“We were already positively dumbfounded when Equifax reported that a security breach resulted in the personal information of over 140 million Americans — including social security numbers – has been stolen via a website security vulnerability,” Brandon Hill reports for HotHardware. “What was even more unfathomable is that the attack went undetected for months, and that it took a few more months for Equifax to disclose the magnitude of the breach.”
“Now we’re learning that Equifax has done it again. Just when we thought we couldn’t think any less of the company, Randy Abrams, an independent security analyst, discovered that the Equifax website has been hacked again,” Hill reports. “When visiting the Equifax website to inquire about some rather fishy information that showed up on his credit report, Abrams’ browser was redirected to a malicious website that offered to update his version of Adobe Flash Player (which is a much-hated piece of software in its own right).””
Read more in the full article here.
“He was understandably incredulous,” Dan Goodin reports for Ars Technica. “The site that previously gave up personal data for virtually every US person with a credit history was once again under the influence of attackers, this time trying to trick Equifax visitors into installing crapware Symantec calls Adware.Eorezo.”
“It’s not yet clear precisely how the Flash download page got displayed. The group-sourced analysis here and this independent assessment from researcher Kevin Beaumont—both submitted in the hours after this post went live—make a strong case that Equifax was working with a third-party ad network or analytics provider that’s responsible for the redirects. In that case, the breach, technically speaking, isn’t on the Equifax website and may be affecting other sites as well,” Dan Goodin reports for Ars Technica. “But even if that’s true, the net result is that the Equifax site was arguably compromised in some way, since administrators couldn’t control the pages visitors saw when trying to use key functions, some which require visitors to enter Social Security numbers.”
Read more in the full article here.
MacDailyNews Take: Equifax is a three-shitter: It’s a shit company with shit management and shit IT personnel.
If there’s any justice in this world, Equifax — who obviously couldn’t even bother to hire qualified IT people who understand how to protect highly sensitive data — will be destroyed over this latest breach by lawsuits, fines, and loss of business due to their blatantly obvious incompetence. — MacDailyNews, September 8, 2017
SEE ALSO:
Equifax victims may face another hassle in buying an iPhone – September 14, 2017
Equifax’s latest breach is very possibly the worst leak of personal info ever – September 8, 2017
What did they do, hire the IT guys that the DNC weren’t interested in?
No. Equifax put this person in charge as Chief Information Security Officer. She swiftly resigned and wiped herself off the Internet after the breach was made public, several months after the fact.
Equifax Put a Music Major In Charge of Security Before Breach on 143 Million Americans
(o_O)
At this point, Equifax is a joke, IMHO of course. Today’s misdirecting of users to malware pages is as much about shaming as adware infection.
Oops, sorry. She ‘retired’ after the breach was made public.
Whatever, she wasn’t minding the store, and the Equifax leadership needs to be hauled before a congressional committee and excoriated. After which they will get away with it, after favours or moolah are surreptitiously passed under the table, as is the usual pattern vis-à-vis Washington and anyone with money.
The former Chairman and CEO Richard Smith was grilled by the Senate Banking Committee this past week. Republicans and Democrats alike attempted to drill through the facade, promises, fake solutions and bad attitude to no avail. He, of course, has money at stake with regard to his separation from Equifax. Obviously, he was going to tow the personal financial gain line and ignore the real damage he and his fellow scoundrel rats have done to their victims.
https://www.c-span.org/video/?434469-1/former-equifax-ceo-testifies-senate-banking-panel
I find it useful to keep in mind that these people think of their lives as games. They talk about ‘the game’ constantly and play out roles within their particular game. In the current age of money scouring, knowing how to cheat well is a prime skill. If you can’t win, cheat.
Where all of this game playing becomes particularly sick is when it’s practiced by people who claim moral leadership. It disgusts me how the term ‘Christian’ is now normally considered to either mean ‘sucker’ or ‘con artist’. I’ve witnessed this nightmare first hand. It’s proliferated throughout the American culture. I’ve watched actual Christians walk out of what I’ll call Organized-Crime-Religion in disgust.
Be a winner for god. Be a cheater for god.
Once Christians embrace political action, they face complex moral choices due to the cynical and expedient patchwork of planks in the platforms of the major parties. Voters are forced to rank their religious principles — to compromise on some commandments in favour of others. What would Jesus do? Then again, everyone in the country faces the exact same dilemma — we must select the ‘lesser of two evils’ every four years. Binary systems are insidious. They invite us to think of them as isomorphic to good versus evil, right versus wrong.
What would Jesus do?
He essentially said to play the money game within your political system. But he pointed out how and who to be as an ideal human being. We learned that tax collectors can be humane too. Hello Matthew.
The ‘lesser of two evils’ phenomenon reached a crisis point in our last US election. I could understand why many people didn’t bother to vote. It was, IMHO, the worst presidential election in my lifetime. Oh how I agree that:
Binary systems are insidious!
And of course I’m always ranting about the utter stupidity of the 1 dimensional political scale used in the USA. It promises idiotic statements at all times from all who use it to discuss politics.
My cynicism meter is in the red lately. So please excuse my lack of humor regarding the subject this week. A vacation is in order.
I was a toddler at the time, but I recall my father telling me later that the 1968 election was the worst ever. It had everything: assassinations, riots, voting rights, war protests, disenchantment and malaise and two despicable vice presidents running against each other.
1968. What year. ‘The Summer Of Hate’? My parents didn’t want we wee laddies to be aware of such things. But I watched some of it from afar.
I amend me statement: 2016 was the worst election of my lifetime as an US voter.
The general concept is that both the Democrats and Republicans went off the rails and provided crap for candidates. I’ll spare myself and others further analysis of why the both sucked. But I will cynically state that I suspect both were the best each party had to offer at the time. That’s at the core of why I find both parties to be worthless, at this time.
Caveat: Buried in each party are some worthy ideals. But they’re used as talking points rather than action points, at this time. They’re similar to junior high school students who have heard about some high ideals spoken of by lofty adults, but their real interest is ongoing adolescent peer pressure. Maturity is lacking.
Didn’t Equifax just get a BIG contract with the government to protect the IRS information? I’m afraid it’s only gonna get worse!
Just par for the course of the current administration, signing the most unqualified or incompetent parties to lead every major area of government.
Thus my constantly self-reinforcing hash tag: #MyStupidGovernment. Perhaps I should update it to #MyInsaneGovernment.
Unfortunatelly Equifax only hired the bottom achieving IT graduates from Phoenix University (PU).
No its the top IT grads from top University. Future looks grim
Equifax and it’s brethren, along with social security numbers, need to go the way of the busy whip.
Equifax – a bunch of C U Next Tuesdays. Boycott these horrific losers.