Equifax, reeling after the alleged executive stock sales prior to disclosure of a breach impacting 143 million consumers’ aggregated credit data, suffered a major stock drop.
ABA Legal Rebel, Josh Browder, modified his parking ticket bot to generate the small claims forms to sue Equifax for $25,000 without a lawyer. Browder, whose information was part of the breach, is quoted as saying, “I hope that my product will replace lawyers, and, with enough success, bankrupt Equifax.”
Zeynap Tufekci, in the New York Times, cuts most deeply comparing the credit impacting consequences of her late library book return to the consequences the executives at Equifax for the breach. She calls the breach “maddening” because of the “unforgiving way” the credit industry handles the smallest credit blemishes.
Originally blaming an open source software vulnerability for the breach, the company later named an unpatched Apache Struts application.
According to Bloomberg, Rene Gielen, vice president at the Apache Software Foundation, said in an email to Bloomberg Thursday that the group doesn’t have reliable information on how long it takes companies to apply patches for vulnerabilities. While firms usually act within hours or days after an announcement, some companies don’t patch for years, he said.
According to Ars Technica, in its coverage last March of the mitigation of the Struts vulnerability, patching the “security hole was labor intensive and difficult, in part because it involved downloading an updated version of Struts and then using it to rebuild all apps that used older, buggy Struts versions.”
MoFo’s John P. Carlin and David Newman critique the Equifax response, with tips for future breaches in CNBC. MoFo stated that the response should never be part of the problem. Initially, consumers inquiring about whether their information was part of the breach appeared to need to waive future litigation rights.
As shocking as this breach was, it is not the first and is not the last. Kim Crawley compares some of the more recent high profile breaches, including root causes and the public relations handling in this article.
I wanted a certification that separates me from my peers. Upon discovering CEDS, I was convinced this was exactly the type of distinction I had been seeking. Since achieving CEDS certification, I’ve noticed immediate recognition from my organization, colleagues, and current and prospective clients.They acknowledge they are more comfortable working with a person who has taken time to seek such certification. CEDS has certainly been worth the small investment and should continue to beget returns for years and years to come.
Andrew Bayer, CEDS
I get bombarded with all kinds of e-discovery stuff – news, blogs and whatnot. Let me tell you, you guys send the absolute best! I send it to all my partners and sales folks. I said, who are these guys? I have to get to know them better!
Kevin Glass, CEO
As a trial lawyer, day-to-day information processing is daunting for my client service. I’ve come to rely on ACEDS to keep me on the ‘edge’ of the curve on e-discovery. It’s a source I ‘ping’ ASAP.