Equifax blames massive data breach on Apache Struts vulnerability

Equifax blames massive data breach on Apache Struts vulnerability

Hack compromised the personal details of as many as 143 million US consumers

Credit reporting company, Equifax, has blamed a web server vulnerability in its open-source software, Apache Struts, for the massive data breach that compromised personal details of as many as 143 million consumers in the United States.

The massive data breach had exposed valuable information to hackers between mid-May and July and sent Equifax shares tumbling, the company said last week.

"We continue to work with law enforcement as part of our criminal investigation, and have shared indicators of compromise with law enforcement," Equifax said in a statement on Wednesday.

Cyber security experts said it was among the largest hacks ever recorded and was particularly troubling due to the richness of the information exposed - names, birthdays, addresses and Social Security and driver's license numbers.

Equifax said it is determining with the assistance of an independent cybersecurity firm what exact information was compromised during the data breach.

Equifax Chief Executive Richard Smith is expected to testify before a US House of Representatives panel on 3 October after nearly 40 states joined a probe of the company's handling of the breach.

(Reporting by Kanishka Singh in Bengaluru; Editing by Gopakumar Warrier)

Follow Us

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags hackEquifaxApache Struts

Brand Post

Show Comments

Industry Events

24 May
ARN Exchange
20 May
View all events