Educause Security Discussion mailing list archives
Re: Equifax gets pwned... hard.
From: Mahmud Rahman <mrahman () MILLS EDU>
Date: Fri, 8 Sep 2017 09:27:36 -0700
There's an article at arstechnica with a caution about the website set up where you check and enroll. Not very reassuring. What's more, the website www.equifaxsecurity2017.com/, which Equifax created to notify people of the breach, is highly problematic for a variety of reasons. It runs on a stock installation WordPress <https://twitter.com/kennwhite/status/905988701670531072>, a content management system that doesn't provide the enterprise-grade security required for a site that asks people to provide their last name and all but three digits of their Social Security number. The TLS certificate doesn't perform proper revocation checks <https://www.ssllabs.com/ssltest/analyze.html?d=equifaxsecurity2017.com&s=104.20.97.14>. Worse still, the domain name isn't registered to Equifax <https://whois.domaintools.com/equifaxsecurity2017.com>, and its format looks like precisely the kind of thing a criminal operation might use to steal people's details. It's no surprise that Cisco-owned Open DNS was blocking access to the site and warning it was a suspected phishing threat <https://twitter.com/SwiftOnSecurity/status/906005134529966080>. Another indications of sloppiness: a username for administering the site has been left in a page that was hosted here <https://www.equifaxsecurity2017.com/wp-json/wp/v2/users/>. Here's what it looked like before it was taken down at about 8:50 am California time: https://arstechnica.com/information-technology/2017/09/why-the-equifax-breach-is-very-possibly-the-worst-leak-of-personal-info-ever/ Mahmud Rahman MFA '04 Director of Systems and Banner Services, ITS Mills College, Oakland CA (510)430-2257 mrahman () mills edu On Fri, Sep 8, 2017 at 9:04 AM, Roy <roywatt () acm org> wrote:
Hi Dan: Thanks for reminding and sending. One of the questions I am wondering is if we are putting our data "back in danger again" by providing this information? :) Regards, Roy On Fri, Sep 8, 2017 at 11:49 PM, Jones, Dan J <djjones () wpi edu> wrote:This link will allow you to see if your data was included in the breach and to sign up for monitoring. https://www.cnet.com/how-to/equifax-hack-find-out-if-you-wer e-one-of-143-million-hacked/ Dan Jones Worcester Polytechnic Institute -----Original Message----- From: The EDUCAUSE Security Constituent Group Listserv [mailto: SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Valdis Kletnieks Sent: Thursday, September 07, 2017 9:12 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Equifax gets pwned... hard. Not *directly* a higher-ed issue, but it's big enough that the fallout is going to be on *everybody*s radar. "Equifax, one of the three major consumer credit reporting agencies, said on Thursday that hackers had gained access to company data that potentially compromised sensitive information for 143 million American consumers, including Social Security numbers and driver's license numbers. The attack on the company represents one of the largest risks to personally sensitive information in recent years, and is the third major cybersecurity threat for the agency since 2015." Be prepared for all sorts of identity theft attacks and very customized phishes..... https://www.nytimes.com/2017/09/07/business/equifax-cyberattack.html-- This e-mail contains PRIVILEGED AND CONFIDENTIAL INFORMATION intended only for the use of the Individual(s) named above. If you are not the intended recipient of this e-mail, or the employee or agent responsible for delivering this to the intended recipient, you are hereby notified that any dissemination or copying of this e-mail is strictly prohibited. If you have received the message in error, please advise the sender by reply e-mail and delete or destroy the message. Thank you.
Current thread:
- Equifax gets pwned... hard. Valdis Kletnieks (Sep 07)
- Re: Equifax gets pwned... hard. Jones, Dan J (Sep 08)
- Re: Equifax gets pwned... hard. Roy (Sep 08)
- Re: Equifax gets pwned... hard. Mahmud Rahman (Sep 08)
- Re: Equifax gets pwned... hard. Davis, Michael (Sep 08)
- Re: Equifax gets pwned... hard. Roy (Sep 08)
- Re: Equifax gets pwned... hard. Andrew Tristan (Sep 08)
- [POSSIBLE Malware MESSAGE] RE: [SECURITY] Equifax gets pwned... hard. Renee Peters (Sep 08)
- Re: Equifax gets pwned... hard. Roy (Sep 08)
- Re: Equifax gets pwned... hard. Jones, Dan J (Sep 08)