Parliamentarians announced a report (PDF) explaining how the credit watch company was hacked on the anniversary of Equifax 's serious breach.
This report is from Government Accountability Office, a federal government supervisor. GAO reviewed the Equifax document and its cyber security consultant file and decided how the company was hacked and what kind of credit monitoring service should be introduced to protect himself.
The monitoring team also discovered that Equifax refused assistance from the Department of Homeland Security and, instead, a private third party cyber security company chose to manage response to the violation.
The attack process began on March 10th. The hackers searched the vulnerable server that the US – CERT warned two days ago on the Web. Two months later, on May 13, they acquired a jackpot through the Equifax Dispute Resolution Portal (a section where people can go to credit monitoring service).
There, hackers used vulnerability Apache Struts which Equifax had knowledge several months ago, but could not solve the problem.
Hope you like the above news
Equifax hacking in a year: Back to the situation
. Stay Tuned For More Updates :)