New York settles with Equifax and others over lax mobile app security

SIPA USA/PA Images New York Attorney General Barbara Underwood announced that the state has reached settlements with five companies regarding a security vulnerability present on each of their mobile apps. Going forward, the companies — Equifax, Western Union, Priceline, Spark Networks and Credit Sesame — will be required to implement security programs aimed at protecting […]

House committee says Equifax data breach was 'entirely preventable'

Andrew Harrer/Bloomberg via Getty Images Congress clearly didn’t buy Equifax’s attempt to pin its massive data breach on one lone technician. The House Oversight and Government Reform Committee has released a staff report declaring that the breach was “entirely preventable” and the result of widespread, systemic flaws in Equifax’s security policies. The company didn’t have […]

Equifax Breach Was Just as Infuriating and Dumb as You Thought, New House Report Finds

[unable to retrieve full-text content] House Republicans spent 14 months investigating the 2017 Equifax breach only to reach the same conclusions that virtually everyone else with a brain did in the immediate aftermath of the company’s disclosure. The breach was “entirely preventable,” lawmakers found, and the credit reporting agency’s shit management did… Read more… Link […]

Equifax breach was ‘entirely preventable’ had it used basic security measures, says House report

A House Oversight Committee report out Monday has concluded that Equifax’s security practices and policies were sub-par and its systems were old and out-of-date, and bothering with basic security measures — like patching vulnerable systems — could’ve prevented its massive data breach last year. It comes a little over a year after Equifax, one of […]

Marriott’s poor data breach response is putting victims at risk of phishing

Last Thursday, Marriott sent out millions of emails warning of a massive data breach — some 500 million guest reservations had been stolen from its Starwood database. One problem: the email sender’s domain didn’t look like it came from Marriott at all. Marriott sent its notification email from “email-marriott.com,” which is registered to a third […]