Equifax Breach and Settlement: What Equifax Did Right
Posted inComputers

Equifax Breach and Settlement: What Equifax Did Right

Recently, Equifax announced a settlement with the FTC over the 2017 breach of its corporate network. We wrote about this in January of 2018 and described this breach as “one of the most extensive and intrusive data breaches in history,” and we asked the question, “Could it happen again?” As we’ve seen over the last 18 months, the answer is Yes, with large and small companies having to shell out huge sums in fines, penalties and damages. But this breach and the penalties Equifax had to pay would have been much worse. Because, as bad as Equifax was at protecting its data, there was one thing it did right that saved it hundreds of millions, if not billions, more.

How Equifax Was Breached

The first thing to understand is how important it is to be vigilant about your company’s cybersecurity. As we wrote in 2018, in testimony before Congress, Richard Smith, the CEO of Equifax, apologized for the incident and claimed that the breach had been traced to a single employee’s refusal to listen to security alerts and implement crucial software fixes. In a nutshell, they didn’t update the software with a known security flaw to a newer version. As a result, 143 Million Records were breached.

Do you have any staff members who are less than willing to comply with your company’s Cyber Security policies? Even if damage to your company isn’t likely to reach $143 million, wouldn’t a few hundred thousand dollars in remediation expenses, plus a million dollars or more in fines, hurt your company’s bottom line?

The answer is most likely Yes.

What Equifax Did Right Helped Save Hundreds of Millions More In Fines

Even though other areas of Equifax’s cybersecurity may have been lax, there was one part of their ongoing efforts that helped them tremendously. Once the breach was determined, they were able to identify which records were affected and what data from each record was exposed. They were able to do this because of what Equifax did right: They had comprehensive logging of all of the activity on their network.

In a system like Equifax’s (and like we install for many of our own clients), every time a record of data is accessed — whether viewed, exported, referenced or edited — a log record is written of this activity.

Equifax has records of nearly a billion consumers, but they knew that records for only 143 million were breached. As a result, fines and compensation are based on this number. Without their comprehensive logging, they would have had to pay based on every single record in their databases, which could have greatly increased the penalties.

Cyber Security Is Always Changing

Because cybercrime is always changing, cybersecurity must also change, too. There is no such thing as a “set it and forget it” cybersecurity policy that will protect you in the long run. Cybersecurity must be constantly analyzed and improved in order for it to be effective. Software evolves, gets old, becomes deprecated (like the current crop of Microsoft programs that will be unsupported in January), and becomes a security risk. Even hardware and software that are still in use and supported by the manufacturer need to be consistently updated and maintained. And of course, you can never predict the actions of individual personnel when challenged by a clever social engineering attack.

So what Equifax did wrong was to not respond to a new vulnerability. But what Equifax did right was to have comprehensive logging. This gives them (and you) the ability to help detect attacks before they become successful, and determine how widespread they are in the event the attacks ever do succeed.

What To Do Next?

So what is your takeaway from this Equifax Breach and Settlement? In a nutshell, learn from what Equifax did right. First, you should definitely check to see if your data was compromised by the Equifax breach, and take steps to protect yourself, your personal data if your data was breached. But while it may be helpful to claim your share of the Equifax settlement, installing a proper cybersecurity logging system — especially one that is linked to an SIEM (Security Information and Event Management system) that continually analyzes the logging data — can be far more helpful to you and your company.

If your own company’s cybersecurity plan doesn’t yet include logging, then it’s time that we talk. Digital Uppercut is a specialist in Cybersecurity, providing logging and SIEM systems for companies like yours. Contact us online or call us today at 213-398-8771.