Equifax: A Disaster Within a Disaster

Throughout the last few months, the American public was informed that Equifax, one of the three organizations tasked with containing all of your personal information, was hacked. More than 143 million of Americans were affected by this data breach and the damage is estimated at 281 million dollars. Now, how could such a disaster happen?

All of this damage could have been avoided if Equifax was not as negligent as it was. The company learned that the attackers took advantage of a security flaw in their Apache Struts Web Framework, which allowed them to remotely execute code on Equifax’s systems. The bug was found in March by the framework’s creator, Apache Software Foundation, and was revealed with recommended patches to fix it. However, it is clear that Equifax did not move quickly enough to prevent nearly half of all Americans’ names, addresses and dates of birth from being stolen.

Overall, this breach could have been prevented in Equifax had payed more attention to their consumers. The fact that the patch was out for weeks and that Equifax neglected to update their systems is astonishing. One can only hope that this breach serves as a lesson to Equifax and other cloud-service providers to constantly be on the lookout for possible entry points into their private data.