Last updated today
Credit reporting firm Equifax says data breach could potentially affect 143 million US consumers
Equifax said data on 143 million U.S. customers was obtained in a breach. The breach was discovered July 29. Personal data including birth dates, credit card numbers and more were obtained in the breach. Three Equifax executives sold shares in the company days after the breach was discovered.
The Equifax breach resulted in the leak of 56,200 drivers' licenses, passports, and other forms of ID
Equifax on Monday evening disclosed up-to-date details on its massive 2017 security breach. It was worse than we thought. Millions more people than originally reported had their details exposed; 56,200 passports, drivers’ licenses, and other documents were also affected by the hack.
Equifax Data Breach, One Year Later: Obvious Errors and No Real Changes, New Report Says
The U.S. General Accounting Office (GAO) today released a comprehensive report examining the reasons for the massive breach of personal information from Equifax one year ago today. The report covers the breach and both company and governmental actions in response since.
Equifax Breach: Catastrophic, But No Game Changer Yet
I hate to say I told you so … well, actually, like most people, I love to say I told you so. I’m just willing to admit it. Because the state of software security a year after the catastrophic data breach of Equifax became public, basically confirms what I wrote last October: It would generate lots of sound and fury, but wouldn’t signify any game-changing improvements.
Actions Taken by Equifax and Federal Agencies in Response to the 2017 Breach
Hackers stole the personal data of nearly 150 million people from Equifax databases in 2017. How did Equifax, a consumer reporting agency, respond to that event? Equifax said that it investigated factors that led to the breach and tried to identify and notify people whose personal information was compromised.
Here's How Congress Should Respond to the Equifax Breach
There is very little doubt that Equifax’s negligent security practices were a major contributing factor in the massive breach of 145.5-million Americans’ most sensitive information. In the wake of the breach, EFF has spent a lot of time thinking through how to ensure that such a catastrophic breach doesn’t happen again and, just as importantly, what Congress can do to ensure that victims of massive data breaches are compensated fairly when a company is negligent with their sensitive data. In this post, we offer up some suggestions that will go a long way in accomplishing those goals.
Last updated today
Equifax Inc. is a consumer credit reporting agency.
More security reports
The Hewlett-Packard Company (commonly referred to as HP, and stylized as hp) or Hewlett-Packard ( HEW-lit PAK-ərd) was an American multinational information technology company headquartered in Palo Alto, California. It developed and provided a wide variety of hardware components as well as software and related services to consumers, small- and medium-sized businesses (SMBs) and large enterprises, including customers in the government, health and education sectors. The company was founded in a one-car garage in Palo Alto by Bill Hewlett and David Packard, and initially produced a line of electronic test equipment.
Stripe is an American technology company based in San Francisco, California. Its software allows individuals and businesses to make and receive payments over the Internet.
Apple Inc. is an American multinational technology company headquartered in Cupertino, California, that designs, develops, and sells consumer electronics, computer software, and online services. The company's hardware products include the iPhone smartphone, the iPad tablet computer, the Mac personal computer, the iPod portable media player, the Apple Watch smartwatch, the Apple TV digital media player, and the HomePod smart speaker.
PayPal Holdings, Inc. is an American company operating a worldwide online payments system that supports online money transfers and serves as an electronic alternative to traditional paper methods like cheques and money orders. The company operates as a payment processor for online vendors, auction sites, and other commercial users, for which it charges a fee in exchange for benefits such as one-click transactions and password memory.
DocuSign is a San Francisco based company that provides electronic signature technology and digital transaction management services for facilitating electronic exchanges of contracts and signed documents. DocuSign’s features include authentication services, user identity management and workflow automation.
Cybersecurity & Risk Management Library
The ultimate guide to attack surface and third-party risk management – actionable advice for security teams, managers, and executives.
Security research and global news about data breaches.
Third-party risk management
Articles, news, and research on third-party risk management.
Attack Surface Management
Articles, news, and research on attack surface management.
Articles, news, and research on cybersecurity.
Free instant security score
How secure is your organization?
Request a free cybersecurity report to discover key risks on your website, email, network, and brand.
- Instant insights you can act on immediately
- Hundreds of risk factors including email security, SSL, DNS health, open ports and common vulnerabilities