Arrow-right Camera

The Spokesman-Review Newspaper The Spokesman-Review

Saturday, March 28, 2020  Spokane, Washington  Est. May 19, 1883
Partly Cloudy Day 51° Partly Cloudy
News >  Business

Report: Hackers were snooping inside Equifax as of March

This Saturday, July 21, 2012, photo shows signage at the corporate headquarters of Equifax Inc. in Atlanta. (Mike Stewart / Associated Press)
This Saturday, July 21, 2012, photo shows signage at the corporate headquarters of Equifax Inc. in Atlanta. (Mike Stewart / Associated Press)
The Associated Press

Hackers broke into Equifax’s computer systems in March, two months earlier than the company had previously disclosed, according to a Wall Street Journal report .

That gave the intruders months to probe vulnerabilities and eventually gain access to the data of 143 million Americans. The Journal cited a report from the Mandiant unit of security firm FireEye that was sent to some Equifax customers this week.

The breach on March 10 came two days after security researchers at Cisco Systems warned of a flaw in an open-source software package called Apache Struts. One expert told the Journal that hackers probably found the Equifax server by “spamming” the internet for computers with that flaw.

The attackers then essentially cased the Equifax system for several weeks, the Journal reported. They eventually gained access to Equifax usernames and passwords, as well as “documents and sensitive information stored in databases, between May and late July, according to the Mandiant report, the Journal reported.

In an update last Friday, Equifax said that hackers only gained access to “certain files containing personal information” between May 13 and July 30. It did not mention earlier activity.

An Equifax spokesperson contacted by email said the company’s investigation found that someone had “interacted” with the company’s server on March 10. But the representative characterized that as “part of a common pattern of probing of systems on the Internet to find vulnerabilities.” There was no evidence that this probing was related to the more serious compromise of sensitive information, the spokesperson said.

“This is completely consistent with what Equifax has previously released” on the subject, the company representative said.

A spokeswoman for FireEye declined to comment.

Subscribe to the Coronavirus newsletter

Get the day’s latest Coronavirus news delivered to your inbox by subscribing to our newsletter.


Asking the right questions of your CBD company

Bluegrass Hemp Oil in Spokane Valley offers a variety of products that can be very effective for helping with some health conditions. (Courtesy BHO)
Sponsored

If you are like most CBD (cannabidiol) curious consumers, you’ve heard CBD can help with many ailments.