Firms Use Software That Enabled Equifax Hack








Equifax’s data breach of nearly two years ago hasn’t taught a majority of Fortune 100 companies a lesson, with reports stating that most are using the same vulnerable version of software that enabled hackers to infiltrate Equifax.

According to a report citing data provided by open source automation company Sonatype, in the second half of 2018, two thirds of Fortune 100 companies downloaded versions of Apache Struts with the same vulnerabilities that Equifax had when it was breached. And that comes even with nearly two years’ worth of patched Apache Struts available in the marketplace.

The report noted that Sonatype won’t name names, but […] Read more

Majority of companies with access to electoral roll are global marketing firms

Illustration: Matt GoldingCredit:

All have identity and credit check platforms – used by financial service providers such as Afterpay, Zip and banks against fraud, money laundering and terrorism financing – but also run marketing operations that sell detailed data to businesses in Australia and around the world.

Experian describes itself as “a leading global information services company, providing data and analytical tools to our clients”.

It says it will help customers “acquire more prospects that fit your most profitable customer profile, gain data-driven insights and leverage analytics and insights […] Read more

5 analytical firms look for fraud in Ayushman Bharat PMJAY

PM Modi at inauguration event of PMJAY in Ranchi

Ayushman Bharat PMJAY is the first government scheme to start proactive fraud detection

If there’s a welfare scheme, there’s a fraud. And as the biggest government health insurance scheme in the world, Ayushman Bharat PMJAY is acutely aware of it.

That is why the National Health Agency – the implementing authority of Ayushman Bharat PMJAY (Pradhan Mantri Jan Arogya Yojana) has roped in five data analytical firms for proactive health scheme.

The analytics firms shortlisted from among 24 applicants who are currently giving their “proof of concept” performances are SAS, MFX, […] Read more

Firms Settle With NY Over App Security Flaw –

New York’s attorney general reached settlements with five companies whose mobile apps had a security vulnerability that could have exposed sensitive user information to hackers.

The companies — Western Union, Priceline, Equifax, Spark Networks, and Credit Sesame — all have apps that handle users’ personal information such as credit card and bank account numbers.

According to New York Attorney General Barbara Underwood, tests performed by her office showed the apps “suffered from a well-known security vulnerability” that could have allowed such information “to be intercepted by eavesdroppers employing simple and well-publicized techniques.”

The settlements require the companies to implement comprehensive security programs to […] Read more

The Future of Knowledge Management in Law Firms

Scott Rechtschaffen, Chief Knowledge Officer, Littler Mendelson

It the turn of the 20th century, many companies created the management position of “vice-president of electricity.” These executives were charged (sorry, pun intended) with ensuring that their factories and offices had ample access to the power sources, wiring, converters, switches and all of the complex equipment necessary to harness the electricity that would power the burgeoning second industrial revolution. These were professionals whose mastery of the new electrification […] Read more

We Warn Congress: After Equifax, Firms Will Step Up Trojan Horse Efforts to Eliminate State Privacy Laws

Like clockwork, after any big data breach is disclosed, powerful special interests seek to turn the problem into a bigger problem for consumers by using it as an opportunity to enact some sort of narrow federal legislation that broadly eliminates state data breach notification, state data security and other privacy protections.  I testified yesterday in the House Financial Services Committee (link to full hearing archive and video transcript) warning of their efforts. I warned in particular of their Trojan Horse efforts to hide their broader plans. They don’t simply want to create a “uniform national breach law.” Inside that Trojan […] Read more

Equifax, other credit rating firms should prepare for ‘a different regime,’ Washington regulator warns

Consumer Financial Protection Bureau Director Richard Cordray speaks during the 2017 Cincinnati AFL-CIO Labor Day Picnic at Coney Island in Cincinnati. (Kareem Elgazzar/Cincinnati Enquirer/AP)

This post has been updated.

One of Washington’s top consumer watchdogs warned on Wednesday that credit rating agencies should prepare for tougher supervision in the wake of a massive hack at Equifax that exposed sensitive data on 143 million people.

“We’re going to have monitoring in place that’s preventive,” Richard Cordray, the head of the Consumer Financial Protection Bureau, said in an interview with CNBC. “It’s going to be a different regime than we’re used to. In […] Read more

Hack batters firms’ reputation with consumers


In the wake of the Equifax breach, a consumer group wants Congress to rethink how we use credit reporting agencies. Consumer Watchdog also wants lawmakers to mandate two factor authentication to safeguard personal information. (Sept. 15)

A view of a sign for the company Equifax on the floor of the New York Stock Exchange. (EPA-EFE/JUSTIN LANE)(Photo: JUSTIN LANE, EPA-EFE)

The Equifax brand is under assault.

Equifax’s reputation with consumers has fallen at a quicker pace than other companies hit by similar data breaches in recent years, according to data from YouGov […] Read more