Thoughts, information and reflections about technology

Equifax thought admin/admin was a good login/pw to secure your personal information. …

Some more on the equifax thing. Yesterday I posted links to the fact that the Chief of Security for Equifax had a Masters in MUSIC..

I came across an excellent article where, apparently, the writer was in direct contact with the hackers. The lack of security of OUR PERSONAL INFORMATION at the hands of Equifax is appalling.

In one example, they had a critical dashboard secured as admin/admin..  In another case, they had the private keys stored directly on a dashboard page.

This is a company that holds personal information on millions of americans.

http://spuz.me/blog/zine/3Qu1F4x.html  

At the end of the article, the author raises some interesting questions.

 

here are some real questions that come out of this, like why were all these servers accessible by anyone on the internet? Why were default passwords used? What type of security team within a credit agency would allow these practices? Not only that but let us not forget that there were reports of Equifax employees selling their stocks right before the breach happened. There are possibilities here that this was indeed, an inside job.”

So, what is the solution??  I don’t think that additional regulations and mandates from a bloated federal bureaucracy would really be the answer.  OTOH, a massive class action lawsuit would send a strong message to companies that handle personally identifiable information. I’m not a fan of lawyers and lawsuits but there are times when they have a certain usefulness.

Similar Posts:

Leave a Reply

Your email address will not be published. Required fields are marked *

Contact me
Archives
Categories
Amazon Disclosure

We are a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for us to earn fees by linking to Amazon.com and affiliated sites.