Equifax failed to take even the most basic precautions, alleges lawsuit

A lawsuit on the 2017 data breach allege that Equifax staffers used the default – ‘admin’ – as the username and password to secure customer information portal

How would you secure a portal containing valuable, personal finance information of 148 million accounts of customers spread across the US, Canada and the UK? Equifax employees chose default and used ‘admin’ as username and password, said the the class-action lawsuit launched against the company in the US.

“Equifax employed the username ‘admin’ and the password ‘admin’ to protect a portal used to manage credit disputes, a password that is a surefire way to get hacked,” said the class-action lawsuit document.

The 2017 data breach at Equifax gave away the details of 148 million accounts, with the US Federal Trade Commission (FTC) admitting that almost anyone who had a credit profile in America was probably exposed.

Read more…
Source: SC Media