Equifax 2017 Data Breach: Case Study
Added on 2022-11-25
10 Pages2563 Words306 Views
Running Head: Case Study
EQUIFAX 2017 DATA BREACH
Name of the Student
Name of the University
Author’s Note
EQUIFAX 2017 DATA BREACH
Name of the Student
Name of the University
Author’s Note
CASE STUDY1
Overview:
In September 2017, a case was limelight where Equifax revealed that a data breach hack
had spilled the personal details of approximately 147 million people for which, the company was
undertaken to the terms of global settlement with the Federal Trade Commission, the Consumer
Financial Protection Bureau, and the governments of 50 states and territories of the United
States. The settlement amount payable by the company to the global institutions amounted to
approximately 425million$ in order to extend assistance to the people who have been victimized
by such breach of data.
The annual reports of Equifax express that that the company was in troubled tone and yet
threw a deaf ear to the alarming bells of the cybersecurity alerts. The subject matter of the case
was that the taxonomy of the cyber-security. It was breached by the spillage of personal data
leading to the vulnerability of such information. Hence, the scale of government and citizen
protection was starkly affected by losing the identity of the digital era. The consequences of such
protection are not predicted by the people or any organization leading to the fall of the digital
media of storage of information.
According to Motherboard 2017, the security researchers had gained access to the servers
of the company. The vulnerabilities related to the same was reported. However, the company did
not give much attention to the report, and the portals were still in activation till later in June, and
further then, the breaches had begun. However, it can be analyzed that the same portal was not
targeted for the repeated breach. Multiple portals were targeted, which has been assumed to have
been conducted by multiple parties. According to Riley 2017, reported that the company had
suffered a huge blow of victimization due to the breach of the computer systems of the company.
Overview:
In September 2017, a case was limelight where Equifax revealed that a data breach hack
had spilled the personal details of approximately 147 million people for which, the company was
undertaken to the terms of global settlement with the Federal Trade Commission, the Consumer
Financial Protection Bureau, and the governments of 50 states and territories of the United
States. The settlement amount payable by the company to the global institutions amounted to
approximately 425million$ in order to extend assistance to the people who have been victimized
by such breach of data.
The annual reports of Equifax express that that the company was in troubled tone and yet
threw a deaf ear to the alarming bells of the cybersecurity alerts. The subject matter of the case
was that the taxonomy of the cyber-security. It was breached by the spillage of personal data
leading to the vulnerability of such information. Hence, the scale of government and citizen
protection was starkly affected by losing the identity of the digital era. The consequences of such
protection are not predicted by the people or any organization leading to the fall of the digital
media of storage of information.
According to Motherboard 2017, the security researchers had gained access to the servers
of the company. The vulnerabilities related to the same was reported. However, the company did
not give much attention to the report, and the portals were still in activation till later in June, and
further then, the breaches had begun. However, it can be analyzed that the same portal was not
targeted for the repeated breach. Multiple portals were targeted, which has been assumed to have
been conducted by multiple parties. According to Riley 2017, reported that the company had
suffered a huge blow of victimization due to the breach of the computer systems of the company.
CASE STUDY2
Further, it was reported that in early March the company had notified certain banking customers
and others about such breach. Mandiant owned by FireEye, Inc. was reported to have been
appointed to assist the company in investigating the cyber-attack of March 2017. According to
Haselton 2017, a major breach was again reported in September 2017, and in that breach, more
than 145 million US customers were affected. However, the breach was criticized by some
scholars on various grounds. On such critic, Anders 2017, explained that the Equifax officials
had sold their maximum personal holdings days after the breach; however, the reporting of such
breach was made only a month later.
The company was imposed a fine by the Federal Trade Commission for the two
occasions of the breach as identified under the Fair Credit Reporting Act. Further, the software
engineer of the company was charged with the offence of the insider trading for the purchasing
options in relation to the data breach that took place in 2017.
Concept of Theories:
There are two theories which have been selected for the analysis of the breach of the data of the
company in 2017. These two concepts are:
The general theory of law: this theory is also called the self-control theory of crime
where the individual lacks the self-control to resist himself or herself from the lure
resulting in the commission or the omission of the act constituting the crime. The
individual self-control is the driving factor in the theory to assess the motive behind the
commission of such crime. According to Mark, Pogarsky and Shmueli 2006, this theory
of law states that the individuals who are affected by the ways of parenting before the age
of ten develop less self-control than those who were raised in better parenting guidances.
Further, it was reported that in early March the company had notified certain banking customers
and others about such breach. Mandiant owned by FireEye, Inc. was reported to have been
appointed to assist the company in investigating the cyber-attack of March 2017. According to
Haselton 2017, a major breach was again reported in September 2017, and in that breach, more
than 145 million US customers were affected. However, the breach was criticized by some
scholars on various grounds. On such critic, Anders 2017, explained that the Equifax officials
had sold their maximum personal holdings days after the breach; however, the reporting of such
breach was made only a month later.
The company was imposed a fine by the Federal Trade Commission for the two
occasions of the breach as identified under the Fair Credit Reporting Act. Further, the software
engineer of the company was charged with the offence of the insider trading for the purchasing
options in relation to the data breach that took place in 2017.
Concept of Theories:
There are two theories which have been selected for the analysis of the breach of the data of the
company in 2017. These two concepts are:
The general theory of law: this theory is also called the self-control theory of crime
where the individual lacks the self-control to resist himself or herself from the lure
resulting in the commission or the omission of the act constituting the crime. The
individual self-control is the driving factor in the theory to assess the motive behind the
commission of such crime. According to Mark, Pogarsky and Shmueli 2006, this theory
of law states that the individuals who are affected by the ways of parenting before the age
of ten develop less self-control than those who were raised in better parenting guidances.
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
Equifax Data Breach: Incident Report and Analysislg...
|13
|4146
|67
Equifax Data Breach of 2017: Overview, Causes, and Impact | Deskliblg...
|13
|596
|118
Internet Technology Security Assignmentlg...
|12
|3340
|51
The Benefits of Risk Management Planninglg...
|12
|2705
|16
Summary of Attack | Computer and Network Securitylg...
|7
|1353
|29
Network Security Conceptslg...
|5
|1209
|214