{"id":13044,"date":"2017-09-19T17:46:06","date_gmt":"2017-09-20T01:46:06","guid":{"rendered":"http:\/\/associatednews.info\/content\/equifax-confirms-another-security-incident\/"},"modified":"2017-09-19T17:46:06","modified_gmt":"2017-09-20T01:46:06","slug":"equifax-confirms-another-security-incident","status":"publish","type":"post","link":"https:\/\/associatednews.info\/content\/equifax-confirms-another-security-incident\/","title":{"rendered":"Equifax Confirms Another &#039;Security Incident&#039;"},"content":{"rendered":"<p><span style=\"font-style:italic;font-size:16px\">By  <a target=\"_blank\" href=\"http:\/\/www.npr.org\/sections\/thetwo-way\/2017\/09\/19\/552124551\/equifax-confirms-another-security-incident?utm_medium=RSS&amp;utm_campaign=business\">Merrit Kennedy<\/a><\/span>  <\/p>\n<div class=\"ftpimagefix\" style=\"float:left\"><a target=\"_blank\" rel=\"nofollow\" href=\"http:\/\/www.npr.org\/sections\/thetwo-way\/2017\/09\/19\/552124551\/equifax-confirms-another-security-incident?utm_medium=RSS&amp;utm_campaign=business\"><img decoding=\"async\" width=\"150\" src=\"https:\/\/media.npr.org\/assets\/img\/2017\/09\/19\/ap_17262506643541-ebd624f75e5ed31cf4b9da67df38b421cf15ab87-s800-c15.jpg\" alt><\/p>\n<div><a target=\"_blank\" rel=\"nofollow\" href=\"https:\/\/media.npr.org\/assets\/img\/2017\/09\/19\/ap_17262506643541-ebd624f75e5ed31cf4b9da67df38b421cf15ab87-s1200.jpg\"><\/a><\/div>\n<div>\n<div>\n<div><a target=\"_blank\" rel=\"nofollow\" href=\"https:\/\/media.npr.org\/assets\/img\/2017\/09\/19\/ap_17262506643541-ebd624f75e5ed31cf4b9da67df38b421cf15ab87-s1200.jpg\">Enlarge this image<\/a><\/div>\n<\/div>\n<div>\n<div>\n<div>\n<p>\n                Equifax was hit with a cyberattack before the one revealed earlier this month, and the hackers seem to have had many months of access to consumers&#8217; information.<\/p>\n<p>                <b><\/p>\n<p>                    Mike Stewart\/AP<\/p>\n<p>                <\/b><b><b>hide caption<\/b><\/b><\/p>\n<\/div>\n<p><b><b>toggle caption<\/b><\/b><\/div>\n<p><span><\/p>\n<p>        Mike Stewart\/AP<\/p>\n<p>    <\/span><\/div>\n<\/div>\n<p>After the revelation that a cybersecurity breach at the international credit reporting agency Equifax exposed personal information of 143 million people, the company has confirmed an additional security incident with a payroll-related service in the months prior. It says the two are unrelated.<\/p>\n<p>Equifax is already struggling to regain public trust after it waited at least a month to disclose to consumers that the cyberattack potentially impacted their personal information, such as names, Social Security numbers, birth dates, addresses and, in some cases, driver&#8217;s license numbers and credit card information.<\/p>\n<p>&#8220;Earlier this year, during the 2016 tax season, Equifax experienced a security incident involving a payroll-related service,&#8221; an Equifax spokesperson told NPR. &#8220;The incident was reported to customers, affected individuals and regulators. This incident was also covered in the media.&#8221;<\/p>\n<p>The company spokesperson <a target=\"_blank\" rel=\"nofollow\" href=\"https:\/\/www.bloomberg.com\/news\/articles\/2017-09-18\/equifax-is-said-to-suffer-a-hack-earlier-than-the-date-disclosed\">disputes a Bloomberg report released Monday<\/a>, where an unnamed source &#8220;said the breaches involved the same intruders.&#8221; The company adds that the same security company, Mandiant, &#8220;has investigated both events and found no evidence that these two separate events or the attackers were related.&#8221;<\/p>\n<aside>\n<div><\/div>\n<\/aside>\n<aside>\n<div><\/div>\n<\/aside>\n<p><!-- END ID=\"RES552125488\" CLASS=\"BUCKETWRAP INTERNALLINK INSETTWOCOLUMN INSET2COL \" --><\/p>\n<p>Equifax&#8217;s spokesperson characterizes this second breach as the &#8220;March event.