Before the private information of 148 million people was stolen, Equifax knew about security vulnerabilities in its system. The company first learned of the issues in March 2017, before the attack took place. Former CEO Richard Smith testified in front of Congress that the breach occurred because of "both human error and technology failures."
Equifax was alerted to problems in its system by the US Homeland Security Department on March 9. Six days later, the company ran tests looking for the vulnerabilities but didn't find any issues. Because the issue was then set aside, "the vulnerability remained in an Equifax web application much longer than it should have," said Smith.
0 Comments