POST Online Media Lite Edition


Key security executives leaving Equifax after security breach

Staff Writer |
Two senior executives at Equifax are exiting the company following the announcement that the personal information of 143 million U.S. consumers may have been compromised by a data breach.

Article continues below

The company announced that its chief information officer and chief security officer would be retiring.

The retiring of now-former CSO Susan Mauldin and CIO Dave Webb comes a week after Equifax announced a breach of data for about 143 million U.S. consumers, including their names, Social Security numbers, birth dates, addresses and, for some, driver's license numbers.

Equifax released additional information about the breach, saying it was detected on July 29 when suspicious network traffic was detected, and then blocked, on the company's dispute web portal. The next day, suspicious activity was detected again and the company took the affected web application offline.

Equifax said a review of the incident led to discovery of a vulnerability in the Apache Struts web application framework, which was patched before being put back online.

On August 2, Equifax also contracted the cybersecurity firm Mandiant. Over the course of a month, Mandiant identified the unauthorized activity on Equifax's network, revealing how many of its clients' data had been compromised.

The company said that, in addition to the changes of CSO and CIO, it continues to explore ways to improve its security.

What to read next

FTC investigating Equifax data breach
Equifax failed to install important security patch
Equifax takes down web page after new security scare