Last Updated on November 29, 2019 by Christopher G Mendla
Some more on the equifax thing. Yesterday I posted links to the fact that the Chief of Security for Equifax had a Masters in MUSIC..
I came across an excellent article where, apparently, the writer was in direct contact with the hackers. The lack of security of OUR PERSONAL INFORMATION at the hands of Equifax is appalling.
In one example, they had a critical dashboard secured as admin/admin.. In another case, they had the private keys stored directly on a dashboard page.
This is a company that holds personal information on millions of americans.
http://spuz.me/blog/zine/3Qu1F4x.html
At the end of the article, the author raises some interesting questions.
here are some real questions that come out of this, like why were all these servers accessible by anyone on the internet? Why were default passwords used? What type of security team within a credit agency would allow these practices? Not only that but let us not forget that there were reports of Equifax employees selling their stocks right before the breach happened. There are possibilities here that this was indeed, an inside job.”
So, what is the solution?? I don’t think that additional regulations and mandates from a bloated federal bureaucracy would really be the answer. OTOH, a massive class action lawsuit would send a strong message to companies that handle personally identifiable information. I’m not a fan of lawyers and lawsuits but there are times when they have a certain usefulness.