700 million reasons for Equifax to remember to patch its vulnerable IT systems in future

Equifax has agreed to pay up to $700 million in a FTC settlement following its 2017 data breach.

Ex-Equifax CIO, who knew about huge data breach, jailed for insider trading

So, just what was Equifax doing during those 40 days between discovering it had been hacked and sharing the bad news with the world?

Well, now we know. Or at least we know what Jun Ying, the CIO of Equifax US Information Solutions, was doing.


Manager who worked on Equifax’s breach website sentenced for insider trading

Sudhakar Reddy Bonthu wasn’t told he was working on Equifax’s breach notification website, but when he worked it out he used the information for his financial advantage.

Read more in my article on the Hot for Security blog.

Don’t blame Panera Bread’s security guy just because he used to work at Equifax

Yes, we should be mad at Panera Bread for its lousy response to a serious security issue.

But things turn ugly when the masses begin to blame individually-named members of the security team.

Ex-Equifax exec charged with insider trading after selling $1 million worth of stock before data breach disclosure

A former Equifax executive, who sold nearly $1 million worth of shares before the company’s massive data breach was made public, has been charged with insider trading.

Smashing Security podcast #057: Mikko – live from the sauna – talks Bitcoin security

How to protect yourself from Bitcoin hackers, why you should think twice before giving Amazon the keys to your house, and how a private investigator tried to hack Donald Trump’s tax returns.

All this and much much more is discussed in the latest edition of the “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Mikko Hyppönen from F-Secure.

Equifax: Umm, actually hackers stole records of 15.2 million Brits, not 400,000

Equifax has confirmed that a recent data breach exposed a file containing 15.2 million UK personal information records.

David Bisson reports.

Misleading headlines about Equifax’s *earlier* hack

Woah! Calm down media. Equifax *did* go public about the earlier incident, and it was reported in the security press.

Heads roll, as it’s revealed Equifax’s IT team knew about web app vulnerability

Patches should have been in place, but Equifax’s music-loving CSO has been unfairly vilified.


Equifax confirms up to 400,000 UK consumers at risk after data breach

Credit reporting agency Equifax has revealed more details of just how many people are affected in the UK, as consumers are warned of the risk of phishing attacks.

Read more in my article on the We Live Security blog.

Smashing Security podcast #042: Equifax, BlueBorne, and the iPhone X

Equifax’s shambolic response to its huge data breach, a scary-sounding Bluetooth exploit, and Apple’s iPhone X comes with Face ID.

All this and more is discussed in the latest edition of the “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guest Javvad Malik.

How to protect yourself in the wake of the Equifax data breach

David Bisson describes some of the ways you can protect yourself against identity thieves following the hack of Equifax.


Up to 44 million UK consumers may have had their identity put at risk after Equifax hack

And don’t imagine for a second that because you may have never heard of Equifax, or done no business with them, that you have somehow escaped from being affected by this breach.

Read more in my article on the Hot for Security blog.

Three Equifax execs sold $1.8 million of stock days after breach discovery

Three Equifax executives sold a combined $1.8 million worth of shares just days after the credit reporting agency discovered a massive data breach.

But before it was made public.

David Bisson reports.

40 days after discovering data leak, Equifax warns that 143 million US consumers could be at risk

Equifax has announced that it has been hacked, and approximately 143 million US consumers may have had their names, social security numbers, dates of birth, addresses accessed by criminals. In some instances, driver license numbers have also been accessed.

143 million? That’s just under half the population of the United States.

Rogues reset ‘passwords’, steal W-2 info from Equifax subsidiary customer employees

Computer criminals reset the “passwords” and stole W-2 tax information from customer employees of an Equifax subsidiary over the past year.

David Bisson reports.