Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi all! We have been experiencing an issue on site where threads have been missing the latest postings. The platform host Vanilla are working on this issue. A workaround that has been used by some is to navigate back from 1 to 10+ pages to re-sync the thread and this will then show the latest posts. Thanks, Mike.
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

Equifax (again)

  • 21-09-2017 5:23pm
    #1
    Capt'n Midnight
    Moderators, Recreation & Hobbies Moderators, Science, Health & Environment Moderators, Technology & Internet Moderators Posts: 92,489 Mod ✭✭✭✭


    You couldn't make this up.

    Top Tip. If you find yourself in a hole, Stop Digging !


    http://www.bbc.com/news/technology-41347467
    Following its data breach, Equifax set up a new website - equifaxsecurity2017.com - to let people find out more information.

    The website also let people register for a credit monitoring service, by entering personal details into a form.

    Many security researchers said Equifax should have hosted this information on its main website - equifax.com - rather than setting up a new one.

    They pointed out that the new web address looked like one a scammer might set up to try to fool victims.

    Security researcher Nick Sweeting tweeted: "Yeah... no thanks... it would take me literally 20 mins to build a clone of this site."

    He then did exactly that, creating an almost identical version of the website at securityequifax2017.com.

    His fake version of the website also let people fill in their personal information - but then told them they had been "bamboozled".

    Staff operating the Equifax twitter feed shared the fake website with customers several times.


Comments

  • #2
    seamus
    Registered Users, Registered Users 2 Posts: 68,317 ✭✭✭✭seamus


    The vast majority of large companies are handling customer data like this, they've just been lucky not to get caught out. While Equifax's handling of this has been a complete joke, I wouldn't be confident in most other companies to handle it any better.

    The problem occurs when technology is considered an expense - and technology security even more so. Things get done as quickly and cheaply as possible. Best practice is an afterthought, something just holding you back from getting the job done.

    Could you imagine if we constructed buildings the way we build software systems?


  • #3
    DominoDub
    Registered Users, Registered Users 2 Posts: 1,572 ✭✭✭DominoDub


    Another one

    Looks like Deloitte have been cutting corners , with the management of their MS Azure Accounts ...or maybe they Outsourced the responsability of it on the cheap

    https://www.theguardian.com/business/2017/sep/25/deloitte-hit-by-cyber-attack-revealing-clients-secret-emails


  • #4
    PrzemoF
    Registered Users, Registered Users 2 Posts: 1,931 ✭✭✭PrzemoF


    seamus wrote: »
    [..]Could you imagine if we constructed buildings the way we build software systems?

    We used to do it that way and that's why I hope in ~50 to 100 years it will change for software as well. We need well defined standards to make it happen.


  • #5
    industrialhorse
    Registered Users, Registered Users 2 Posts: 203 ✭✭industrialhorse


    The Equifax CEO has walked away but if you have seen the LinkedIn profile of their CSO, your immediate thoughts is that she should have walked as she never appeared to be qualified for that position in the first place!


  • #6
    industrialhorse
    Registered Users, Registered Users 2 Posts: 203 ✭✭industrialhorse


    industrialhorse wrote: »
    The Equifax CEO has walked away but if you have seen the LinkedIn profile of their CSO, your immediate thoughts is that she should have walked as she never appeared to be qualified for that position in the first place!

    I was a bit hasty as it appears the CSO did walk away around 10 days ago. Good riddance anyway:)


  • Advertisement
Advertisement