【】

Equifax was hacked this past summer. You already know this. However, according to a new report, the company's computer systems were alsoallegedly broken into in March. And here's the kicker: The same crew might be responsible for both incidents.

That's right, the same culprits behind the theft of personal information on potentially 143 million Americans might have been poking around in Equifax's databases months earlier.

The news comes to us via Bloomberg, which notes that "three people familiar with the situation" told the publication about the alleged March intrusion. One of those three people claim "the breaches involve the same intruders."

And it's not like Equifax didn't know about it at the time. As Bloombergreports, the company hired a cybersecurity firm to investigate the March breach. But wait, it gets worse.

That potentially the same hackers may have been able to return to Equifax's systems to pilfer massive amounts of information is especially baffling considering the vulnerability the hackers reportedly used in the more recent breach was known in March, according to Bloomberg.

However, the problem wasn't fixed until the second hack was detected in July, the publication reports. That massive hack took place between May and July.

"We know that criminals exploited a US website application vulnerability," a company spokesperson wrote on September 15. "The vulnerability was Apache Struts CVE-2017-5638."

Again, that Apache Struts vulnerability was reportedly known in March — meaning the company could very likely have prevented the incident later announced on September 7. The company was aware it had been breached and had the tools to fix a major problem with its site. And yet.

In a statement to Bloomberg, however, Equifax claimed that the two hacks were unrelated. Meanwhile, The Wall Street Journalcites an unnamed source "familiar with the investigation" as saying that it looks like the hack was probably state-sponsored. No information was provided to back up that claim.

This revelation will surely complicate matters for the Equifax executives who sold close to $2 million in stock before the public was alerted to the breach. The Senate Finance Committee is looking into the matter.

最新评论