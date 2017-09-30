Slashdot is powered by your submissions, so send in your scoop

 


Squabble With Contractor Delayed Equifax's Response To Data Breach (bloomberg.com) 22

Posted by EditorDavid from the fighting-in-a-burning-house dept.
An anonymous reader quotes Bloomberg's report on the contractor Equifax first hired to investigate their breach: Equifax and Mandiant got into a dispute just as the hackers were gaining a foothold in the company's network... Mandiant warned Equifax that its unpatched systems and misconfigured security policies could indicate major problems, a person familiar with the perspectives of both sides said. For its part, Equifax believed Mandiant had sent an undertrained team without the expertise it expected from a marquee security company...

That rift, which appears to have squelched a broader look at weaknesses in the company's security posture, looks to have given the intruders room to operate freely within the company's network for months. According to an internal analysis of the attack, the hackers had time to customize their tools to more efficiently exploit Equifax's software, and to query and analyze dozens of databases to decide which held the most valuable data. The trove they collected was so large it had to be broken up into smaller pieces to try to avoid tripping alarms as data slipped from the company's grasp through the summer... By the time they were done, the attackers had accessed dozens of sensitive databases and created more than 30 separate entry points into Equifax's computer systems.
"They may not have immediately grasped the value of their discovery, but, as the attack escalated over the following months, that first group -- known as an entry crew -- handed off to a more sophisticated team of hackers," reports Bloomberg, suggesting that the attack may have been sponsored by a nation-state.

  • In before a dumb turkeydance one line post (Score:1)

    by Anonymous Coward

    There is no excuse, especially how Equifax has also mishandled just about everything after the breach was made public. Make it a $1,000 fine per person per day for not notifying them within seven days of discovering the breach. The only exception is if law enforcement requests that the breach not be disclosed to protect the integrity of an investigation.

  • Correct Headline: (Score:4, Insightful)

    by Known Nutter ( 988758 ) on Saturday September 30, 2017 @09:55PM (#55286053)
    Squabble With Equifax Delayed Equifax's Response To Data Breach

    The way the headline reads as published makes it sound as if the contractor is to blame -- which is obviously horseshit.

    • Re: Correct Headline: (Score:1)

      by Anonymous Coward

      When in doubt, blame the IT guy. He doesn't have a PR firm to lie for him to the media.

    • Re: (Score:1)

      by Anonymous Coward

      Agreed. The sad point of this.. is Equifax didn't have their own blue team.. or even an electronic forensics team on-station. Like normal they were riding the wave of ignorance until a shark took a big bite out of their board. Their first action was to blame the first third-party blue-team that they hired.

      Stupid is as stupid does (Forest Gump)

      Peace out.

  • Mandiant - that name rings a bell. I can't be arsed to google it, but IIRC this isn't their first clusterfuck,

  • Regardless of whatever they may have believed, they were warned and ignored the warnings. Sure seems like gross negligence or possibly even criminal negligence. If the system weren't corrupted, I would expect indictments. It's too bad our government doesn't function properly.

    • So the Equifax CSO (the music composition major) didn't think the security contractor sent individuals that had the right background to do security work?
      "Equifax believed Mandiant had sent an undertrained team without the expertise it expected from a marquee security company."
      Odd, Maybe they could not hum the right tune ;)

      I have heard people say a specific degree does not matter. Just having a degree proves you have the ability to learn and do any job. Guess Not ;)
  • Actually I have no idea what Equifax uses but it seems every time i read of these breaches they are because of a lack of communication between various internal groups. Working for a company that is often hit with DDOS or other intrusion attempts by nation-states, I know that the overriding thing to keep them out is open candid communication between staff, management, and vendors.

    Also, probably shouldn't put Access databases outside teh DMZ.

  • nation state actors (Score:1)

    by Anonymous Coward

    whoa whoa whoa, So a foreign power now has access to the credit records of the entire country? We need to stop dicking around and bring in the NSA.
    This is in their mandate.

  • sounds like Equifax didn't like what it heard so it disregarded their consultant's advise.
  • "The investigation in March was described internally as "a top-secret project" and one that Smith was overseeing personally, according to one person with direct knowledge of the matter."
    WTF? CEO was trying to cover-up the breach, instead of being a real leader and shutting down equifax until it was fixed, he let hackers just slowly take the data over 6 months. .

