EQUIFAX 2017 DATA BREACH: Loss of 145+ Million Customers Personally Identifiable Information

EQUIFAX 2017 DATA BREACH: Loss of 145+ Million Customers Personally Identifiable Information.

Table of Content. Overview and Background Equifax 2017 Data Breach Details Timeline of Attack Equifax Data Breach – Cyber Attack Kill Chain Explained Impact of Attack Countermeasures and Response Actions Equifax Recovery Techniques Lessons learnt from this Data Breach Conclusion References.

Equifax Overview and Background. Equifax is a multinational credit reporting agency, founded in 1899 and headquartered in Atlanta, Georgia. Equifax was regarded as one of the Big Three in the US credit reporting agencies, along with Experian and TransUnion. As a credit reporting agency, one of Equifax major assets is PII (Personally Identifiable Information) of consumers. This business asset PII was the target of the attackers in 2017 as Equifax suffered one of the major data breachers which led to a compromise of sensitive customer information..

Equifax 2017 Data Breach Details. Attack Start Date : March 10th, 2017 Date Equifax Identified attack: July 29th, 2017 Asset Affected: 145+ million consumers PII. Attack Vector: A vulnerability in Apache Struts a popular web application framework, which Equifax failed to patch promptly Duration of attack: The attackers spent 76 days within Equifax’s networks without being discovered No fraud or identity theft cases has been traced back to this incident.

Timeline of Equifax Attack. March 7, 2017: Apache releases a patch for the vulnerability (CVE-2017-5638) in Apache Struts March 9, 2017: Equifax administrators were instructed to apply the patch, but it is not applied. March 10, 2017: The first breach occurs on Equifax's web portal through the Struts vulnerability. March 15, 2017: Equifax IT department runs scans to find unpatched systems, but the scans are unable to find the systems that are vulnerable. May 13, 2017: Attackers moved from the compromised server into other parts of the network and start exfiltrating customer data. May through July 2017: Attackers get access to many Equifax databases including the PII on hundreds of millions of people. July 29, 2017: Equifax administrators find out about the attack and renew an expired public-key certificate needed to examine encrypted network traffic. Early August 2017: Equifax executives sell company stock, raising suspicions of insider trading. September 8, 2017: Equifax publicly discloses the breach..

Equifax Data Breach – Cyber Attack Kill Chain Explained.

Impact of Attack. Massive Customer Data Exposure: 145+ million consumers PII were accessed. Financial Loss: $1.4 billion spent on upgrading its Information Technology Security $125 was paid as compensation to each customer whose data was exfiltrated from Equifax’s systems Reputation Damage: Drop in the share of Equifax to 30%. Legal and Regulatory Fallout: Equifax faced numerous lawsuits, investigations, and regulatory actions, including fines and settlements. The former CSO testifies before the congress blaming human error..

Countermeasures and Response Actions. Equifax took steps to reduce the impact which included both technical and organizational approaches Conduct Forensic Investigations by contacting a 3rd party organization (Mandiant). In accordance with breach laws, Equifax Issued a public statement and apologies to stakeholders. Enforcing personnel changes..

Equifax Recovery Techniques. The intention for the recovery was focused on how to move forward, restoring stakeholder trust, and the organization's long-term plan Offering credit monitoring Payment to affected customers ($125 was paid as compensation to each customer whose data was exfiltrated from Equifax’s systems) Ensured open communications with stakeholders Provision of Customer Support Improved IT security architecture (implementation of better security, multilayer security, frequent audits, and third-party evaluations to guarantee they lower the likelihood of this type of attack occurring again) Complied with the regulatory organizations' requirements.

Lessons Learnt from this Data Breach. These attacks always give the organization and other organizations the opportunity to recognize the importance of contingency planning Data Security is Paramount Training and Awareness Importance of patch updating and the importance of staying away from outdated software and technology. Significance of detection and response, access control, information asset encryption Importance of testing your systems in real-life simulation This occurrence in the history of data breach attacks also helped other corporations appreciate the importance of cybersecurity awareness.

Conclusion. In conclusion, this event elaborated the importance of Incident response planning, disaster recovery planning, business continuity planning and crisis management planning. Because if they planned, they would have been prepared and avoided the event from happening.

References. Kara, “Case Study: Equifax Data Breach - Seven Pillars Institute,” Seven Pillars Institute, Apr. 30, 2021. [Online]. Available: https://sevenpillarsinstitute.org/case-study-equifax-data-breach/ J. Fruhlinger, “Equifax data breach FAQ: What happened, who was affected, what was the impact?,” CSO Online, Jun. 28, 2023. [Online]. Available: https://www.csoonline.com/article/567833/equifax-data-breach-faq-what-happened-who-was-affected-what-was-the-impact.html “Inside Equifax’s massive breach: Demo of the exploit | Infosec.” [Online]. Available: https://resources.infosecinstitute.com/topics/hacking/equifax-breach-exploit/ “Equifax Case Study: Cybersecurity Measures | Free Essay Example,” StudyCorgi, Jan. 07, 2023. [Online]. Available: https://studycorgi.com/equifax-case-study-cybersecurity-measures/ “DATA PROTECTION Actions Taken by Equifax and Federal Agencies in Response to the 2017 Breach Accessible Version Report to Congressional Requesters United States Government Accountability Office,” 2018. A. H. Drenick, “The 2017 Equifax Hack: What We Can Learn.” “CYBERSECURITY INCIDENT HANDLING: A CASE STUDY OF THE EQUIFAX DATA BREACH,” Issues In Information Systems, 2018, doi: 10.48009/3_iis_2018_150-159..

THANK YOU. Presented by: Kiwamu Emmanuel - [email protected] Adeosun Damilola - [email protected] Ademola Lawal - [email protected].