Caveman Posted October 3, 2017 Report Share Posted October 3, 2017 http://money.cnn.com/2017/10/02/news/companies/equifax-smith-cyber-breach-apology/index.html "Former Equifax CEO Richard Smith says he is "deeply sorry" for the security breach in which sensitive personal information of as many as 143 million Americans was compromised. Smith, who is set to testify before a House Energy and Commerce Committee Tuesday, apologized for the cyber attack disclosed by the credit reporting company on September 8. He confirmed that the hack occurred due to "human error and technology failures," according to prepared remarks posted on the committee's website Monday. "To each and every person affected by this breach, I am deeply sorry this occurred," said Smith, who will make his first of four appearances on Capitol Hill this week on the breach. "The company failed to prevent sensitive information from falling into the hands of wrongdoers." The former CEO announced his retirement last week from the credit reporting company. Related: Why the Equifax hack has small business owners worried Equifax has come under fire for its handling of the huge cybersecurity breach. The company is one of three nationwide credit-reporting companies that track and rate the financial history of U.S. consumers, gathering data from credit card companies, banks, retailers and lenders. In his eight-page testimony, Smith outlined the chronology of events that lead to the breach, which allowed criminals to access personal information including names, Social Security numbers, birth dates, addresses, and in some cases driver's license numbers and credit card information. The former CEO said hackers were able to infiltrate a software weakness in an online portal that allows consumers to dispute items on their credit report. The company said Equifax and other businesses that use the software had been warned by the Department of Homeland Security on March 8 of the vulnerability. While company protocol requires that Equifax patch up the software glitch within 48 hours, Smith said he now knows that software vulnerability was "not identified or patched." Related: Equifax will offer free credit locks. Here's what that means for you Even when Equifax ran its own scans to identify any weaknesses less than a week later, it too failed to identify any vulnerabilities. "It was this unpatched vulnerability that allowed hackers to access personal identifying information," said Smith. The first time hackers accessed sensitive information may have been on May 13, he said. Adding that the "company was not aware of the access at the time." He said the company now knows that hackers continued to access information until July 30." $18 million-dollar plus severance package...nice haul for screwing everyone. Link to comment Share on other sites More sharing options...
binghamtonian Posted October 3, 2017 Report Share Posted October 3, 2017 Sadly he will never see an second of jail-time or face any real repercussions for his lack of action. And Equifax will still hold influence over your credit. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.