Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

Equifax (again)

  • 21-09-2017 4:23pm
    #1
    Moderators, Recreation & Hobbies Moderators, Science, Health & Environment Moderators, Technology & Internet Moderators Posts: 93,583 Mod ✭✭✭✭


    You couldn't make this up.

    Top Tip. If you find yourself in a hole, Stop Digging !


    http://www.bbc.com/news/technology-41347467
    Following its data breach, Equifax set up a new website - equifaxsecurity2017.com - to let people find out more information.

    The website also let people register for a credit monitoring service, by entering personal details into a form.

    Many security researchers said Equifax should have hosted this information on its main website - equifax.com - rather than setting up a new one.

    They pointed out that the new web address looked like one a scammer might set up to try to fool victims.

    Security researcher Nick Sweeting tweeted: "Yeah... no thanks... it would take me literally 20 mins to build a clone of this site."

    He then did exactly that, creating an almost identical version of the website at securityequifax2017.com.

    His fake version of the website also let people fill in their personal information - but then told them they had been "bamboozled".

    Staff operating the Equifax twitter feed shared the fake website with customers several times.


Comments

  • Registered Users, Registered Users 2 Posts: 68,317 ✭✭✭✭seamus


    The vast majority of large companies are handling customer data like this, they've just been lucky not to get caught out. While Equifax's handling of this has been a complete joke, I wouldn't be confident in most other companies to handle it any better.

    The problem occurs when technology is considered an expense - and technology security even more so. Things get done as quickly and cheaply as possible. Best practice is an afterthought, something just holding you back from getting the job done.

    Could you imagine if we constructed buildings the way we build software systems?


  • Registered Users, Registered Users 2 Posts: 1,572 ✭✭✭DominoDub


    Another one

    Looks like Deloitte have been cutting corners , with the management of their MS Azure Accounts ...or maybe they Outsourced the responsability of it on the cheap

    https://www.theguardian.com/business/2017/sep/25/deloitte-hit-by-cyber-attack-revealing-clients-secret-emails


  • Registered Users, Registered Users 2 Posts: 1,931 ✭✭✭PrzemoF


    seamus wrote: »
    [..]Could you imagine if we constructed buildings the way we build software systems?

    We used to do it that way and that's why I hope in ~50 to 100 years it will change for software as well. We need well defined standards to make it happen.


  • Registered Users, Registered Users 2 Posts: 203 ✭✭industrialhorse


    The Equifax CEO has walked away but if you have seen the LinkedIn profile of their CSO, your immediate thoughts is that she should have walked as she never appeared to be qualified for that position in the first place!


  • Registered Users, Registered Users 2 Posts: 203 ✭✭industrialhorse


    The Equifax CEO has walked away but if you have seen the LinkedIn profile of their CSO, your immediate thoughts is that she should have walked as she never appeared to be qualified for that position in the first place!

    I was a bit hasty as it appears the CSO did walk away around 10 days ago. Good riddance anyway:)


  • Advertisement
Advertisement