&#8221; However, it appears that the incident in question may have lasted considerably longer than a single month. When asked for information about previous media coverage, Equifax pointed NPR to <a target=\"_blank\" rel=\"nofollow\" href=\"https:\/\/krebsonsecurity.com\/2017\/05\/fraudsters-exploited-lax-security-at-equifaxs-talx-payroll-division\/\">coverage in KrebsonSecurity<\/a>.<\/p>\n<p>That article describes a breach at TALX Corporation, an Equifax subsidiary also called Equifax Workforce Solutions, where &#8220;crooks were able to reset the 4-digit PIN given to customer employees as a password and then steal W-2 tax data after successfully answering personal questions about those employees.&#8221;<\/p>\n<p>Krebs reported that Equifax said the breach happened over the course of nearly a year: &#8220;unauthorized access to customers&#8217; employee tax records happened between April 17, 2016 and March 29, 2017.&#8221;<\/p>\n<p>Equifax did not immediately confirm these details. It&#8217;s not clear how many organizations were impacted, though Krebs links to documentation of breaches at five organizations, including Northrop Grumman and the University of Louisville.<\/p>\n<p><!-- END ID=\"RES552125602\" CLASS=\"BUCKETWRAP INTERNALLINK INSETTWOCOLUMN INSET2COL \" --><\/p>\n<p><a target=\"_blank\" rel=\"nofollow\" href=\"http:\/\/www.louisvillecardinal.com\/2017\/04\/hackers-steal-university-employee-tax-info\/\">According to The Louisville Cardinal<\/a>, the University of Louisville&#8217;s student paper, the university stated that some &#8220;750 employees had &#8216;suspicious activity&#8217; surrounding their online TALX Tax Express accounts when someone tried to reset PIN numbers.&#8221;<\/p>\n<p>Other reports date back to early 2016. A notice of data breach from Kroger executives states that the incident began in late January of that year. <a target=\"_blank\" rel=\"nofollow\" href=\"https:\/\/www.doj.nh.gov\/consumer\/security-breaches\/documents\/kroger-20160525.pdf\">In a document released by New Hampshire&#8217;s attorney general<\/a>, the Kroger executives say that hackers &#8220;accessed the default website using default login information based on Social Security Numbers and dates of birth, which we believe were obtained from some other source.&#8221;<\/p>\n<p>The thieves then used the access to employees&#8217; W-2 forms to potentially &#8220;file tax returns in their names to claim a refund.&#8221;<\/p>\n<p>A Georgia man employed at Kroger filed a federal lawsuit against Equifax and its subsidiary in May 2016 over the breach, seeking class action status. In it, Betzalel Yochanan claimed that the breach happened &#8220;because Equifax failed to implement adequate security measures to safeguard consumers&#8217; Personal Identifying Information (&#8216;PII&#8217;) and willfully ignored known weaknesses in its data security, including prior hacks into its information systems.&#8221;<\/p>\n<p>Yochanan voluntarily dismissed the lawsuit the following month, without providing a reason.<\/p>\n<p><em>NPR&#8217;s Sarah Knight contributed to this report.<\/em><\/p>\n<p><strong><a target=\"_blank\" rel=\"nofollow\" href=\"https:\/\/blockads.fivefilters.org\/\">Let&#8217;s block ads!<\/a><\/strong> <a target=\"_blank\" rel=\"nofollow\" href=\"https:\/\/blockads.fivefilters.org\/acceptable.html\">(Why?)<\/a><\/p>\n<p>Source:: <a href=\"http:\/\/www.npr.org\/sections\/thetwo-way\/2017\/09\/19\/552124551\/equifax-confirms-another-security-incident?utm_medium=RSS&amp;utm_campaign=business\" target=\"_blank\" title=\"Equifax Confirms Another &#039;Security Incident&#039;\" rel=\"nofollow\">http:\/\/www.npr.org\/sections\/thetwo-way\/2017\/09\/19\/552124551\/equifax-confirms-another-security-incident?utm_medium=RSS&amp;utm_campaign=business<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<div class=\"ftpimagefix\" style=\"float:left\"><a target=\"_blank\" rel=\"nofollow\" href=\"http:\/\/www.npr.org\/sections\/thetwo-way\/2017\/09\/19\/552124551\/equifax-confirms-another-security-incident?utm_medium=RSS&amp;utm_campaign=business\"><img decoding=\"async\" width=\"150\" src=\"https:\/\/media.npr.org\/assets\/img\/2017\/09\/19\/ap_17262506643541-ebd624f75e5ed31cf4b9da67df38b421cf15ab87-s800-c15.jpg\" alt><\/p>\n<div><a target=\"_blank\" rel=\"nofollow\" href=\"https:\/\/media.npr.org\/assets\/img\/2017\/09\/19\/ap_17262506643541-ebd624f75e5ed31cf4b9da67df38b421cf15ab87-s1200.jpg\"><\/a><\/div>\n<div>\n<div>\n<div><a target=\"_blank\" rel=\"nofollow\" href=\"https:\/\/media.npr.org\/assets\/img\/2017\/09\/19\/ap_17262506643541-ebd624f75e5ed31cf4b9da67df38b421cf15ab87-s1200.jpg\">Enlarge this image<\/a><\/div>\n<\/div>\n<div>\n<div>\n<div>\n<p>\n                Equifax was hit with a cyberattack before the one revealed earlier this month, and the hackers seem to have had many months of access to consumers&#8217; information.<\/p>\n<p>                <b><\/p>\n<p>                    Mike Stewart\/AP<\/p>\n<p>                <\/b><b><b>hide caption<\/b><\/b><\/p>\n<\/div>\n<p><b><b>toggle caption<\/b><\/b><\/div>\n<p><span><\/p>\n<p>        Mike Stewart\/AP<\/p>\n<p>    <\/span><\/div>\n<\/div>\n<p>After the revelation that a cybersecurity breach at the international credit reporting agency Equifax exposed personal information of 143 million people, the company has confirmed an additional security incident with a payroll-related service in the months prior. It says the two are unrelated.<\/p>\n<p>Equifax is already struggling to regain public trust after it waited at least a month to disclose to consumers that the cyberattack potentially impacted their personal information, such as names, Social Security numbers, birth dates, addresses and, in some cases, driver&#8217;s license numbers and credit card information.<\/p>\n<p>&#8220;Earlier this year, during the 2016 tax season, Equifax experienced a security incident involving a payroll-related service,&#8221; an Equifax spokesperson told NPR. &#8220;The incident was reported to customers, affected individuals and regulators. This incident was also covered in the media.&#8221;<\/p>\n<p>The company spokesperson <a target=\"_blank\" rel=\"nofollow\" href=\"https:\/\/www.bloomberg.com\/news\/articles\/2017-09-18\/equifax-is-said-to-suffer-a-hack-earlier-than-the-date-disclosed\">disputes a Bloomberg report released Monday<\/a>, where an unnamed source &#8220;said the breaches involved the same intruders.&#8221; The company adds that the same security company, Mandiant, &#8220;has investigated both events and found no evidence that these two separate events or the attackers were related.&#8221;<\/p>\n<aside>\n<div><\/div>\n<\/aside>\n<aside>\n<div><\/div>\n<\/aside>\n<p><!-- END ID=\"RES552125488\" CLASS=\"BUCKETWRAP INTERNALLINK INSETTWOCOLUMN INSET2COL \" --><\/p>\n<p>Equifax&#8217;s spokesperson characterizes this second breach as the &#8220;March event.&#8221; However, it appears that the incident in question may have lasted considerably longer than a single month. When asked for information about previous media coverage, Equifax pointed NPR to <a target=\"_blank\" rel=\"nofollow\" href=\"https:\/\/krebsonsecurity.com\/2017\/05\/fraudsters-exploited-lax-security-at-equifaxs-talx-payroll-division\/\">coverage in KrebsonSecurity<\/a>.<\/p>\n<p>That article describes a breach at TALX Corporation, an Equifax subsidiary also called Equifax Workforce Solutions, where &#8220;crooks were able to reset the 4-digit PIN given to customer employees as a password and then steal W-2 tax data after successfully answering personal questions about those employees.&#8221;<\/p>\n<p>Krebs reported that Equifax said the breach happened over the course of nearly a year: &#8220;unauthorized access to customers&#8217; employee tax records happened between April 17, 2016 and March 29, 2017.&#8221;<\/p>\n<p>Equifax did not immediately confirm these details. It&#8217;s not clear how many organizations were impacted, though Krebs links to documentation of breaches at five organizations, including Northrop Grumman and the University of Louisville.<\/p>\n<p><!-- END ID=\"RES552125602\" CLASS=\"BUCKETWRAP INTERNALLINK INSETTWOCOLUMN INSET2COL \" --><\/p>\n<p><a target=\"_blank\" rel=\"nofollow\" href=\"http:\/\/www.louisvillecardinal.com\/2017\/04\/hackers-steal-university-employee-tax-info\/\">According to The Louisville Cardinal<\/a>, the University of Louisville&#8217;s student paper, the university stated that some &#8220;750 employees had &#8216;suspicious activity&#8217; surrounding their online TALX Tax Express accounts when someone tried to reset PIN numbers.&#8221;<\/p>\n<p>Other reports date back to early 2016. A notice of data breach from Kroger executives states that the incident began in late January of that year. <a target=\"_blank\" rel=\"nofollow\" href=\"https:\/\/www.doj.nh.gov\/consumer\/security-breaches\/documents\/kroger-20160525.pdf\">In a document released by New Hampshire&#8217;s attorney general<\/a>, the Kroger executives say that hackers &#8220;accessed the default website using default login information based on Social Security Numbers and dates of birth, which we believe were obtained from some other source.&#8221;<\/p>\n<p>The thieves then used the access to employees&#8217; W-2 forms to potentially &#8220;file tax returns in their names to claim a refund.&#8221;<\/p>\n<p>A Georgia man employed at Kroger filed a federal lawsuit against Equifax and its subsidiary in May 2016 over the breach, seeking class action status. In it, Betzalel Yochanan claimed that the breach happened &#8220;because Equifax failed to implement adequate security measures to safeguard consumers&#8217; Personal Identifying Information (&#8216;PII&#8217;) and willfully ignored known weaknesses in its data security, including prior hacks into its information systems.&#8221;<\/p>\n<p>Yochanan voluntarily dismissed the lawsuit the following month, without providing a reason.<\/p>\n<p><em>NPR&#8217;s Sarah Knight contributed to this report.<\/em><\/p>\n<p><strong><a target=\"_blank\" rel=\"nofollow\" href=\"https:\/\/blockads.fivefilters.org\/\">Let&#8217;s block ads!<\/a><\/strong> <a target=\"_blank\" rel=\"nofollow\" href=\"https:\/\/blockads.fivefilters.org\/acceptable.html\">(Why?)<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[19],"tags":[],"class_list":["post-13044","post","type-post","status-publish","format-standard","hentry","category-business-2"],"_links":{"self":[{"href":"https:\/\/associatednews.info\/content\/wp-json\/wp\/v2\/posts\/13044","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/associatednews.info\/content\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/associatednews.info\/content\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/associatednews.info\/content\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/associatednews.info\/content\/wp-json\/wp\/v2\/comments?post=13044"}],"version-history":[{"count":0,"href":"https:\/\/associatednews.info\/content\/wp-json\/wp\/v2\/posts\/13044\/revisions"}],"wp:attachment":[{"href":"https:\/\/associatednews.info\/content\/wp-json\/wp\/v2\/media?parent=13044"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/associatednews.info\/content\/wp-json\/wp\/v2\/categories?post=13044"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/associatednews.info\/content\/wp-json\/wp\/v2\/tags?post=13044"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}