Question
Please read the case below and provide recommendations for Equifax: The Equifax data breach was described briefly in this chapter. To recap, over 147 million
Please read the case below and provide recommendations for Equifax:
The Equifax data breach was described briefly in this chapter. To recap, over 147 million sensitive records were accessed by an unauthorized party, revealing information that could facilitate identity theft. Equifax and the other two credit agencies responded by offering a paid service that each customer could use to "freeze" their credit reports and prevent loans from being taken out in their names until they unfreeze the account temporarily or permanently. There were serious repercussions within Equifax because of the breach. The CEO stepped down 3 weeks after the breach was revealed to the public. Another executive was charged with insider trading by selling millions of dollars' worth of shares of Equifax before the breach went public. A new security officer was hired and security practices were revamped. In response to the breach, Equifax planned on spending an additional $200 million for security and technology. The actual external repercussions to Equifax, however, could be considered minor. After a year, Equifax still had not paid any major fines or received other penalties from government regulators. Though its stock took an initial nosedive, it had since recovered and Equifax continued to receive large government contracts. The breach occurred due to Equifax's failure to update the three servers that customers used for disputing their claims. Ironically, the vulnerability was months old, and was known to Equifax, which failed to fix them. The hackers easily gained access to the servers by finding the login credentials thanks to the vulnerability. Using those credentials enabled them to access another 48 servers that contained the personal information that they stole. The hackers made over 9,000 queries to the system before they were detected because a networkdata inspection system was not kept current. The hackers accessed the Equifax servers over 76 days and stole data gradually in chunks before being detected. Once detected, they cut off access in one day. Equifax now has a system to manage vulnerability updates so this does not occur again. As the chapter stated, U.S. Congress reacted by drafting and passing a bill in 2018 that now requires providing customers with the ability to freeze their credit information at no cost.
Step by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access with AI-Powered Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started
Introduction To Health Care Management
Authors: Sharon B. Buchbinder, Nancy H. Shanks
3rd Edition
128408101X, 9781284081015
