Share prices have plunged and millions of people’s personal information has been exposed.
Richard Henderson, Global Security Strategist, Absolute
“Just when we think the days of massive breaches are behind us, another company pops up and says, “here, hold my beer and watch this!”
“All joking aside, this is likely going to be the ‘breach of the year’, if such awards were handed out. Over 140 million Americans have had their info potentially stolen. That’s over 40% of the entire population of the United States.
“This is the biggest fear of any company who collects such intimate and personal data of people come true. The data reportedly stolen (as of now) includes full names and birthdays, addresses, SSNs and in some cases driver’s license numbers. This is a motherlode of information for cybercriminals looking to commit identity theft.
“We have to expect that the fallout from this will likely be unprecedented. Many people are going to lose their jobs, including Equifax executives, people will be brought before Congress to explain what happened, and consumer trust in *all* of the credit reporting agencies will be eroded.
“It may be time for us to reconsider exactly how we allow companies to store all of this data. It’s clear that these mega-databases are prime targets for attack, and we may need to take a hard look at legislative changes that will force databrokers and collectors to take security up a few levels.”
Amit Yoran, CEO of Tenable
“The details of any incident may not be known until a thorough forensic investigation is complete. Too much speculation before the facts are known is irresponsible.
“We do know that the modern attack surface that organizations have to protect is extremely complex. Their IT systems are constantly evolving and it’s imperative that they maintain a current understanding of their systems, how their business relies on technology, and what their state of cyber hygiene looks like. Those are foundational requirements to understand and manage their level of cyber and business risk.”
Tim Erlin, VP, Product Management and Strategy at Tripwire
“It’s clearly early days for this news, and we can expect to learn more about the details in the future. With nearly every publicly announced breach, there’s new information discovered after the initial disclosure.
“The best time to develop a response plan for a breach is well before one occurs. Information security teams at other organizations should use this incident as an opportunity to evaluate their own plans.
“All organizations that collect and store sensitive data are targets. Doing the basics right, such as ensuring secure configurations, managing vulnerabilities and capturing log data, is the most effective way to prevent breaches.
“A breach isn’t a single point in time, but a span of time in which an organization is compromised. Prevention is primary, but detection and response are absolutely necessary as well.”
Andrew Clarke – EMEA Director at One Identity
“Whenever news breaks of a cyber attack nowadays it just seems to get worse every time. 143M consumers is a massive hit. And the immediate damage is to the reputation of Equifax. After hours share price is dropping which takes millions off the companies value plus the inevitable regulatory inspections and subsequent fines – this will absolutely cause them long-term damage.
“It is also revealed that 209K customer credit card numbers were accessed – if this is the case, it breaks PCI regulations plus causes a logistically nightmare for the affected consumers and credit card providers. We have witnessed many cases now of this type of incident and experience shows that it is basic measures that would have cost substantially less than the impact costs to mitigate.
“Often we see privilege or administrator accounts being used to gain super-user status in the infrastructure which enables attackers to plant malware and circumvent security measures to access what would be otherwise secure records and databases. Privilege Access Management is proving to be one of the most foundational measures that a company can take to control and manage this risk.
Read more: You’ve Been Breached, What Now?
“Other factors include user education coupled with best security practices embracing tools such as firewalls; patch management and vulnerability assessment to close loop-holes and limit exposure. In addition, the fact the attack occurred from mid-May to mid-July points to the fact that tools such identity analytics and risk intelligence are not in place or working effectively here.
“After this attack, as Equifax attempt to recover their position, big questions will be asked in the board-room – but as ever post attack these are always challenging to deal with – it is far better to anticipate that this type of attack is very likely now and have detailed plans to deal with it both from a technical perspective but also a public relations perspective. Unfortunately, after the event it is often too late to save the day!”