Data Breach Equifax
Added on 2022-12-15
12 Pages2129 Words319 Views
Running Head: DATA BREACH EQUIFAX
DATA BREACH EQUIFAX
Name of the Student
Name of the University
Author note
DATA BREACH EQUIFAX
Name of the Student
Name of the University
Author note
DATA BREACH EQUIFAX1
Table of Contents
Question 1........................................................................................................................................2
Question 2........................................................................................................................................3
Question 3........................................................................................................................................4
Question 4........................................................................................................................................5
References........................................................................................................................................8
Table of Contents
Question 1........................................................................................................................................2
Question 2........................................................................................................................................3
Question 3........................................................................................................................................4
Question 4........................................................................................................................................5
References........................................................................................................................................8
DATA BREACH EQUIFAX2
Chosen Case study: Data Breach Equifax, 2017
Question 1
Key actors and their role
Victim: This set of stakeholder were attacked and their data were breached.
Attacker: This set of stakeholder were the reason behind the attack.
Department of Homeland Security: They were acting as the guardian and also warned
Equifax
Equifax: Equifax is the organization that got affected.
Outcome and consequences of the case
The outcome of the Equifax data breach, 2017 has been immense. Equifax has been the
one of the top three consumer credit reporting agency. The mass strength that it has is immense.
This leads to the fact that they have been dealing with a huge amount of data. Hence the after
effect of the data breach has been immense as well. There has been a total of 148 million
Americans who were compromised in this attack. The data that got breached includes the likes of
personal data of the victims (Gressin 2017). The data includes information regarding the name of
the victims and the address of the same. The date of birth of the victims are also considered in
this case. Data theft from the data present in the license number also acts as an issue. It was seen
that a total of 209,000 victims were facing issues regarding the breaching of credit card data. It is
seen that the scale of the attack have been the main reason of concern (Solove and Citron 2017).
A total loss of $630 million has been marked in the entire process.
Chosen Case study: Data Breach Equifax, 2017
Question 1
Key actors and their role
Victim: This set of stakeholder were attacked and their data were breached.
Attacker: This set of stakeholder were the reason behind the attack.
Department of Homeland Security: They were acting as the guardian and also warned
Equifax
Equifax: Equifax is the organization that got affected.
Outcome and consequences of the case
The outcome of the Equifax data breach, 2017 has been immense. Equifax has been the
one of the top three consumer credit reporting agency. The mass strength that it has is immense.
This leads to the fact that they have been dealing with a huge amount of data. Hence the after
effect of the data breach has been immense as well. There has been a total of 148 million
Americans who were compromised in this attack. The data that got breached includes the likes of
personal data of the victims (Gressin 2017). The data includes information regarding the name of
the victims and the address of the same. The date of birth of the victims are also considered in
this case. Data theft from the data present in the license number also acts as an issue. It was seen
that a total of 209,000 victims were facing issues regarding the breaching of credit card data. It is
seen that the scale of the attack have been the main reason of concern (Solove and Citron 2017).
A total loss of $630 million has been marked in the entire process.
DATA BREACH EQUIFAX3
Question 2
Type of Cyber fraud that has perpetrated in the Data Breach Equifax, 2017
Overview of the attack
The vulnerability was caused due to the presence of vulnerability in the Apache Struts
CVE-2017-5638. Apache Struts is a framework that is based on the platform of Java application.
That following day, Department of Homeland Security contracted the Equifax for informing
them regarding the vulnerability that is present in the system. Even e mail notifications were sent
regarding the applying Apache patch (Berghel 2017). Even after performing the scanning
process, the vulnerability was not properly detected. Hence wise the vulnerability of the process
was left unseen. In July, 29th they found that there has been suspicious network traffic flowing.
After 3 days the company hired professionals regarding checking of the security process. After
the check, Equifax that there was a data breach (Lorio 2017). Sooner data was published and
Equifax announced that there was data breach in the organization.
Category of cyber attack
The category in which the Equifax Data breach falls under is Man in the Middle attack.
In this case the main aspect that is considered is that the attacker hijacks a session in
between the trusted client and network server. This section includes 3 major processes. The
major concern of this section is that the attacker gets in between the transaction process during
the time of the data getting transacted from the victim to the server (Baruh and Popescu 2017).
Again the attacker performs DDOS attack and hence wise gains data from the client as well as
the server directly. This is one of the major reason that the data breaching might occur.
Question 2
Type of Cyber fraud that has perpetrated in the Data Breach Equifax, 2017
Overview of the attack
The vulnerability was caused due to the presence of vulnerability in the Apache Struts
CVE-2017-5638. Apache Struts is a framework that is based on the platform of Java application.
That following day, Department of Homeland Security contracted the Equifax for informing
them regarding the vulnerability that is present in the system. Even e mail notifications were sent
regarding the applying Apache patch (Berghel 2017). Even after performing the scanning
process, the vulnerability was not properly detected. Hence wise the vulnerability of the process
was left unseen. In July, 29th they found that there has been suspicious network traffic flowing.
After 3 days the company hired professionals regarding checking of the security process. After
the check, Equifax that there was a data breach (Lorio 2017). Sooner data was published and
Equifax announced that there was data breach in the organization.
Category of cyber attack
The category in which the Equifax Data breach falls under is Man in the Middle attack.
In this case the main aspect that is considered is that the attacker hijacks a session in
between the trusted client and network server. This section includes 3 major processes. The
major concern of this section is that the attacker gets in between the transaction process during
the time of the data getting transacted from the victim to the server (Baruh and Popescu 2017).
Again the attacker performs DDOS attack and hence wise gains data from the client as well as
the server directly. This is one of the major reason that the data breaching might occur.
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
IT Security: Equifax Data Breach, Quantum Key Distribution, and Firewall Typeslg...
|12
|2997
|59
Equifax Data Breach of 2017: Overview, Causes, and Impact | Deskliblg...
|13
|596
|118
Summary of Attack | Computer and Network Securitylg...
|7
|1353
|29
Data Breaches: Equifax and Sony Playstation Networklg...
|12
|3413
|75
The Benefits of Risk Management Planninglg...
|12
|2705
|16
Web Application Security Report 2022lg...
|6
|1029
|20