Embattled credit-monitoring company names interim replacements for both positions and outlines more details about the massive breach.

Dark Reading Staff, Dark Reading

September 16, 2017

2 Min Read

Equifax late today announced that its chief information officer and chief security officer were "retiring" and "effective immediately."

While the credit-monitoring firm did not include the executives' names in its announcement, Equifax's website lists David Webb as Equifax CIO. Webb, who has served as CIO since 2010, will be replaced by interim CIO Mark Rohrwasser, who has been with the company since last year and led Equifax's international IT operations. 

According to Boardroom Insiders, Susan Mauldin is Equifax's CSO, and has been with the company since 2013. She will be replaced by Russ Ayres, who most recently served as vice president in its IT department.

Equifax said it first observed suspicious network traffic on July 29 that appeared to come from its US online dispute portal Web application. The security team blocked that traffic, but another wave came through the next day. The security team then took the affected Web application offline.

When Equifax drilled deeper into the problem, it found a vulnerability in the Apache Struts Web application framework (CVE-2017-5638), and determined that flaw was the initial attack vector.

"Upon discovering a vulnerability in the Apache Struts web application framework as the initial attack vector, Equifax patched the affected web application before bringing it back online," Equifax stated.

The Apache Struts patch for the flaw was first made available in early March.

"Equifax's Security organization was aware of this vulnerability at that time, and took efforts to identify and to patch any vulnerable systems in the company's IT infrastructure," Equifax stated. "While Equifax fully understands the intense focus on patching efforts, the company's review of the facts is still ongoing. The company will release additional information when available."

Read more about the Equifax statement here.

 

INsecurity-Logo-wEventInfo-Horizontal.png

Join Dark Reading LIVE for two days of practical cyber defense discussions. Learn from the industry’s most knowledgeable IT security experts. Check out the INsecurity agenda here.

About the Author(s)

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights