Equifax thought admin/admin was a good login/pw to secure your personal information. …
Some more on the equifax thing. Yesterday I posted links to the fact that the Chief of Security for Equifax had a Masters in MUSIC..
I came across an excellent article where, apparently, the writer was in direct contact with the hackers. The lack of security of OUR PERSONAL INFORMATION at the hands of Equifax is appalling.
In one example, they had a critical dashboard secured as admin/admin.. In another case, they had the private keys stored directly on a dashboard page.
This is a company that holds personal information on millions of americans.
At the end of the article, the author raises some interesting questions.
here are some real questions that come out of this, like why were all these servers accessible by anyone on the internet? Why were default passwords used? What type of security team within a credit agency would allow these practices? Not only that but let us not forget that there were reports of Equifax employees selling their stocks right before the breach happened. There are possibilities here that this was indeed, an inside job.”
So, what is the solution?? I don’t think that additional regulations and mandates from a bloated federal bureaucracy would really be the answer. OTOH, a massive class action lawsuit would send a strong message to companies that handle personally identifiable information. I’m not a fan of lawyers and lawsuits but there are times when they have a certain usefulness.
- Equifax’s Chief Security Officer’s Qualifications – SHE WAS A MUSIC MAJOR.!!
- How about getting paid for the time you work on your smartphone?
- The whole system of “secret questions” used by tens of thousands of sites, including email providers, banks and government sites is fundamentally flawed.
- Veritas Expose – Twitter employees are looking at your private messages including those of your privates…
- Some (fun) summer reading – A classic anti hacker story.
- What would you say if I told you that your television was listening to your conversations?
- Lenovo PCs are bundled with Superfish that bypasses your https security.
- Store Manager for Oscommerce from MagneticOne