Skip to main content

Equifax Data Breach

By Gourav S




Equifax, one of the three largest consumer credit reporting agencies in the United States, announced in September 2017 that its systems had been breached and the sensitive personal data of 148 million Americans had been compromised. The data breached included names, home addresses, phone numbers, dates of birth, social security numbers, and driver’s license numbers. The credit card numbers of approximately 209,000 consumers were also breached. The Equifax breach is unprecedented in scope and severity. There have been larger security breaches by other companies in the past, but the sensitivity of the personal information held by Equifax and the scale of the problem makes this breach unprecedented. 

Chinese Military Charged with Equifax Breach: The U.S. government has indicted four members of China's military on charges of hacking Equifax to exploit the personal data of 150 million Americans. They allegedly conspired to hack into Equifax's computer networks, maintain unauthorized access to those computers, and steal sensitive, personally identifiable information of nearly half of all American citizens. 



The Equifax data breach was particularly dangerous because of the sensitive information that was compromised. This information can be used to commit identity theft and other crimes. The breach also affected a large number of people, which made it one of the largest data breaches in history.

In the wake of the Equifax data breach, many people criticized the company for its poor security practices. The hackers were able to gain access to Equifax’s systems by exploiting a known vulnerability that had not been patched. This showed that Equifax had not taken proper steps to protect its customers’ data. Further proving the benefit of regular Penetration Testing, to highlight new vulnerabilities and remediate them before you’re the victim of such an attack.

The Equifax data breach is an important reminder of the importance of cybersecurity. Organisations must take steps to protect their customers’ data, or they will face serious consequences.




What kind of attack was Equifax?

What was the Equifax vulnerability? (0:19- 1:05) Equifax, the largest credit reporting agency and one of the largest human intel databases in the world, was breached when a hacker discovered that there was an unpatched version of Apache Struts software running on a server in their DMZ, facing the internet.
Labels:

Comments

Post a Comment

Popular posts from this blog

Microservices design patterns

By Gourav S
Microservices design pattern Next :  saga-design-pattern-microservices
Post a Comment
Read more

Introduction to MuleSoft

By Gourav S
Mule ESB is a lightweight and highly scalable Java-based enterprise service bus (ESB) and integration platform provided by MuleSoft. Mule ESB allows the developer to connect applications easily and quickly. Regardless of various technologies used by applications, Mule ESB enables easy integration of applications, enabling them to exchange data. Mule ESB has the following two editions: Community Edition. Enterprise Edition. What is API-led connectivity? API-led connectivity  is a methodical way to connect data to applications through reusable and purposeful APIs within an organisation’s ecosystem. These APIs are developed to play a specific role: unlocking data from systems, composing data into processes, or delivering an experience.  What are the 3 APIs that enable API-led connectivity?  API-led connectivity provides an approach for connecting and exposing building blocks in an ecosystem. Their scope can vary: within a specific domain, within a line of business (LoB), acr...
Post a Comment
Read more

Runtime Fabric (RTF)

By Gourav S
MuleSoft's Anypoint Runtime Fabric (RTF) has many features that help with deployment and management of Mule applications: Deployment: RTF can deploy applications to any environment, including on-premises, in the cloud, or in a hybrid setup. It can also automatically deploy Mule runtimes into containers. Isolation: RTF can isolate applications by running a separate Mule runtime server for each application. Scaling: RTF can scale applications across multiple replicas. Fail-over: RTF can automatically fail over applications. Monitoring and logging: RTF has built-in monitoring and logging capabilities to help teams troubleshoot issues and gain insights into application performance. Containerization: RTF supports containerization, which allows applications to be packaged with their dependencies and run consistently across different environments. Integration: RTF can integrate with services like SaveMyLeads to automate data flow between applications. Management: RTF can be managed with A...
1 comment
Read more