breach was first discovered on July 29, 2017 and was due to a vulnerability in a U.S. website application, which allowed hackers access to certain files. The breach lasted from mid-May through July. The hackers accessed people’s names, Social Security numbers, birth dates, addresses and, in some instances, driver’s license numbers. They also stole credit card numbers for about 209,000 people and dispute documents with personal identifying information for about 182,000 people. And they grabbed personal information of people in the UK and Canada too.

After Incident Actions:

                Equifax agreed to a number of data security rules under a consent order with eight state financial regulators. The order describes specific steps the credit bureau must take, including conducting security audits at least once a year, developing written data protection policies and guides, more closely monitoring its outside technology vendors, and improving its software patch management controls.

                Also, Equifax found the cause of incident and said that the attackers gained access to its systems last year through a known software flaw that was inadvertently left unfixed for months. Government regulators and law enforcement officials are still looking into Equifax’s data safeguards. The company remains under investigation by the Federal Trade Commission, the Consumer Finance Protection Bureau and the Securities and Exchange Commission, among others.

 

References:

Seena Gressin, (September 8), 2017, “The Equifax Data Breach: What to Do”, Federal Trade Commission Consumer Information, Retrieved from:  https://www.consumer.ftc.gov/blog/2017/09/equifax-data-breach-what-do

Michael Novinson, (December 18), 2017, “The 10 Biggest Data Breaches Of 2017”, CRN, Retrieved from:  https://www.crn.com/slide-shows/security/300096951/the-10-biggest-data-breaches-of-2017.htm/pgno/0/10

Stacy Cowley, (June 27), 2018, “8 States Impose New Rules on Equifax After Data Breach”, The NewYork Times, Retrieved from: https://www.nytimes.com/2018/06/27/business/equifax-data-security.html