September 13, 2017
Did Equifax do everything they could to keep people’s information safe? Not quite!
Last week, it was revealed that Equifax a major credit reporting company got hacked resulting in the personal information of 143 million Americans getting compromised.
It looks as if the hack could bring down the company. Equifax is already facing numerous lawsuits as a result of the security breach.
It turns out the breach could have been avoided. They were using open-source software and failed to patch their systems.
How could this happen? Other than how to protect themselves that’s the question on everyone’s mind about a security breach that could put as many as 143 million Americans at financial risk for the rest of their lives.
On Tuesday, credit reporting company Equifax told USA TODAY the breach was due to an Apache Struts vulnerability. Apache Struts is free, open-source software used to create Java web applications. Several vulnerabilities have been reported, all since patched, but Equifax has not said which one was involved in this breach.
If it was due to an older vulnerability, may experts believe Equifax should have been aware of it and patched the flaw, as such patches are quickly made available.
For a company whose entire business model is largely based around the security of personal information, you would think they’d have a top notch person running their information security. Right?
After all, this is a company that has almost 10,000 employees with many millions of dollars in resources at their disposal. They certainly had the money to hire a top notch leader and an army of information security professionals to ensure their shit was secure.
They did not do this. Their Chief Security Officer or CSO/CISO was a female named Susan Mauldin a college music major. Needless to say, her qualifications for such a role are highly suspect. There is little doubt that she was a C-level affirmative action hire.
She’s also been with Equifax since 2013 so it’s not like she just got the job or something.
Here’s a screen grab from her LinkedIn page.
Equifax even had a recent job posting for a Vice President of Cybersecurity that would have reported to her. The job posting identified her Chief Security Officer role as being responsible for both physical and logical security. It also referred to her position as being the Chief Information Security Officer for the company. It leaves little doubt that she was ultimately responsible for Equifax’s information security. She totally owned what happened.
Of course nobody in the media is blaming her for this. That’s because when shit hits the fan, women can’t be held responsible for anything.
Remember when Marissa Mayer destroyed Yahoo! with her incompetence? They quietly ushered her out the door and gave her many millions of dollars for the trouble. There was hardly any criticism of her terrible job performance in the press.
Women simply do not belong in these positions. How many more of these failures are we going to see before this is recognized as an obvious statement of fact?
All this Jew promoted political correctness is wrecking havoc on our systems!