Equifax hack: a nation-state suspected to be behind it.
Equifax Inc.‘s giant Atlanta headquarters, is just one hack away from bankruptcy the vastly efficacious credit reporting company’s employees joked. It wasn’t a defamatory or derogatory talk, they were the cynically, despairingly bitter virtuous truth. Equifax which was founded in the 19th century as a retail credit company, they had transformed into one of the largest repositories of Americans’ most sensitive financial data over the years, which the company split, divided and sold to banks and hedge funds. In essence, the company had the ability and vitality in the security of its data.
A Chinese cybersecurity researcher Nike Zheng, from a very busy industrial center near Shanghai, discovered a bug in the prominent back-end software for web applications called Apache Struts, apparently had no idea or knew little about Equifax or the value of the data pulsing through its servers when he exposed the flaw. On March 6 he provided Information to Apache along with a fix which was published, it showed how the flaw using the software could be used to steal data from any company.
The Apache’s post caught the attention of the global hacking community rather than the average American who had no reason to notice the post. The information was posted to FreeBuf.com, a Chinese security website within a day that is in 24 hours, and showed up in Metasploit, a popular free hacking tool on the same day. According to the investigation hackers scanning the internet for computer systems vulnerable to the attack got a hit on a server at Equifax in Atlanta on March 10.
Hackers began to penetrate Equifax nor so long from the date the company’s server got hit, they may have not discover the value immediately, over the following months the attack increased, the first group known as the entry crew handed over to a more experienced team of hackers.
On Thursday the credit reporting firm Equifax (EFX) reported that the hackers had accessed vital personal data of at least 143 million people in the US which include: their social security numbers, and driver’s license number, the financial data, birth dates, addresses and more. The attackers had accessed dozens of sensitive databases and created more than 30 separate entry points into Equifax’s computer systems. On July 29,the hackers were finally discovered but they were so intensely entrenched that while the security team was finding and closing the backdoors the intruders had set up the company was forced to take a consumer complaint portal offline for 11 days.
The investigators in Equifax suspect a nation-state to be behind the hack due to the handoff to more sophisticated hackers which is among their evidence that led them to that suspicion. Many of the tools used were Chinese, others involved in the investigation says the evidence are ambiguous at best and points to other directions.
Mandiant , the security consulting firm hired by Equifax to investigate the breach, in a report distributed to Equifax clients on Sept. 19 said that it didn’t have sufficient data to identify either the attackers or their country of origin. On the probe being conducted by the Federal Bureau of Investigation and U.S. intelligence agencies someone briefed that there is evidence that a nation-state may have played a role, but that it doesn’t point to China. No country’s name was mentioned the person refused to say the country involved because the details are classified.
Equifax said Monday being the 2nd of October that an additional 2.5 million Americans may have been affected by the massive security breach of its systems, bringing the total to 145.5 million people who had their personal information accessed or stolen, Mandiant, has completed its investigation and plans to release the results as soon as possible. The company also said by Oct. 8 it will update its own notification so people who would want to check if they were also among those affected by the hack.
The 100,000 Canadian citizens which was formerly said by Equifax to may have been affected, the completed review did not leave that out and persisted that only about 8,000 Canadian consumers information was involved.
Equifax’s former CEO, Richard Smith, who announced his retirement last month, will testify in front of Congress starting Tuesday. He’s expected to face bipartisan anger from politicians who have expressed outrage that a company tasked with securing vast amounts of personal data was unable to keep their security software up to date.
He apologised for the way the company handled the announcement of the hack and said human error and technology failures allowed the data breach, he apologised about it in a prepared testimony.
In his prepared remarks Smith said “To each and every person affected by this breach, I am deeply sorry that this occurred,” and he also said “Whether your personal identifying information was compromised, or you have had to deal with uncertainty of determining whether or not your personal data may have been compromised, I sincerely apologize. The company failed to prevent sensitive information from falling into the hands of wrongdoers.”
Equifax faces several state and federal inquiries and numerous class-action lawsuits. And also the cities of San Francisco and Chicago, and at least one state, Massachusetts, have as well sued Equifax.