Yusuf On SecuritySecurity news, opinion and advice

Equifax Data Breach

The Wikipage of Equifax Inc. states. “Equifax is a consumer credit reporting agency. Equifax collects and aggregates information on over 800 million individual consumers and more than 88 million businesses worldwide”.

Unfortunately, they’ve been breached.

They lost control of almost half of the US population’s record. This may impact 143 Millions to be exact. This includes social security numbers and other sensitive data.

Equifax.com is not responding at the time of publication of this article.

My take on these increasing data breaches is that the approach to how we protect, share, disseminate, use and then (hopeful) destroy data when no longer required is clearly broken. Indeed data will always be needed for various reasons, but I clearly believe corporate and the security community ought to go back to the drawing board on how we should get out of this mess. A solution will be found but we should start admitting the system is broken and is in dire need for repaired. We can start with the basics and use the myriads of tools and technologies already available by following vulnerabilities where they exist and most importantly by applying vendor released patches to close the holes. In parallel applying a security policy that evolves with the need of the organisation and disposing of unnecessary and potentially toxic data will go a long way. 

Join the discussion

Further reading

What will it take?

A great piece on what it will take to improve the safety of the connected world. Read it here.

Extended detection and response (XDR)

Extended detection and response (XDR) captures threat data from previously isolated security tools throughout the organizations tech stack to enable...

Log4j Vulnerabilities

Towards the end of November, a researcher from Alibaba discovered a fault (CVE-2021-44228) in a well known open-source logging library called...

Recent podcasts