Question

On September 7, 2017, Equifax announced a massive security breach. While the breach was originally discovered...

On September 7, 2017, Equifax announced a massive security breach. While the breach
was originally discovered on July 29, the announcement was delayed by several
months. An estimated 145 million US consumers were affected. The breach resulted in
the loss of the following details:
 • Names
 • Social Security numbers
 • Birth dates
 • Addresses
 • Driver license numbers (at least in some cases)
Equifax attributes the breach to a website application vulnerability that was exploited
by criminals. The Apache Software Foundation believes that the vulnerability was
possibly caused by the March Struts bug. Experts allege that once a vulnerability is
exploited, it allows attackers to gain a foothold. Generally, following the exploit, the
attacker becomes a system user and hence owns the web server process.
There are mounting concerns that Equifax could have prevented the breach if simple
procedures and best practices were followed. Equifax has been accused of
incompetence in regard to the protection of individual data and irresponsible behavior
in responding to the breach. A patch for the website application vulnerability that was
exploited was available several months before the attack, in March 2017. Even though
Equifax had more than two months to take remedial actions and apply the patch, no
action was taken.
There are several questions that emerge. Is Equifax competent enough to be the data
steward for the public? Why did Equifax take so long to notify the public? Interestingly,
the website set up by Equifax to address questions about the breach and offer free credit
monitoring was itself vulnerable. Why was Equifax so negligent in handling and
responding to the breach?
1. 1. Develop an ideal response strategy for Equifax.
2. 2. Suggest how:
1. a. A technical security strategy could have helped Equifax
2. b. A formally defined process could have helped Equifax
3. c. A normatively developed approach could have helped Equifax
3. 3. Following the breach, what could Equifax have done to protect their reputation?

Answer the questions based on what happened after the breach

Engineering   Computer-Science   
0 0
Add a commentTranscribed image text
Next >

Homework Answers

Answer #1

People check the integrity of their records consequently ,a few people typed in obviously phony information and were informed impacted by this incident.

Now there is one thing Equifax did right because of professionals we should always strive to seek teachable moment.Companies take their time in letting people know their information been stolen.

Hackers access database that has personal data for 143 million Americans from credit reporting agency Equifax.This hack is particularly bad .

Equifax hold exactly the kind of information that instructions use to verify people information and protect against hackers.

Lawmakers have suggested data breach laws along with data security.

For credit report protect their reputations by high grade people.

0 0
Know the answer?
Your Answer:

Post as a guest

Your Name:

What's your source?

Earn Coins

Coins can be redeemed for fabulous gifts.

Log In

Sign Up

Not the answer you're looking for?
Ask your own homework help question
Similar Questions
Using the model proposed by Lafley and Charan, analyze how Apigee was able to drive innovation....
Using the model proposed by Lafley and Charan, analyze how Apigee was able to drive innovation. case:    W17400 APIGEE: PEOPLE MANAGEMENT PRACTICES AND THE CHALLENGE OF GROWTH Ranjeet Nambudiri, S. Ramnarayan, and Catherine Xavier wrote this case solely to provide material for class discussion. The authors do not intend to illustrate either effective or ineffective handling of a managerial situation. The authors may have disguised certain names and other identifying information to protect confidentiality. This publication may not be...
For months, Daniel Zhang huddled with a small team in an underground garage in Shanghai. The...
For months, Daniel Zhang huddled with a small team in an underground garage in Shanghai. The chief executive of Alibaba Group Holdings Ltd. was working on a secret plan that would sound crazy even to many of his own colleagues 100 miles away in Hangzhou. Zhang wanted to launch a startup inside the e-commerce giant that would combine a grocery store, a restaurant, and a delivery app, using robotics and facial recognition to speed up logistics and payment. That project,...
What role could the governance of ethics have played if it had been in existence in...
What role could the governance of ethics have played if it had been in existence in the organization? Assess the leadership of Enron from an ethical perspective. THE FALL OF ENRON: A STAKEHOLDER FAILURE Once upon a time, there was a gleaming headquarters office tower in Houston, with a giant tilted "£"' in front, slowly revolving in the Texas sun. The Enron Corporation, which once ranked among the top Fortune 500 companies, collapsed in 2001 under a mountain of debt...
Discuss ethical issues that can be identified in this case and the mode of managing ethics...
Discuss ethical issues that can be identified in this case and the mode of managing ethics Enron finds itself in this case. How would you describe the ethical culture and levels of trust at Enron? Provide reasons for your assessment. THE FALL OF ENRON: A STAKEHOLDER FAILURE Once upon a time, there was a gleaming headquarters office tower in Houston, with a giant tilted "£"' in front, slowly revolving in the Texas sun. The Enron Corporation, which once ranked among...
What tools could AA leaders have used to increase their awareness of internal and external issues?...
What tools could AA leaders have used to increase their awareness of internal and external issues? ???ALASKA AIRLINES: NAVIGATING CHANGE In the autumn of 2007, Alaska Airlines executives adjourned at the end of a long and stressful day in the midst of a multi-day strategic planning session. Most headed outside to relax, unwind and enjoy a bonfire on the shore of Semiahmoo Spit, outside the meeting venue in Blaine, a seaport town in northwest Washington state. Meanwhile, several members of...
Delta airlines case study Global strategy. Describe the current global strategy and provide evidence about how...
Delta airlines case study Global strategy. Describe the current global strategy and provide evidence about how the firms resources incompetencies support the given pressures regarding costs and local responsiveness. Describe entry modes have they usually used, and whether they are appropriate for the given strategy. Any key issues in their global strategy? casestudy: Atlanta, June 17, 2014. Sea of Delta employees and their families swarmed between food trucks, amusement park booths, and entertainment venues that were scattered throughout what would...
ADVERTISEMENT
Need Online Homework Help?

Get Answers For Free
Most questions answered within 1 hours.

Ask a Question
ADVERTISEMENT