You. Could. Not. Make. This. Up.
Equifax fooled again! Blundering credit biz directs hack attack victims to parody site
You'd have thought that Equifax staff would be on their toes ever since the megahack that exposed the private data of over 143 million Americans but the corporation's social media certainly haven't got the message. When news of the hack was published on September 7, over a month after its scale had been discovered, Equifax set …
COMMENTS
-
-
-
Thursday 21st September 2017 19:08 GMT bombastic bob
Re: Both domains went dark ?
article: "has since been blocked by Google"
Alister: "The real one is equifaxsecurity2017.com."
yeah, I _HOPE_ google doesn't wield THAT kind of power...
It should stay there, for parody/comedic purposes. I laugh in their general direction over at Equifax. I'm tired of companies like that slurping my personal information. They "get it wrong" more often than not. Try applying for a loan some time when there are errors on your credit report...
-
-
-
-
-
Thursday 21st September 2017 16:11 GMT Anonymous Coward
When this thing first exploded, I read a report that the two top execs had allegedly started selling off their stock as soon as they realized what they had done. It would explain why they waited a month to let everyone else know.
If that's what actually happened, I believe they could be charged with defrauding those who bought that stock. Sure hope so.
-
-
-
Thursday 21st September 2017 14:48 GMT Dr Who
What I want to know is whether lenders are still consulting Equifax credit checks when extending credit to private individuals. The scale of technical incompetence at the company is clearly so huge that, breach or no breach, their credit scores cannot possibly be trusted. I suspect their credit scoring algorithm is something like :
int value = rnd.Next(10, 100);
or is that a bit too sophisticated?
-
-
Thursday 21st September 2017 18:53 GMT Anonymous Coward
Re: How
can this company still be in business?
It's the tip of an iceberg.
1, Lenders basing rates on potentially inaccurate data
2. Debt collection agencies adding ridiculous penalties which can be knocked back by the courts
3, Trading in those inflated debts
There's a whiff of subprime crisis here.
-
-
Thursday 21st September 2017 17:22 GMT Mark 85
Re: Why a new domain name?
Oh yeah. These people are idiots. Asked and answered.
Idiots indeed. And let's add "panic", "fear", and the resulting mayhem. The two steaming piles at the top were more concerned about their stock portfolio than the company.. that's obvious. So add "no leadership". I imagine the IT area is in heavy turmoil due to the outsourcing and no one really having a clue. All they can do is react and probably not with any kind of logic at this point.
Now if this seems sympathetic.. it's not. I have sympathy for the grunts in the trenches but none whatsoever for the clowns in charge.
-
Thursday 21st September 2017 18:09 GMT Anonymous Coward
Re: Why a new domain name?
Pretty obvious why. They knew the site would get a huge number of hits, and knew their existing web servers couldn't take the load. They probably had clueless admins who thought the only solution was registering a new domain and getting external hosting.
What they should have done is talk to someone like akamai. They could have had a link prominently displayed on their home page to take them to the site that does the testing, and it could have been a subdomain of their own - like security2017.equifax.com or whatever. That would have made people a lot more comfortable, and prevented a lot of this horseshit.
Can't believe their IT team didn't contact someone for help instead of trying to figure out how to host this high demand "check if you are affected" site on their own!
-
Thursday 21st September 2017 18:35 GMT Adam 52
Re: Why a new domain name?
They did go to someone like Akamai - CloudFlare.
I suspect this who episode was handled by a corporate PR or marketing team, who didn't involve the local techies (possibly fearing a premature leak, which would have been inevitable).
Besides which if someone came to you and said "I've just lost shed loads of personal data, may I borrow your SSL certificate?" what would you do?
-
Thursday 21st September 2017 18:48 GMT handleoclast
Re: Why a new domain name?
A better question would by why equifaxsecurity2017.com?
Presumably because they expect to have a different major fuck-up in 2018. And yet another one in 2019. Etc.
Of course, this strategy will fail. So they'll have to register equifaxsecurity2018q1.com etc. Or maybe equifaxsecurity2018january.com. etc.
-
-
-
-
Thursday 21st September 2017 17:55 GMT Anonymous Coward
Clearly...
The MFWICs* are too busy preparing their golden parachutes to worry about fixing the flaming wreckage they leave behind. Everybody from middle-management up is interviewing with other companies (esp. competitors) so that they can talk about "leading a top financial services company" before they need to add the words "right into an abyss of damnation."
Same as it ever was.
*MFWIC: Mother F(*+) What's In Charge
-
Thursday 21st September 2017 19:39 GMT macaroo
Playing Games
I object with these pointy headed individuals playing games with our most private information. I have conceited that most of my information has been leaked and resides on the Dark Web to be used and resold many times in the future. I have put security freezes on all of my accounts, but the existing CC account are still exposed.
-
Friday 22nd September 2017 20:00 GMT Captain Badmouth
Careful me...
I do not have internet banking for my major credit card nor my bank account. I do for cards which I use for internet purchases etc. The fact that I may have forgotten, or made a late payment hoists a red flag somewhere such that these bastards can gather info on me, and then hold that info. in an electronic colander administered by security personnel with no conception of the phrase, really grips my shit.
Cash in the pocket from now on?
-
Saturday 23rd September 2017 17:17 GMT Wensleydale Cheese
Re: Careful me...
"Cash in the pocket from now on?"
Hang on to your cash. This dash to digitise payments is dangerous
-