You are here:Former CEO blames IT Employee for Equifax Data Breach

Equifax Data BreachEquifax is one the 3 biggest Credit Agencies in the United States, and hold a lot of its populations sensitive data, including Social security numbers and credit cards. In case you’ve been living under a rock there was a huge Equifax data breach where hackers took advantage of a vulnerability on their online platform, and with it had access to roughly 145 million people’s data  including date of birth, social security numbers and even credit cards.

A Hearing Committee was recently put together and was told by the former Equifax CEO, Richard Smith (who retired in the previous week, what a big surprise!), that the breach was caused by one IT technician, who had failed to patch the vulnerability highlighted by the Apache organisation in March (they also released a patch the same day).

“I don’t think we can pass a law that fixes stupid.”  – Equifax Data Breach

Smith highlights in his written testimony, the patch was issued by the Department of Homeland Security’s Computer Emergency Readiness Team (CERT) to in on March 8th, 2017. An Internal email was then sent out and they expected the IT team to have fixed the vulnerability within 48hours which did not happen.

During his testimony smith pointed out a single IT technician who should have applied the patch as responsible.  “The human error was that the individual who’s responsible for communicating in the organization to apply the patch, did not… I don’t think we can pass a law that fixes stupid.” He is quoted as saying.

The committee saw that as a poor excuse (and so do we!) and still lambasted Smith along with Equifax for the failure to protect users data.

To blame an individual for such a major cock-up is unbelievable and incompetent. After all, this was a vulnerability highlighted all the way back in March and all internal investigations show the breach had taken place on on May 13th, and then continued until July 30th.

About the author:

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.