Equifax Reopens Salary Lookup Service — Krebs on Security

Equifax has re-opened a Web site that lets anyone look up the salary history of a large portion of the American workforce using little more than a person’s Social Security number and their date of birth. The big-three credit bureau took the site down just hours after I wrote about it on Oct. 8, and began restoring the site eight days later saying it had added unspecified “security enhancements.”

The Work Number, Equifax’s salary and employment history portal.

At issue is a service provided by Equifax’s TALX division called The Work Number. The service is designed to provide automated employment and income verification for […] Read more

Equifax is facing a towering pile of class action law suits – Naked Security

Lisa Vaas

I’ve been writing about technology, careers, science and health since 1995. I rose to the lofty heights of Executive Editor for eWEEK, popped out with the 2008 crash, joined the freelancer economy, and am still writing for my beloved peeps at places like Sophos’s Naked Security, CIO Mag, ComputerWorld, PC Mag, IT Expert Voice, Software Quality Connection, Time, and the US and British editions of HP’s Input/Output. I respond to cash and spicy sites, so don’t be shy.

[…] Read more

Thoughts on the Equifax security breach: Be proactive

Mary Baldwin
Published 1:32 p.m. ET Oct. 30, 2017 | Updated 1:37 p.m. ET Oct. 30, 2017

Getty Images/iStockphoto Hand Holding Pen Over Social Security Benefits Form(Photo: Getty Images/iStockphoto)

If you’re concerned about the Equifax data breach, you’re in good company. Criminals broke into their database and stole names, Social Security numbers, birthdates, addresses and, even the drivers licenses of 145 million people. Approximately 209,000 people had credit card numbers stolen.

These thieves can open new lines of credit, steal your tax refund, prevent you from filing […] Read more

Equifax restoring The Work Number portal with beefed-up security

Equifax continues work to add new security features and restore full access to The Work Number following a report highlighting potential security vulnerabilities in a browser-based portal of its employment verification service.

The Work Number employee portal was taken offline for servicing on Oct. 8, according to Equifax spokesperson Wyatt Jefferies.

“At that time, we also decided to accelerate the implementation of select security enhancements to our platforms which extended the service outage timeframe,” he said in an email.

That’s the same day cybersecurity journalist Brian Krebs published a report claiming consumer data stolen in Equifax’s massive data breach earlier this year, along […] Read more

After Equifax, New Security Considerations Emerge – Forbes

Forbes

After Equifax, New Security Considerations EmergeForbesWASHINGTON, DC – OCTOBER 03: Former Republican Senator from Georgia Saxby Chambliss (R) advises former Equifax CEO Richard Smith before he testifies to the House Energy and Commerce Committee’s Digital Commerce and Consumer Protection …Equifax hack may shake up consumer data lawsCNETData breaches wouldn’t be a big deal if we prepared better for the inevitableAllentown Morning Call

all 4 news articles »

[…] Read more

IRS suspends its contract with Equifax amid new security concerns

Americans are outraged about the Equifax data breach that exposed the personal and financial data of 143 million people.

Americans are outraged about the Equifax data breach that exposed the personal and financial data of 143 million people.

The IRS has temporarily suspended its $7 million contract with Equifax following reports of new security issues.

The tax agency said late Thursday that it’s putting the deal on hold “as a precautionary step.”

“During this suspension, the IRS will continue its review of Equifax systems and security,” the agency said in a statement, adding that “there is still no indication of […] Read more

After Pressure Over Security Concerns, IRS Suspends Equifax Contract – Forbes

Forbes

After Pressure Over Security Concerns, IRS Suspends Equifax ContractForbesOne security breach might not have been enough to shake the confidence of the Internal Revenue Service (IRS) in Equifax, but apparently, a second cyber attack did the trick. The IRS has announced that it has suspended its contract with the credit …IRS freezes its fraud prevention contract with EquifaxEngadgetIRS suspends contract with Equifax after malware discoveredCBS NewsIRS Suspends $7 Million Contract After Equifax Screw Ups for the Umpteenth TimeGizmodoCNET –Politico –The Hill (blog)all 13 news articles »

[…] Read more

Equifax rage fueled by IRS contract, talk on Social Security numbers.

Former chairman and CEO of Equifax, Richard F. Smith, testifies before the Digital Commerce and Consumer Protection Subcommittee of the House Commerce Committee on Capitol Hill, Tuesday, Oct. 3, 2017 in Washington.(Photo: Carolyn Kaster, AP)

The Equifax data breach has generated a brand new, startling buzz: Do we really need to figure out a way to stop using Social Security numbers?

Seriously. Is it possible that so many crooks already have our number that there’s no other way to stop the filing of fake federal tax returns or protect our IDs so that fraudsters don’t open up […] Read more

Cyber Security Summit | KATV

Details about an upcoming cyber security summit.

LITTLE ROCK (KATV) –

Arkansas companies will no doubt want to hire some of those cyber grads in the future.

But data breaches are a threat now.

Tonighthow the Better Business Bureau is working to educate business owners about cyber security.

October is cyber security month.

The Arkansas Better Business Bureau wants to help make sure that Arkansas companies don’t get hooked by hackers…and, if they do, make sure businesses know what to do.

Cyber security involves being proactive and, if a breach occurs, reactive.

“It can sink a business,” says Janet Robb with the Arkansas BBB. “There are a […] Read more

Equifax blames hack on state actors, but breach followed spat with security contractor / Boing Boing


Equifax sources say that the massive breach of 140,000,000 Americans’ personal information was the result of state-sponsored hackers, likely from China, but attribution is hard and inexact.


One thing we can attribute the breach to, though, is bungling. Equifax and Mandiant — its independent security contractor — got into “a squabble” just as the hackers were breaking into Equifax’s systems, and by the time everything had been smoothed over, the attackers had installed 30 web-shells in Equifax’s systems, any one of which would allow attackers to have free run of Equifax’s data.


In the years preceding the breach, then-Equifax CEO Richard Smith […] Read more