The Equifax breach has been one of the worst ever handled breach in the history of breaches, maybe ever. We saw how careless the company’s response was, watched them unethically dump stocks before they crashed and learnt that they hid the truth for a month in the first place.
Now just when we thought that it couldn’t get worse, Equifax said yesterday that an ongoing investigation into the hack determined that the server was actually first compromised on March 10, nearly seven months ago! In a disclosed report by FireEye, a cyber-security firm detailed that an online dispute website at the heart of the theft of some 143 million consumer records was initially compromised by hackers on March 10, four months before the company noticed any suspicious activity.
The report, which was first obtained and disclosed by Reuters, held quite a bit of info on the hack and described the techniques that the unknown attackers used to compromise Equifax, including the exploitation of a vulnerability in one of the softwares known as Apache Struts that was used to build the online dispute website.
While the server was compromised, nothing was stolen or tampered with until four months later when a vast cash of personal information of nearly 143 million Americans was stolen from it. It is also not clear whether the March hackers are the same hackers who stole the data later. The report said that the firm was unable to determine who was behind the attack, and that the tools and methods employed in this attack were unlike the firm had ever seen.