Equifax, software maker blame each other for opening door to hackers


Equifax and a software company are blaming each other for a glitch that allowed hackers to obtain Social Security numbers and other sensitive info for 143 million people.

The Atlanta-based company, one of the nation’s three key credit bureaus that track individuals’ credit histories, said late Wednesday that hackers breached a vulnerable spot in a U.S. website application called Apache Struts CVE-2017-5638. Equifax disclosed last week that it discovered in July that hackers had tapped a large trove of personal data on most adults in America.

But in a statement Thursday, Apache Software Foundation, which provides the application, said it provided and announced a patch for the software fault on March 7, well before Equifax said the security breach began in mid-May.

CLARK HOWARD ON... THE EQUIFAX DATA BREACH

“In conclusion, the Equifax data compromise was due to their failure to install the security updates provided in a timely manner,” the foundation said.

The 18-year-old foundation said it is an all-volunteer organization that produced open-source Java applications for government and business users, including Fortune 100 companies.

Equifax couldn’t be reached immediately for a response to Apache Software Foundation’s statement.

MYAJC.COM: REAL JOURNALISM. REAL LOCAL IMPACT.

AJC Business reporter Russell Grantham keeps you updated on the latest news about major companies, CEOs and public utilities in metro Atlanta and beyond. You'll find more on myAJC.com, including these stories:

Never miss a minute of what's happening in local business news. Subscribe to myAJC.com.


Reader Comments ...

Next Up in Business

This app could reduce the dangers of concussions in young athletes
This app could reduce the dangers of concussions in young athletes

Startup of the week: Who they are: PRIVIT What they do: Their app seeks to keep young athletes safer by helping coaches and trainers report and properly treat concussions and other injuries and medical conditions. Why it’s cool: There’s been plenty of buzz recently about the dangers of concussions in impact sports — including the...
The future is here: Augmented reality apps to use on iPhone or iPad

With the release of an updated mobile operating system in October, Apple’s new augmented reality platform is ready for take-off. The first generation of AR apps is available in Apple’s App Store, allowing millions of iPhone and iPad users to view three-dimensional computer-generated graphics on top of a user’s real-world view. With...
Why I’m skipping wireless charging on my iPhone 8 Plus

I’ve had the iPhone 8 Plus for about a month now, and while on launch day I thought I’d be most excited about wireless charging, I’ve found I’ve abandoned my wireless charger in favor of fast charging. I’ve come to like wireless charging when I’ve used Samsung’s phones, as it’s quite speedy, but Apple...
Rock out with sporty-designed headphones
Rock out with sporty-designed headphones

Listening to a Tom Petty music marathon is great, but making it better in my world was hearing the legendary music on the Soul X-TRA over-the-ear wireless (Bluetooth) headphones. The headphones smooth sound, comfort, and the sporty design were all much appreciated. The sound is promoted as “Advanced HD drivers and circuitry design for a balanced...
All data moving across Wi-Fi networks could be susceptible to hacking
All data moving across Wi-Fi networks could be susceptible to hacking

Home and corporate Wi-Fi networks — and all the data, photos and messages transmitted across them — could be vulnerable to hackers, according to a computer security researcher in Belgium. The vulnerability is in WPA2, the main protocol that protects Wi-Fi networks. Hackers can use a technique known as key reinstallation attacks, or Krack...
More Stories