cua cà mau cua tươi sống cua cà mau bao nhiêu 1kg giá cua hôm nay giá cua cà mau hôm nay cua thịt cà mau cua biển cua biển cà mau cách luộc cua cà mau cua gạch cua gạch cà mau vựa cua cà mau lẩu cua cà mau giá cua thịt cà mau hôm nay giá cua gạch cà mau giá cua gạch cách hấp cua cà mau cua cốm cà mau cua hấp mua cua cà mau cua ca mau ban cua ca mau cua cà mau giá rẻ cua biển tươi cuaganic cua cua thịt cà mau cua gạch cà mau cua cà mau gần đây hải sản cà mau cua gạch son cua đầy gạch giá rẻ các loại cua ở việt nam các loại cua biển ở việt nam cua ngon cua giá rẻ cua gia re crab farming crab farming cua cà mau cua cà mau cua tươi sống cua tươi sống cua cà mau bao nhiêu 1kg giá cua hôm nay giá cua cà mau hôm nay cua thịt cà mau cua biển cua biển cà mau cách luộc cua cà mau cua gạch cua gạch cà mau vựa cua cà mau lẩu cua cà mau giá cua thịt cà mau hôm nay giá cua gạch cà mau giá cua gạch cách hấp cua cà mau cua cốm cà mau cua hấp mua cua cà mau cua ca mau ban cua ca mau cua cà mau giá rẻ cua biển tươi cuaganic cua cua thịt cà mau cua gạch cà mau cua cà mau gần đây hải sản cà mau cua gạch son cua đầy gạch giá rẻ các loại cua ở việt nam các loại cua biển ở việt nam cua ngon cua giá rẻ cua gia re crab farming crab farming cua cà mau
Skip to main content
  1. Home
  2. News

Lawsuit alleges Equifax’s stupid password made it super-easy to steal your data

By

Remember that epic Equifax hack from 2017? As it turns out, the company made it pretty easy for hackers to get in. A recent filing in the United States District Court for the Northern District of Georgia, Atlanta Division points out a few of the company’s missteps that might have led to the breach.

The first of those issues comes in the form of the password the company users to protect a portal used to manage credit disputes. While you might think a major company holding personal information like people’s names, addresses, and social security numbers might use an exceptionally secure password in that instance, it actually went for something a different: It used “admin” as both the username and password for the portal.

Not exactly the most secure move.

Recommended Videos

If the shoddy password wasn’t enough, the company also stored unencrypted user information on a public-facing server. That meant that any attacker that compromised the website’s server would immediately have access to all the personal information stored on it, with no additional work required.

Related

The website also wasn’t the only thing it left unencrypted. The company also failed to encrypt its mobile applications, so not only was it keeping sensitive data unencrypted on its own server, it was transmitting that data unencrypted over the internet.

When it did finally encrypt that data, it “left the keys to unlocking the encryption on the same public-facing servers, making it easy to remove the encryption from the data.”

The court filing suggests that the inadequacies in Equifax’s encryption protocol fell short of industry standards and data security laws, going as far to say that the company “did not know what they were doing with respect to data security.”

The hack on Equifax in 2017 reportedly impacted approximately 147 million people, exposing their personal information and social security numbers.

As part of a settlement from the incident, Equifax is paying more than $300 million toward credit monitoring services for the impacted customers. It’s also compensating customers who paid out-of-pocket expenses as a result of the breach.

If you were impacted, you can apply to receive credit monitoring services or a $125 settlement via Equifax’s site now.

Editors’ Recommendations

Topics
Emily Price
Emily Price
Former Digital Trends Contributor
Emily is a freelance writer based in San Francisco. Her book "Productivity Hacks: 500+ Easy Ways to Accomplish More at…
OnePlus customer data stolen in second data breach in two years
oneplus 7t macro lens iphone 11 lacks cameras

Phone company OnePlus has suffered another data breach, with an undisclosed number of customer names, contact numbers, email addresses, and shipping addresses stolen by an unnamed hacker or group.

This comes less than two years after up to 40,000 customers' private information was stolen from OnePlus, leading to credit card fraud using customers' details. In this case, the breach only came to light when the issue of credit card fraud was raised by a user on the OnePlus forums. An investigation subsequently discovered a malicious script had been gobbling up customer credit card details when they were entered into the OnePlus website.

Read more
Apple’s smart home display already sounds like a convenience victory
Nest Hub Max

Over the past few weeks, rumors of Apple developing a smart display for home control have picked up pace. The company is said to be developing two versions, and one of them might even feature a robotic arm and revive an iconic Mac’s design. 

Now, Bloomberg has shared some juicy details about how the entry-level option will look and work. The device will offer a 6-inch screen with a square-ish format flanked by sensors, including a FaceTime camera in landscape orientation. 

Read more
Trade group says EV tax incentive helps U.S. industry compete versus China
ev group support tax incentive 201 seer credit eligibility

The Zero Emission Transportation Association (ZETA), a trade group with members including the likes of Tesla, Waymo, Rivian, and Uber, is coming out in support of tax incentives for both the production and sale of electric vehicles (EVs).

Domestic manufacturers of EVs and their components, such as batteries, have received tax incentives that have driven job opportunities in states like Ohio, Kentucky, Michigan, and Georgia, the group says.

Read more