• Home
  • About Us
  • Anti Spam Policy
  • Contact
  • Cookie Policy
  • DMCA
  • Disclaimer
  • Privacy Policy
  • Terms and Conditions
Tech News, Magazine & Review WordPress Theme 2017
  • Home
  • Digital Marketing
  • Latest Tech Updates
    • Laptops
    • Software
    • Graphics
    • Data Recovery
    • Food Technology
    • IT Blog
  • Auto Mobile
  • Personal Tech
No Result
View All Result
  • Home
  • Digital Marketing
  • Latest Tech Updates
    • Laptops
    • Software
    • Graphics
    • Data Recovery
    • Food Technology
    • IT Blog
  • Auto Mobile
  • Personal Tech
No Result
View All Result
Trend n Tech
No Result
View All Result

Tech safety at Equifax become so diabolical, senators want to skip US laws making its incompetence unlawful

Julia R. Williams by Julia R. Williams
August 23, 2025
Home Personal Tech

Now Homeland Security committee sticks the boot in.

Credit-rating screen Equifax omitted years of warnings and crimson flags before it turned into thoroughly ransacked in 2017 by hackers, who made off with the private data of roughly one hundred fifty million Americans, Brits, and Canadians, consistent with another congressional probe.

An investigation [PDF] by way of the US Senate Committee on Homeland Security and Governmental Affairs determined that the credit score corporation was negligent in both periods earlier than and after it was hacked. This week’s e-book of the committee’s findings follows a further scathing report issued past due last year by way of House reps.

According to the Senate panel, Equifax body of workers knew their structures were no longer tightly secured and open to attack in 2015 but failed to correctly comfy their networks and had been, in the end, pwned years later through a hole in an Apache Struts 2 set up – protection hollow that a patch changed into publicly to be had for however had no longer been deployed.

Personal Tech

The senator’s document painted a sprawling image of the records-protection dysfunction at Equifax within the lead up to the database breach, consisting of a lack of communication with some of the protection team. The admin in charge of the Struts application is now longer blanketed on the security mailing list, and senior managers from the security teams did not attend monthly meetings that might touch on vulnerability risks.

As a result, the report cited, Equifax wasn’t able to patch the Struts vulnerability until August of 2017, one month after the information theft had befallen. Even when patches were in the vicinity, the committee noted, the method was chaotic and disorganized.

“Equifax’s system for vulnerability scanning turned into a global manner that became disconnected from the enterprise’s local patch control system,” the study said. “Equifax’s former Director of the worldwide threats and vulnerability management team informed the Subcommittee workforce that patching was regional in a few cases, and in a few cases it turned into worldwide.”

The patching troubles were no longer a brand-new phenomenon, either. In 2015, an internal audit discovered that Equifax had many unpatched vulnerabilities in its internal software.

“The audit revealed that Equifax no longer repaired vulnerabilities promptly,” the senators said. “For instance, there have been over 8,500 [sic] medium, high, or critical vulnerabilities existing, with a huge percentage of these being over 90 days old.”
Not exceedingly, the organization that the committee declared “negligent” in its handling of cybersecurity became also scolded for its response to the massive records robbery. The file repeatedly mentioned how an expired SSL certificate in a community traffic tracking device averted Equifax from detecting and coming across the breach for months and the way the agency waited six weeks to offer the general public any records.

Now, the committee recommends that Congress take steps at the federal level to prevent such security screw-ups from ever occurring once more. The senators urge legislators to write up and bypass laws that might require organizations to take primary safety precautions and observe a set manner for notifying customers.

“Congress ought to pass a regulation that establishes a countrywide uniform preference requiring personal entities that gather and store PII [personally identifiable information] to take reasonable and suitable steps to prevent cyberattacks and information breaches,” the committee insisted. “Congress should pass a law requiring personal entities that suffer an information breach to notify affected customers, law enforcement, and the appropriate federal regulatory business enterprise without unreasonable delay.”

Julia R. Williams

Julia R. Williams

I love technology, and I love to share what I learn. I write about the latest tech trends, from hardware to software and beyond. My writing has appeared in various online publications and print publications, including PCMag, MakeUseOf, TheNextWeb, and more. I'm based in San Francisco, California.

Next Post
Dozens of businesses leaked touchy facts way to misconfigured Box debts

Dozens of businesses leaked touchy facts way to misconfigured Box debts

No Result
View All Result

Latest Posts

Data Recovery Tools – How to Recover Lost Data on PC

Data Recovery Tools – How to Recover Lost Data on PC

September 8, 2025
Understanding the Difference: RAM vs VRAM

Understanding the Difference: RAM vs VRAM

September 8, 2025
Mah and Mah: The Power of Connection

Mah and Mah: The Power of Connection

September 8, 2025
Understanding Ambient Temperature: What You Need to Know

Understanding Ambient Temperature: What You Need to Know

September 7, 2025
6 Reasons Your Online Presence Needs a Next-Generation Firewall Protection

6 Reasons Your Online Presence Needs a Next-Generation Firewall Protection

September 4, 2025

Trending today

  • Unblocked Games No Flash – Free Unblocked Games

    Unblocked Games No Flash – Free Unblocked Games

    0 shares
    Share 0 Tweet 0
  • How to Logout of Amazon App in 3 Steps

    0 shares
    Share 0 Tweet 0
  • Dell Vs HP Review

    0 shares
    Share 0 Tweet 0
  • Generation Zero Review: Superb Graphics, Repetitive Gameplay

    0 shares
    Share 0 Tweet 0
  • Storage testing evolving from hardware to software

    0 shares
    Share 0 Tweet 0
  • Home
  • About Us
  • Anti Spam Policy
  • Contact
  • Cookie Policy
  • DMCA
  • Disclaimer
  • Privacy Policy
  • Terms and Conditions

© 2025 TrendNtech - All Rights Reserved To Us!

No Result
View All Result
  • Home
  • Digital Marketing
  • Latest Tech Updates
    • Laptops
    • Software
    • Graphics
    • Data Recovery
    • Food Technology
    • IT Blog
  • Auto Mobile
  • Personal Tech

© 2025 TrendNtech - All Rights Reserved To Us!