notebion.blogg.se - Equifax data breach

#EQUIFAX DATA BREACH UPDATE#
#EQUIFAX DATA BREACH PATCH#
#EQUIFAX DATA BREACH CODE#

7, 2017 – Equifax issued a statement saying the three executives “had no knowledge that an intrusion had occurred at the time they sold their shares.” Tthis website included controversial arbitration language in regards to the victim’s ability to sue Equifax. 7, 2017 – Equifax publicly announces Security Breach and provided a dedicated website for consumers to see if they were impacted. 1-3, 2017 – Three top executives of Equifax sell almost $2 million of company stock.

July 29, 2017 – Equifax identified that they were the victim of a Cyber Attack and took necessary actions to immediately stop the intrusion.

The total impact of this breach affected residents of Canada, the United Kingdom, as well as the United States.

March 13th, 2017 – Threat actors gained access to Equifax’s systems as well as sensitive information of nearly 44% of the U.S.

A few days later, the IT department of Equifax ran additional scans yet again, was unable to recognize the vulnerability.

#EQUIFAX DATA BREACH UPDATE#

March 9th, 2017 – Equifax issued an internal email to deploy the Apache Struts update within 48 hours, unfortunately the systems failed to identify any vulnerabilities.

#EQUIFAX DATA BREACH CODE#

March 7th, 2017 – Proof of Concept Code (PoC) for a working Apache Struts RCE exploit, uploaded to a public GitHub repository.March 6th, 2017 – Apache Struts RCE Zero-Day Vulnerability identified and actively exploited.

#EQUIFAX DATA BREACH PATCH#

Equifax’s failure to patch this vulnerability lead to a series of events that is being viewed as one of the largest security breaches in the 21st century.

Since CVE-2017-5638 is a vulnerability that exists within a framework for Apache web-applications, it would have been difficult for Equifax to identify vulnerably instances.

In this case, CVE-2017-5638 is a Remote Code Execution (RCE) vulnerability that allows remote threat actors to execute commands to the back-end systems of Equifax’s webservers through online form fields. A vulnerability with critical severity should be patched as soon as possible due to their security implications and the risk they pose to the environment. The vulnerability CVE-2017-5638 was announced in March of 2017 and was identified as a critical severity with a vulnerability score of 10.0. The impact of such a security breach to an organization that handles extremely sensitive data, including names, addresses, social insurance numbers, as well as financial information are devastating, and simply demonstrate the importance of effective patch management. This cyber-attack was successful due to an unpatched vulnerability (CVE-2017-5638) found in an Apache Struts instance running on Equifax’s webservers. Equifax, an organization that handles consumer information and credit services such as credit information and ratings, announced on September 7th, 2017 that they were the victim of a cyber-attack.