Federal Trade Commission to investigate Equifax data breach

It was a a “massively egregious” breakdown, computer security expert says.

Associated Press

NEW YORK — The Federal Trade Commission has become the latest authority to announce an investigation into the massive security breach at credit agency Equifax.

The FTC said Thursday that it was opening an investigation into how Equifax got hacked and tens of million Americans’ personal information was either accessed or stolen. Typically the FTC does not disclose who it is investigating, but the agency said the high amount of attention in this case made it necessary.

Equifax disclosed last week that hackers were able to access the personal information of 143 million Americans, including critical things like Social Security numbers, birthdates, addresses and full legal names. Equifax is one of three major credit bureaus that keep track of the financial affairs of U.S. consumers in order help banks make decisions on lending, tracking credit card balances to payment history to court judgments. The other two main credit bureaus are TransUnion and Experian.

“In light of the intense public interest and the potential impact of this matter, I can confirm that FTC staff is investigating the Equifax data breach,” Peter Kaplan, acting director of public affairs at the FTC, said in a statement.

The FTC is not the only Washington authority looking into the breach. The Consumer Financial Protection Bureau previously announced its own investigation, and the House Financial Services Committee plans to hold hearings on the breach in early October. Politicians from both major parties are calling for additional investigations by Congress or the Department of Justice.

As the FTC looks into how Equifax was hacked, the company issued an update late Wednesday blaming the breach on a weak link that computer security experts say should have been fixed long before the break-in occurred.

Equifax said the hackers took advantage of an opening by a flaw in a piece of open-source software called Apache Struts. The problem was identified in March, and a repair known as a patch was released shortly afterward.

The intrusion into Equifax’s computer systems began in May and continued until late July. It wasn’t clear from Equifax’s disclosure whether the company applied the patch and it didn’t work, or whether its security department simply ignored the warning about the problem.

Computer security expert Nate Fick called Equifax’s failure to address the problem a “massively egregious” breakdown that should result in the ouster of the company’s top executives.

“There is no excuse for not following basic cybersecurity hygiene,” said Fick, CEO of security specialist Endgame.

More in Herald Business Journal

Frontier Communications seeks March bankruptcy, sources say

The company reportedly has $356 million of debt payments coming due March 15.

Another unsatisfied Boeing customer: the U.S. Air Force

The service has reminded the new CEO that it’s not happy with Boeing’s aerial-refueling tanker program.

Washington dairies struggle after trade wars and low prices

People are drinking less milk, but “It’s very hard to turn a cow off,” jokes one Stanwood dairyman.

SpaceX launches, destroys rocket in astronaut escape test

Nine-minute flight ended with the Dragon crew capsule parachuting safely into the Atlantic.

What you need to know before 2020 Census starts in Alaska

The Census Bureau starts the head count in The Last Frontier state by going door-to-door in January.

Boeing has a newly discovered software problem on the 737 Max

The issue concerns a program that verifies whether monitors tracking key systems are working properly.

Make this the year you stop wasting food (and money)

A person could save about $370 annually on average by wasting less food.

Changing Boeing’s corporate culture won’t be easy

Systemic errors can sometimes be very difficult to track down and eradicate.

Southwest joins rivals in again delaying Boeing jet’s return

The airline will drop about 330 flights each weekday from its normal 4,000 daily flights.

Most Read