Professional Documents
Culture Documents
Jatin
Jatin
The Equifax data breach of 2017 stands as a stark reminder of the devastating consequences of
neglecting cybersecurity. This massive breach, affecting over 147 million individuals, exposed
sensitive personal information including names, Social Security numbers, birth dates, addresses,
and driver’s license numbers. The incident highlighted critical vulnerabilities in Equifax's security
practices and served as a watershed moment for the industry, emphasizing the paramount
importance of proactive security measures and robust incident response plans.
Unpatched Vulnerability: The Root Cause
2 Extended Period
The data exfiltration process spanned several months. Attackers diligently extracted sensitive data,
including names, Social Security numbers, and other personal information, without triggering any
alarms.
3 Impact of Exfiltration
The successful exfiltration of sensitive data had a profound impact on Equifax and its customers,
resulting in significant financial, reputational, and legal consequences. The breach undermined
trust and exposed individuals to potential identity theft.
Detection and Response Delay: Missing the
Signs
Late Detection Lack of Monitoring Consequences of Delay
Missed Opportunities
A well-defined incident response plan should have enabled Equifax to respond swiftly and
effectively to the breach, minimizing the damage and mitigating the consequences for its
customers. The lack of a robust plan exacerbated the situation.
Encryption Failure: Unprotected Data
Data Encryption Protects sensitive data even if While some data was
accessed by unauthorized encrypted, attackers accessed
individuals. unencrypted information and
obtained decryption keys.