Hacker Attack To Equifax: Stolen The Personal Data Of 143 MILLION American And Canadian Citizens

One of the biggest hacker attacks of all times has been carried out against Equifax, one of the biggest credit management agencies, based in Atlanta.

In the attack, personal and sensitive data of some 143 million american, canadian and english citizens have been stolen, admits Richard Smith, president of Equifax.

The attack has been carried out exploiting a vulnerability in the information system.

This is what I mean, when I say that we are largely over extimating the importance of security in vedeosurveillance. In this case, we are not speaking of events that could happen: in this case the fact has happened, and has involved MILLIONS of citizens, causing a tremendous damage, thousands of times bigger than the damage that could have been caused exploiting a vulnerability in a videocamera.

In this case no Chinese technology: we have an american firm, using american technology, an american president and an american CSO (Chief Security Officer), that by the way should be fired immediately with the obligation to reimburse the damage they caused because of their negligence/ignorance/incapacity.

This story shows once again that the americans had better to fix their IMMENSE security problems, before barking at others.

Sincerely,

Giancarlo Favero

Login to read this IPVM discussion.
Why do I need to log in?
IPVM conducts unique testing and research funded by member's payments enabling us to offer the most independent, accurate and in-depth information.

***...******.

***** ** *** ***** ** "********" **** ** ***** ** Infosec (*'* ********** ** **** ********! ** ***********.) *'* ** no *** * ******* ****** ****** *** ** ***** * bit ****** ** ******* *** *** ** ***** & ***** damages (***** *** ***** ** ** *** ******** ** $).

* ***** **** **, ** *** ******** ******** ********, *****'* scratched *** ******* ** ***** ***** ******** *** ***** ******** the ***** ******. *** ** *****'* **** **** ** ****** just ********* *** ******* ** ************* ** **** ** *** deliver ****** *******. ** **** ** **** *** *** ** to *** ****** ** *** ******* & ****** ** ** every & *** ***** ** ****** ***** ******** & ******** products ** ******* ******** ***** *****.

**** **** ****, *** ***** ** **** *** ****/**** ** cyber ***** ** **** ******** & ** ****** ******* ** is ****** * **** *************. **** ****** ********** & *********, anything/anyone *** ** ******. **'* **** * *** ******* ** our ******* *****. ** *** ***, **'* * ****** ** our ********** ********** & ***** ***** ** ******* ***/** ************* whose ***** & *** **** **** ** ** ******** *** every ******. *** ** **** *** ** *** ********. (********...***** further ****.)

* ***'* **** ** ** *** "***** ***" ******** ***** than ** *****: ** ***** ** *** ***** & **********, prepare, & ****** ** ** *** *****. ***** ****** *** "good ******" ** ********.

* ****** ********* ******** **** "****** ******"** **** *******. **** ** ******** *** ****** ** ***** crime.

*** *** *** **** ** *** ****. ** ******* *** could **** **** ** ******** ** **** ****** * ** not ***** ** ******* *** *** ***** ** ***** ****** report *** **** ******.

*** *** ** **** ***** *** ** ********** *** *** bright **** ** **** * ***** ***** *** ***** ** the ******* *** **** *** ******* *** **** *** *** cause ** *** ******. ***** *** ***** *** ** **** variables ** **** ***** ** **** *** ** ** *****.

******* ***** & **** ***** ***** **** ***** ***. ;)

***** *** *** **** **** *** *** ********** * *******. A ***** *** ** ***** ** ****** *** **** ** condemn.

****. *** * ** ******** ** ******* *** ***.

****://***.***.***/**-**/*****/*********/***-***-***-*******-****-******-******/**-*******?**=*******&****=*****

* **** **....

*****, ******* * ********* ***** & *** ****** ********* ****** truly *********** (***** *** ***** **.) ****, & **** ****, can ** ***** *******.

********* ** ****** **/**. **** ** *****: ** ***** *** launched ** ****** ****** ************* *** ** **** ****. ****://*************.***/****/**/******-******-*****-*****.**** Then *** *** ** ** ***** *** *** *** *********?

***'* *** ** *****. **'* * ******* ***** **** **** a ********** ** ******** *********** ** ******** ** **** * manner (** ** ******, **'* ********** & **********!) & *** CSO ***** ** ***% ** *****....

***** **....

* ***** *** ****, **** ** ** *** ** ****** Struts *************, **** ***** **** *********** **** *** *** ******, that ** *** *****-*** ** *** *********** ******, *** *** the ******** ******, ***** *** **** ******.

** **** *** *** ** * *** (************** ****), ***** is * **** ***** *** ****** ************* ** *********** ********, the ******** ***** *** ** *********** *** *** **** ***** not **** **** ******.

