Federal Trade Commission to investigate Equifax data breach

It was a a “massively egregious” breakdown, computer security expert says.

Associated Press

NEW YORK — The Federal Trade Commission has become the latest authority to announce an investigation into the massive security breach at credit agency Equifax.

The FTC said Thursday that it was opening an investigation into how Equifax got hacked and tens of million Americans’ personal information was either accessed or stolen. Typically the FTC does not disclose who it is investigating, but the agency said the high amount of attention in this case made it necessary.

Equifax disclosed last week that hackers were able to access the personal information of 143 million Americans, including critical things like Social Security numbers, birthdates, addresses and full legal names. Equifax is one of three major credit bureaus that keep track of the financial affairs of U.S. consumers in order help banks make decisions on lending, tracking credit card balances to payment history to court judgments. The other two main credit bureaus are TransUnion and Experian.

“In light of the intense public interest and the potential impact of this matter, I can confirm that FTC staff is investigating the Equifax data breach,” Peter Kaplan, acting director of public affairs at the FTC, said in a statement.

The FTC is not the only Washington authority looking into the breach. The Consumer Financial Protection Bureau previously announced its own investigation, and the House Financial Services Committee plans to hold hearings on the breach in early October. Politicians from both major parties are calling for additional investigations by Congress or the Department of Justice.

As the FTC looks into how Equifax was hacked, the company issued an update late Wednesday blaming the breach on a weak link that computer security experts say should have been fixed long before the break-in occurred.

Equifax said the hackers took advantage of an opening by a flaw in a piece of open-source software called Apache Struts. The problem was identified in March, and a repair known as a patch was released shortly afterward.

The intrusion into Equifax’s computer systems began in May and continued until late July. It wasn’t clear from Equifax’s disclosure whether the company applied the patch and it didn’t work, or whether its security department simply ignored the warning about the problem.

Computer security expert Nate Fick called Equifax’s failure to address the problem a “massively egregious” breakdown that should result in the ouster of the company’s top executives.

“There is no excuse for not following basic cybersecurity hygiene,” said Fick, CEO of security specialist Endgame.

Talk to us

More in Herald Business Journal

Slowdown ahead for port as COVID pummels aerospace industry

The Port of Everett is bracing to suffer as its biggest customer, the Boeing Co., scales back production.

Relieve the pandemic coin shortage: Bust open the piggy bank

The coronavirus lockdown means less metal is in circulation. Banks and merchants are desperate for change.

Rep. Larsen tours small businesses given federal PPP loans

The congressman said leaders in Washington D.C. continue to negotiate for further COVID-19 relief.

Boeing: No orders, more cancellations for grounded 737 Max

The company has lost more than 800 net orders so far this year.

Glacier Lanes won’t be spared: Owners decide to close forever

Bowlers statewide are rallying to open venues shut by COVID rules, but this Everett business isn’t waiting.

Snohomish County PUD embraces ‘smart’ meters despite concerns

A handful of customers said they were worried about privacy, peak-hour rate increases and safety.

Marysville sues Arlington over plan for 500 apartments

Marysville worries the major project on 51st Avenue NE will gum up traffic at a nearby intersection.

Big new apartment complex anchors Broadway’s transformation

The seven-story, 140-unit Kinect @ Broadway is one of several facelifting projects in Everett’s core.

Pop into this Everett pop-up store for new vinyl records

Upper Left Records will offer albums from local bands and new pressings of classic recordings.

Everett’s new equity manager is ready to roll up her sleeves

In her new job, Kay Barnes will work to ensure that the city’s staff reflects Everett’s diversity.

Everett startup makes a swift pivot from in-person to online

Abacus links hobbyists, crafters and artists with people who want to learn new skills — virtually.

Dining in the street is now an official thing in Everett

With a free permit, businesses can expand outdoor seating to street parking areas — and fencing is provided.