Equifax, software maker blame each other for opening door to hackers


Equifax and a software company are blaming each other for a glitch that allowed hackers to obtain Social Security numbers and other sensitive info for 143 million people.

The Atlanta-based company, one of the nation’s three key credit bureaus that track individuals’ credit histories, said late Wednesday that hackers breached a vulnerable spot in a U.S. website application called Apache Struts CVE-2017-5638. Equifax disclosed last week that it discovered in July that hackers had tapped a large trove of personal data on most adults in America.

But in a statement Thursday, Apache Software Foundation, which provides the application, said it provided and announced a patch for the software fault on March 7, well before Equifax said the security breach began in mid-May.

CLARK HOWARD ON... THE EQUIFAX DATA BREACH

“In conclusion, the Equifax data compromise was due to their failure to install the security updates provided in a timely manner,” the foundation said.

The 18-year-old foundation said it is an all-volunteer organization that produced open-source Java applications for government and business users, including Fortune 100 companies.

Equifax couldn’t be reached immediately for a response to Apache Software Foundation’s statement.

MYAJC.COM: REAL JOURNALISM. REAL LOCAL IMPACT.

AJC Business reporter Russell Grantham keeps you updated on the latest news about major companies, CEOs and public utilities in metro Atlanta and beyond. You'll find more on myAJC.com, including these stories:

Never miss a minute of what's happening in local business news. Subscribe to myAJC.com.



Reader Comments ...


Next Up in Business

Two Atlanta deals: GE selling, Genuine Parts buying
Two Atlanta deals: GE selling, Genuine Parts buying

Two multi-billion dollar deals involving Atlanta were announced Monday – one in which a local company made a European acquisition, one in which a European giant snapped up an Atlanta-based unit of General Electric. GE Industrial Solutions, a 13,500-employee firm headquartered in Atlanta, was sold to Swiss-based ABB for $2.6 billion. Boston-based...
Making money on the side? Here's why you might need an LLC
Making money on the side? Here's why you might need an LLC

With the nation's improving economy  − not to mention your possible addiction to watching "Shark Tank" - you may think it's a good time to finally start your own business. In addition to checking on the permits required by your city, county and state (business licenses, zoning, etc.), you may want to consider setting up a Limited...
Kempner: Why cyber muggers keep winning (and we keep losing)
Kempner: Why cyber muggers keep winning (and we keep losing)

It’s not uplifting to chat with cybersecurity experts these days, because our most sensitive data is not safe. Sure, the businesses, government agencies and others that have our private information try to protect our valuables. They smack away lots of attempts by bad guys to grab our data. But, ultimately, many of the defenders end up buckling...
Equifax: Five things you should know about the raid on your data
Equifax: Five things you should know about the raid on your data

Atlanta-based Equifax Corp. and consumers whose credit it tracks have continued to struggle with the fallout from a data breach that affected 143 million people in the United States, and more in other nations. Here are five things you should know about the hacking incident — one of the worst so far — and how it affects you. 1. Protect yourself...
Gwinnett solar firm wins U.S. support for charges of unfair trade
Gwinnett solar firm wins U.S. support for charges of unfair trade

The U.S. International Trade Commission on Friday sided with a bankrupt Gwinnett company’s complaint that America is being flooded with cheap imported solar cells, setting up a potential trade battle with China or other countries that export solar panels. Norcross-based Suniva said it was “gratified” by the trade commission&rsquo...
More Stories