Presenting at Cyber Security Chicago 2017, Ondrej Vlcek
commented on the breach:
“It is still not clear what kind of vulnerability was taken advantage of in the Equifax breach, however it is likely it was a leak through a web application flaw. It is unacceptable that credit bureaus which hold so much personal information which they then sell, can allow such a breach to happen and practice poor security hygiene. We speculate that the attackers used a SQL injection to gain access. Hackers are consistently searching for these vulnerabilities, and companies, especially those with access to so much sensitive information, need to significantly increase their diligence in maintaining security of their data. This is one of those cases where there is unfortunately really nothing consumers can do except be vigilant. We expect it is only a matter of when, not if, this data appears on the Dark Web market. At this point there are a few actions potential victims can take to help ensure they are protected. First closely monitor all email, social, credit card and bank accounts closely for suspicious activities. Second, consider looking into a credit freeze that will stop hackers from using your identity to accrue debt. Also, don't respond directly to emails and other messages notifying you that you're a victim. They may be scams. Instead, open up a new tab and log in directly to the site in question, or call the support center number listed on their site."
-- Ondrej Vlcek,
CTO and General Manager, Consumer, Avast Business
Secure your place at Cyber Security Chicago and learn how to project your organization from cyber criminals...