The Equifax Hack

Time and time again we warn against the failure to upgrade core OpenSource software that also includes your standard Joomla or WordPress websites. Small critical updates to the system are important. Equifax a major US-based credit agency now fears that their breach of secure client information might be more than what was expected, and blames the personnel responsible for ignoring an update that could have possibly taken minutes.

“These mistakes – made in the same chain of security systems designed with redundancies – allowed criminals to access over 140 million Americans’ data,” Smith wrote.

In the testimony Smith claimed that the U.S. Department of Homeland Security’s Computer Emergency Readiness Team (U.S. CERT) notified Equifax on March 8 that it needed to patch CVE-2017-5638, the Apache Struts vulnerability that eventually led to the hack.

Excerpt from the article: