Posted on Sep 16, 2017
How badly did Equifax breach damage the Social Security system?
1.34K
5
6
4
4
0
Posted 7 y ago
Responses: 4
It took me several days to reach Experian. Due to previous breaches I have used their Triple Advantage program. Since they all share data I was concerned that they may have been affected. Endless hours on hold and after 2 days they finally put a message on the contact number that they were not involved or affected. With 143 million affected the odds were high that others outside of Equifax may have been impacted. All of their websites were dead links so this made it seem worse. Turns out they have renamed the program and didn't notify customers. Equifax used ADMIN for user name and login. Several execs dumped shares before the breach was reported. They also offered free credit monitoring for a year but there was a catch. Some users and state AGs discovered that the terms of service for the "free" monitoring had a clause in the fine print that prevented users from joining in a class action suit. Considering what is at stake, it's scary how these companies do business. Very sneaky to say the least.
(0)
(0)
I appreciate you keeping us in the loop, Tony, but I'm tired of hearing from Public Affairs. I want to hear from the techs - those whose jobs are (should?) be on the line. Where's the cybersecurity team. SSG Derek Scheller, thoughts?
PO3 Dale S., SN Greg Wright, SSgt Mark Lines, what am I missing here?
PO3 Dale S., SN Greg Wright, SSgt Mark Lines, what am I missing here?
(0)
(0)
SSgt Mark Lines
SGT (Join to see) You have not missed anything. So far, we haven't heard about the tech side. I think, that in the end, it will come down to the same problems that I see the use of tech in the workplace has. One is "external" to tech support people and one is self-inflicted by techs.
1. Their techs told them they needed to do X or Y, but management vetoed it because of cost. I have heard stories and seen it myself where companies will have no problem spending big money on "things they can see" such as desks, chairs, fancy coffee maker for the break room, etc... but balk at spending the same amount as a good office chair to secure their network. Then when a breach or problem happens, the tech gets the blame. That is why I would do have them put their refusal in writing and keep it on file.
2. The techs had the patches needed to harden the network, but they did not roll them out in time, because they were still testing them. This is what happened to many computers during the Wannacry event. The patch to fix the vulnerability was released over 2 months prior, but the techs were still testing them for "stability" and hadn't rolled the patch out yet.
How do we fix these problems, I have no idea. As we become more reliant on tech to do our jobs, these problems really need to be fixed.
I hope that all made sense.
1. Their techs told them they needed to do X or Y, but management vetoed it because of cost. I have heard stories and seen it myself where companies will have no problem spending big money on "things they can see" such as desks, chairs, fancy coffee maker for the break room, etc... but balk at spending the same amount as a good office chair to secure their network. Then when a breach or problem happens, the tech gets the blame. That is why I would do have them put their refusal in writing and keep it on file.
2. The techs had the patches needed to harden the network, but they did not roll them out in time, because they were still testing them. This is what happened to many computers during the Wannacry event. The patch to fix the vulnerability was released over 2 months prior, but the techs were still testing them for "stability" and hadn't rolled the patch out yet.
How do we fix these problems, I have no idea. As we become more reliant on tech to do our jobs, these problems really need to be fixed.
I hope that all made sense.
(1)
(0)
SGT (Join to see)
SSgt Mark Lines - That makes perfect sense. Saw that in the military at times too. Few want to listen to tech but are quick to blame them. After a first false burns of that I started archiving emails. That really pissed people off. Made my day every time.
(1)
(0)
Read This Next