The gigantic Equifax hack catastrophe has just got a bit worse, with the firm revealing that it was additionally hacked back in March – two months before the main breach in May.
Following this? Getting forthright and speedy updates from Equifax is like getting blood from a stone – they’ve already been forced by the Information Commissioner’s Office to tell 400,000 Brits that a file containing their personal details was accessed by hackers.
An astonishing 143 million US customers had their details stolen in May’s cyber-attack.
What next? Were they hacked in January too? During 2016? 2015? The mind boggles around the troubled company’s security breach history.
Last week, the chief information officer and chief security officer left the firm – which is probably for the best. Apparently, the hack was made possible by a problem with its Apache software. In a statement, Equifax said it was ‘aware of this vulnerability at that time, and [we] took efforts to identify and to patch any vulnerable systems in the company’s IT infrastructure’.
Between the May hack and Equifax recently coming clean, the firm’s executives carried on selling the company’s stock, who have of course maintained that knew nothing about the breach. But did they know about March’s hack? The plot thickens.