• Home
  • 143 Million data exposed, a lesson learned from the worst data leak case

143 Million data exposed, a lesson learned from the worst data leak case

15Sep

143 Million data exposed, a lesson learned from the worst data leak case

Posted By Articles

data leakIn September of 2017, United States citizens were surprised by the hacking of Equifax, the company’s provider of reports and credit scores. A total of 143 million credit card user data was exposed, which includes the cardholder’s name, social security number, birth date, address, and driver’s license number.

The attackers exploited a flaw in a web application tool called Apache Struts. The defect was already known by the company before the attackers took advantage of it. However, they failed to take any preventive action.

According to The Wall Street Journal report hacking had started since March before it was finally detected on July 29. From May to the end of July, attackers managed to access the company’s sensitive information. Even after it was detected, the company delayed the move to take the app offline.

This attack was a straight attack on the company’s identity as a global company that manages and protects hundreds of millions of credit card user data. Equifax case is very possibly the worst case of a personal data leak. However, Equifax was not the only company. Yahoo, Verizon, and HBO had all been hacked in the past, but the level of personal data leakage was still limited unlike Equifax and the damage suffered could still be solved with only a new password or a new credit card number.

Leaking the personal data of credit card users is very dangerous because the attackers could have used it for illegal activities. The most questionable thing around Equifax’s case is ‘ Why did not the company act instantly when it found the vulnerability? Why did the company delay the action after detecting a hack? ‘

The important lesson we can learn from the Equifax case is companies that store sensitive data in their systems, should be expecting to be targets to attackers in search of data that can be used for illegal activities. Thus, proactive approaches to cyber security are essential.

Equifax was definitely aware of the issue, but they did not immediately take action when a flaw was found and even delayed the action when they detected the hacking. Addressing the problem as soon as possible when it is found is a very crucial step. Cyber security is not just an IT division matter, but it is a business risk for the company.

 

Photo by Freepik

 

 

Share this post

Posted By

Related Posts

29Aug

The role of digital forensics in the financial audit

In a fast-growing digital landscape and highly connected world, the business world nowadays produces a high volume of digitized documents... read more

15Sep

4 Modes of money laundering vehicles

In May 2018, for the first time, the Corruption Eradication Commission (KPK) established a corporation as a perpetrator of money... read more

27Jun

Fraud and its investigation in health insurance

Fraud is a major concern for all insurance companies. Some professionals even believe that during the first year of the... read more

09Oct

Common fraud in small businesses

Small businesses are vulnerable to fraud because they lack the resources to implement complete systems of internal controls and properly... read more

21Jul

Pre-employment screening: the medical check up of your candidate

Every company would undoubtedly want their employees to be highly productive in order to achieve the company’s desired targets. Therefore,... read more

15Sep

6 Credential documents that a potential employee can falsify

  The fake diploma is a rampant crime that occurs frequently. One by one, cases are being exposed, although many remain... read more

eudr due diligence
15Sep

The EU Deforestation Regulation (EUDR) and the need for extensive due diligence

To protect the impact of the EU market on worldwide deforestation and forest degradation, the European Union approved a new... read more

09Jun

Claim investigation: minimizing fraud-induced losses in the insurance world

The insurance world suffers substantial losses due to fraud annually. In America specifically, losses due to insurance crimes reach approximately 80... read more

19Jun

Why non-profit organizations are vulnerable to fraud risk

The fraud risk matters for all companies and organizations, including nonprofit organizations. Data from Report to The Nation 2020 shows... read more

executive fraud
12Jul

Executive Fraud: What is and How to Prevent it

While fraud is often committed by employees, managers, and third parties, fraud involving C-level executives is unfortunately not uncommon. C-level... read more