** ******* ************** ***** ***** **** **** *** *** *** up * ***, **** ***** ** * *******, *** *** CSO ****** *** **** ** *****, *** ********* ** *** all *** ****** *** **** ******** **** **** ****** ********** and ************.

****** **** ******* **** *** ******* ** ***** ** ***** and *********** ** *******, *** ****** ***** ** ************ ** the ***** ** ******* ******* *******, *** ******** ****** *** for ****.

** **** ******* ** ********** ****** ***** ******** ****** ** to ***** *** **** '**'* *** **** ***' **** ******** to ***** ************ ******** *****?

****'* *** * ******* - ** ** * **********.

** * ***** ******** ************ ***** ****** ** *** ***** reads ***** ****** *** **** **** ** ******. ** ***** and **** ****** *** ******** ******* ***.

*****://***.****.***/*******/***-*********

*****://***-****.**-****.***/

****://***.*****.***/

*** *** *** **** ***** *** * *** *********** *** are ***** ** ****** ** ****** ***** **-********* ****** *** are ******** ** **** ******** **** *** ** ******* ******. They *** ***** ****** **** **** ** *** ** ****** against *** ****-***.

** ****** ** ** * ********, ***** **** **** ********** the ********** ** ***** ********, ******* *** ******* ** ** that *** ** ******** *** ** ***** ******* *** **** corrective ********.

******* *** ********** **** **** **** ****** **** ***** ***'* that *********, ** *** *****, ***** ******** *** *** **** quality ** ******, *** *** *** **** **** *****.

** ****, **** ******** *** ************, **'* ********* ** ** fair, ******* *** *** ***** ******** ***** **********.

* ***** ***** **** ************* ** ******* ** *** *********, and * ********* *** ** ****/***** ***** * ***** ********** have **** ****.

***** *** ******* *** ***** ** * ******** **** ***** 30 ***** ***, * **** **** ************* ** ** ********* importance, *** ******* ** *******, ********* ************ **********, *** **********, and ** **.

**** * ****, *** ****** ***, ** **** ** **** to ****-******** *** ********** ** ******** ** *****************, ***** ** a ********** ********* *********.

*** ******* ** ** ****** **** **** * ***** ***** understand **: *** ****** ** ****, *****, ******, ******** ******** and ******* **** ** ****** *** ** *****, **** ** proportional ** *** ***** ** *** *********** **** ** ** be *********, *** ********** ** ** ****** ***, ******* ***** things, *** ****** ** *** ***** **** *** ** ********.

*** ** ****** ****** **** *******, ******** ********, ******* ****, data ***** **************, *** *******, *** ********* ** ***** **** valuable ******** ** ******, **** ** ******* ****** ***** *****.

*** ** ****** *** ********** ** **** *** *** ******** to ******** **** ** ********** ********* ** *** *** *********. This ** **** * **** **** * *** **** ********* the ********** ** ******** ** ***************** ** ****-*********.

*** * ***** **** **** ************* ** ******* ** *** important.

********* ******

** **** ** **** ****** **** * ****** ***** **** an ** ******, ******* * ****** ******** **** **** ***, and **** **** **** ** ****** ** * ***** ** entry **** *** *******?

**** ** *** ********** * **** ***** ***'* *** * VPN *** **** **** ******* *** **** ********** ******. **** opens ** ******** ****** ******* *** *********** *********** *** ****** network.

**** ******* *** ***** **** *** ***** '************* ** *** important' *****'* ****** *** **** **** *** *** ******* **************** **********.

**** ******* ******** ******* ** ** **** ******* ***** ************* ********* ******************** **** **** ******* ** ** **** ***** ************, **** we ** ***physical ******** industry are paying too much attention to the cybersecurity of video surveillance equipment?

*** ****** **** ******* *** ***** ** ********* ********** ****** how **** **** **** **** ** *** ********?

*'* ***** ** ****** ********. *** ********** ** ***** ******** in ********, **** ** ** ** ****, ***** **** ***********, EAC, ********* *******, ***** *****, ********, ********, ***, ****** ***** be *****-*********.

**'* **** ******* ***** **** *** **** ** *********** & service ********* ***** ******** *** ** ******** ***** ***** **** open & ****** ***********, ******** *** ***** ** ********** ** = ***.

* ***'* **** ** *'* ******** * ******'* **** *********** or ***** ******* **** ***. *** ****** ** *** ******* (Regardless ** **** ** **.) **** ****** ******* ** *** surface **** ** ******** ******. ** ** *** *** ** layer *** ******** ******** ********* ** ****** ****** **** *** systems ** ********* ** ******* (********** ** **********) ** *** add ** *** ******* **** *********.

***** *** ****** ****:

**** ****** *: ***'* **** ***** ****** **** (*** **** 3)

**** ****** *: ***** ** ****** ******* *******/****** **** ***.

**** ****** *: ***'* ******* ** *** *****.

***! **** **** ***!