We’ve been stating that the Equifax cyber breach was entirely preventable since we launched our legal action for compensation last year.
Equifax failed to patch a known security vulnerability. On top of that, their staff failed to identify the ongoing vulnerability. To make things worse, they didn’t even spot the data being lifted for months and months.
Although we’ve known this for a while, it’s good to see the same statements from external reports. Unsurprisingly, another report has highlighted this important fact. It’s a fact that means we’re confident in securing compensation in the legal action we’ve launched.
Government report states Equifax cyber breach “entirely preventable”
A recent US government report joins the long list of organisations who have labelled the Equifax cyber breach as “entirely preventable”.
The report highlights the key facts of the case that demonstrates why this breach should never have happened in the first place.
Equifax field failed secure their systems; failed to identify the weakness; and failed to spot the hacking was taking place.
How the Equifax cyber breach was allowed to happen
The Equifax cyber breach was allowed to happen because of a number of failures on the organisation’s part.
Firstly, their engineers failed to patch a known security vulnerability. Secondly, their staff failed to realise that the vulnerability was still there. Thirdly, the device that was used to monitor network traffic had been inactive for over a year and a half. This was due to an expired security certificate. Only when the security certificate was finally updated did the ACIS (Automated Consumer Interview System) identify the suspicious traffic on their site. An IP address originating from China was spotted, and they realised a breach had taken place.
But this all came far too late. This litany of errors resulted in a huge company with a wealth of data to be hacked with relative ease.
It’s not too late to join the Equifax cyber breach compensation action
We launched our Equifax cyber breach legal action for data breach compensation last year. If you’ve yet to join, you still have time to get involved.
Please see our help page for more information and contact the team using the form at the base of the page for legal advice.
We’re still offering No Win, No Fee representation for victims of the breach.