Now Playing
97.1 The River
Last Song Played
Classic Hits

Posted: September 14, 2017

Equifax, software maker blame each other for opening door to hackers


By Russell Grantham, The Atlanta Journal-Constitution

Equifax and a software company are blaming each other for a glitch that allowed hackers to obtain Social Security numbers and other sensitive information for 143 million people.

>> Read more trending news

The Atlanta-based company, one of the nation’s three key credit bureaus that track individuals’ credit histories, said late Wednesday that hackers breached a vulnerable spot in a U.S. website application called Apache Struts CVE-2017-5638. Equifax disclosed last week that it discovered in July that hackers had tapped a large trove of personal data on most adults in America.

>> Related: Federal probe launched after Equifax data breach

But in a statement Thursday, Apache Software Foundation, which provides the application, said it provided and announced a patch for the software fault on March 7, well before Equifax said the security breach began in mid-May.

“In conclusion, the Equifax data compromise was due to their failure to install the security updates provided in a timely manner,” the foundation said.

>> Related: Equifax cyberattack: What to know

The 18-year-old foundation said it is an all-volunteer organization that produced open-source Java applications for government and business users, including Fortune 100 companies.

Equifax couldn’t be reached immediately for a response to Apache Software Foundation’s statement.

143 Million Could Be Affected by Equifax Data Breach


Related

Equifax reports massive data breach that could affect 143 million in U.S.

Mike Stewart/AP

Equifax reports massive data breach that could affect 143 million in U.S.

Credit reporting and technology company Equifax said Thursday a “cyber security incident” may have exposed the personal information of 143 million U.S. consumers.

The data that might have been accessed includes names, Social Security numbers, birth dates and addresses. The company also said driver’s license numbers might also have been exposed. The unauthorized access also compromised some personal information for an undisclosed number of residents of the United Kingdom and Canada, Equifax said.

>> Read more trending news

Unauthorized access to the information occurred from mid-May to July, the company said, and was discovered by the company on July 29. Equifax, which is based in Atlanta, engaged a outside cybersecurity firm to investigate, the company said.

“This is clearly a disappointing event for our company, and one that strikes at the heart of who we are and what we do. I apologize to consumers and our business customers for the concern and frustration this causes,” Equifax Chairman and CEO Richard F. Smith said in a  Thursday news release. “We pride ourselves on being a leader in managing and protecting data, and we are conducting a thorough review of our overall security operations. We also are focused on consumer protection and have developed a comprehensive portfolio of services to support all U.S. consumers, regardless of whether they were impacted by this incident.”

The company has set up a website, www.equifaxsecurity2017.com, for additional information and to access credit monitoring and identity theft protection services.

Equifax said it would provide a free package of credit monitoring and ID protection services at no cost, which Smith called an unprecedented step

A video statement from Smith was uploaded to Equifax’s YouTube page and is below:

i

Equifax cyberattack: How to get a free credit report, protect your identity

Credit reporting juggernaut Equifax announced Thursday that its information was compromised in a major cyberattack affecting 143 million Americans – or two-thirds of people with credit reports.

>> Read more trending news

Hackers were able to get birth dates, Social Security numbers, credit card numbers and addresses, according to Equifax, leaving some to wonder how they can protect themselves.

Here are some tips for ensuring your information is secure:

Find out whether you were affected by the hack through Equifax’s website. The site asks for a person’s last name and the last six digits of their Social Security number in order to determine whether the person was caught in the breach.

Don’t bother with Equifax’s monitoring serviceClark.com reported, noting that the company offering the service is the same one that was hacked.

“The only way to truly protect yourself is with a credit freeze,” Clark.com reported, recommending that people freeze their credit files with all three of America’s major credit reporting companies: Equifax, Experian and Transunion. Doing so does not affect whether or not a person can use already existing lines of credit.

>> Read more information on freezing your credit on Clark.com

Review your credit report and put a fraud alert on it if you are affected, Popular Mechanics suggested. A fraud alert will make it necessary for banks and credit companies to jump through extra hoops to confirm your identity. The magazine noted that a fraud alert filed with any one of America’s three credit bureaus -- Equifax, Experian and Transunion -- will be shared between the three.

>> Read more information on fraud alerts from the Federal Trade Commission

Whether or not you decide to put a fraud alert on your credit file, you can still obtain a free credit report once every 12 months from each of the credit bureaus. The reports can be obtained through annualcreditreport.com or by completing and mailing an annual credit report request form, according to the Federal Trade Commission.

>> Read more information on obtaining free credit reports from the Federal Trade Commission

You may order your reports from each of the three nationwide credit reporting companies at the same time, or you can order your report from each of the companies one at a time. The law allows you to order one free copy of your report from each of the nationwide credit reporting companies every 12 months.

  Equifax data breach: What to know
  Equifax reports massive data breach that could affect 143 million in U.S.

Equifax breach: You can sue if your data was exposed; here's how

Two class-action lawsuits have been filed on behalf of customers affected by a massive breach at Equifax.

>> Watch the news report here

Officials with the Atlanta-based credit reporting and technology company said a “cyber security incident” may have exposed the personal information of 143 million U.S. consumers.

The data that might have been accessed includes names, Social Security numbers, birth dates and addresses.

>> Equifax reports massive data breach that could affect 143 million in U.S.

Former Georgia Gov. Roy Barnes has partnered with a Florida firm for a class-action lawsuit. 

"This is not a windfall thing. These are real damages and real fears that folks have," he said. "There's no telling, but I guarantee you most of this information was auctioned off in just a matter of hours."

>> Equifax data breach: What to know

Barnes said that if you've been compromised, you are automatically a part of the class-action suit unless you opt out.

"You don't have to do anything. We have class representatives and there will come a time when we'll contact folks," he said. 

>> Equifax cyberattack: How to get a free credit report, protect your identity

He said he is going after what it takes to make things right. 

"What the money should be is what is necessary to hire someone to straighten out your credit so that you don't disrupt your life forever," he said. "And some money for the fact that (Equifax) negligently, and in violation of several federal statutes, allowed for this information to get out."

>> Read more trending news

Barnes said among many demands is that Equifax have its security audited, tested and trained and that the company purges information it doesn't need. 

WSB-TV's Nicole Carr visited the Clark Howard Consumer Action Center, where volunteers have received nearly three times their normal call volume with concerns about Equifax.

Volunteers said more than 500 calls came in Wednesday and 99 percent of them were about Equifax.

"I've been here for 20 years. This is the busiest day we've had," said Consumer Action Center volunteer Lori Silverman. 

She said volunteers are working to ease fears about the data breach. 

"Because 140 million people are trying to freeze their credit, the sites are crashing and they're unable to thaw their credit. That's a difficult situation to be in," she said. "We're recommending (everyone) hang tight. Hopefully, all of the hysteria will slowly go away and within the next couple of weeks you'll be able to freeze your credit."

The Consumer Action Center recommends you freeze your credit through Credit Karma. Equifax has rescinded fine print that kept consumers from suing them if they signed up for their free credit file monitoring and identity theft protection. 

"Now they say they're backing off of that, but I would advise everybody: Do not interact with Equifax right now," Barnes said. 

Click here for Barnes' advice on what you should do.

  Equifax cyberattack: How to get a free credit report, protect your identity
  Equifax data breach: What to know
  Equifax reports massive data breach that could affect 143 million in U.S.
 

There are no comments yet. Be the first to post your thoughts. or Register.

 
 
The Other Side of the River - HD2 Listen Live Now
 

Amazon Alexa

Enable our Skill today to listen live at home on your Alexa Devices!