Federal Trade Commission to investigate Equifax data breach

It was a a “massively egregious” breakdown, computer security expert says.

Associated Press

NEW YORK — The Federal Trade Commission has become the latest authority to announce an investigation into the massive security breach at credit agency Equifax.

The FTC said Thursday that it was opening an investigation into how Equifax got hacked and tens of million Americans’ personal information was either accessed or stolen. Typically the FTC does not disclose who it is investigating, but the agency said the high amount of attention in this case made it necessary.

Equifax disclosed last week that hackers were able to access the personal information of 143 million Americans, including critical things like Social Security numbers, birthdates, addresses and full legal names. Equifax is one of three major credit bureaus that keep track of the financial affairs of U.S. consumers in order help banks make decisions on lending, tracking credit card balances to payment history to court judgments. The other two main credit bureaus are TransUnion and Experian.

“In light of the intense public interest and the potential impact of this matter, I can confirm that FTC staff is investigating the Equifax data breach,” Peter Kaplan, acting director of public affairs at the FTC, said in a statement.

The FTC is not the only Washington authority looking into the breach. The Consumer Financial Protection Bureau previously announced its own investigation, and the House Financial Services Committee plans to hold hearings on the breach in early October. Politicians from both major parties are calling for additional investigations by Congress or the Department of Justice.

As the FTC looks into how Equifax was hacked, the company issued an update late Wednesday blaming the breach on a weak link that computer security experts say should have been fixed long before the break-in occurred.

Equifax said the hackers took advantage of an opening by a flaw in a piece of open-source software called Apache Struts. The problem was identified in March, and a repair known as a patch was released shortly afterward.

The intrusion into Equifax’s computer systems began in May and continued until late July. It wasn’t clear from Equifax’s disclosure whether the company applied the patch and it didn’t work, or whether its security department simply ignored the warning about the problem.

Computer security expert Nate Fick called Equifax’s failure to address the problem a “massively egregious” breakdown that should result in the ouster of the company’s top executives.

“There is no excuse for not following basic cybersecurity hygiene,” said Fick, CEO of security specialist Endgame.

Talk to us

More in Herald Business Journal

Homes in The Point subdivision border the construction of the Go East Corp. landfill on Wednesday, Nov. 10, 2021 in Everett, Wa. (Olivia Vanni / The Herald)
Mudslide briefly stalls housing project at former Everett landfill

The slide buried two excavators in September. Work has resumed to make room for nearly 100 new houses.

Ameé Quiriconi, Snohomish author, podcaster and entrepreneur.  (Kevin Clark / The Herald)
Snohomish author’s handbook charts a course for female entrepreneurs

She’s invented sustainable concrete, run award-winning wedding venues and worked in business… Continue reading

FILE - In this June 12, 2017, file photo, a Boeing 787 airplane being built for Norwegian Air Shuttle is shown at Boeing Co.'s assembly facility, in Everett, Wash. Boeing is dealing with a new production problem involving its 787 jet, in which inspections have found flaws in the way that sections of the rear of the plane were joined together. Boeing said Tuesday, Sept. 8, 2020, it's not an immediate safety risk but could cause the planes to age prematurely. (AP Photo/Ted S. Warren, File)
FAA memo reveals more Boeing 787 manufacturing defects

The company said the problems do not present an immediate safety-of-flight issue.

A final environmental cleanup is set to begin next year at the ExxonMobil and ADC properties, neighboring the Port of Everett. Photo courtesy of the Washington State Department of Ecology.
Port of Everett to get $350K for its costs in soil clean-up

The end is finally in sight for a project to scrub petroleum from two waterfront parcels, owned by ExxonMobil and ADC.

Shawn Loring, owner of Lazy Boy Brewing, received $10,000 through Everett's federal CARES Act funding.  (Kevin Clark / The Herald)
Everett, Snohomish breweries to open on Everett waterfront

Lazy Boy Brewing and Sound to Summit see a bright future at the port’s Waterfront Place.

A woman walks by models of Boeing Co. aircraft, including the manufacturer's new Boeing 777X, at the Dubai Air Show in Dubai, United Arab Emirates, Wednesday, Nov. 17, 2021. (AP Photo/Jon Gambrell)
India’s Akasa Air buys engines worth $4.5 billion for new 737 Maxs

Boeing clinched a deal at the Dubai Air Show to sell 72 of the jets for some $9 billion.

FAA Administrator Steve Dickson speaks to lawmakers as Michael Stumo, holding a photo of his daughter Samya Rose Stumo, and his wife Nadia Milleron, sit behind him during a Senate Committee on Commerce, Science, and Transportation hearing on the implementation of aviation safety reform at the US Capitol in Washington on Wednesday, Nov. 3, 2021. Samya Stumo was among those killed in a Boeing 737 Max 8 crash in 2019. (AP Photo/Amanda Andrade-Rhoades)
FAA says Boeing is appointing people lacking expertise to oversee airplane certification

The company was replacing senior FAA-authorized engineers who took early retirement during the pandemic.

FILE - In this Wednesday, July 17, 2019, file photo, Rep. Angie Craig, D-Minn., center, talks with Paul Njoroge, right, who lost his wife and three young children, as Michael Stumo, left, who lost his daughter, looks on before the start of a House Transportation subcommittee hearing on aviation safety, on Capitol Hill in Washington. The year since the crash of an Ethiopian Airlines Boeing 737 Max has been a journey through grief, anger and determination for the families of those who died, as well as having far-reaching consequences for the aeronautics industry as it brought about the grounding of all Boeing 737 Max 8 and 9 jets, which remain out of service. (AP Photo/Susan Walsh, File)
Boeing settles with Ethiopia 737 Max crash victims

The agreement allows victims’ families to pursue claims in U.S. courts instead of their home country.

Dennie Willard, a Navy veteran, became homeless in 2014 and began job training through HopeWorks at Renew Home and Decor. (Kevin Clark / The Herald)
Looking for his ‘last job,’ veteran found new work, new life

U.S. Navy veteran Dennis Willard, once homeless, now works for the nonprofit that helped him.

People hold signs in protest of the vaccine mandate along Airport Road next to Boeing on Friday, Oct. 15, 2021 in Everett, Wa. (Olivia Vanni / The Herald)
Report: 11,000 Boeing workers seek vaccination exemptions

Reuters says executives are scrambling to balance a company and federal mandate with the need to retain workers.

Port of Everett CEO Lisa Lefeber points back to the new retail site at Fisherman's Harbor at Waterfront Place during a groundbreaking ceremony on Monday, Nov. 8, 2021 in Everett, Washington. The project will construct two new buildings to house the new Asian-inspired Fisherman Jack’s restaurant, South Fork Bakery, and three marine-related offices adjacent to the new Waterfront Place Apartments and Hotel Indigo.
 (Andy Bronson / The Herald)
Port of Everett breaks ground on a new ‘restaurant row’

American-Chinese restaurant Fisherman Jack’s and South Fork Bakery are two businesses that will call the waterfront home.

A private plane taxis past the Paine Field passenger terminal on Wednesday, Nov. 3, 2021 in Everett, Wa. (Olivia Vanni / The Herald)
Forecast: A quadrupling of Paine Field passengers by 2040

How should Everett’s airport handle rebounding demand? A virtual meeting is set for Tuesday to talk about a master plan.