Skip to main content
  1. Home
  2. News

Lawsuit alleges Equifax’s stupid password made it super-easy to steal your data

By

Remember that epic Equifax hack from 2017? As it turns out, the company made it pretty easy for hackers to get in. A recent filing in the United States District Court for the Northern District of Georgia, Atlanta Division points out a few of the company’s missteps that might have led to the breach.

The first of those issues comes in the form of the password the company users to protect a portal used to manage credit disputes. While you might think a major company holding personal information like people’s names, addresses, and social security numbers might use an exceptionally secure password in that instance, it actually went for something a different: It used “admin” as both the username and password for the portal.

Not exactly the most secure move.

Recommended Videos

If the shoddy password wasn’t enough, the company also stored unencrypted user information on a public-facing server. That meant that any attacker that compromised the website’s server would immediately have access to all the personal information stored on it, with no additional work required.

Please enable Javascript to view this content

The website also wasn’t the only thing it left unencrypted. The company also failed to encrypt its mobile applications, so not only was it keeping sensitive data unencrypted on its own server, it was transmitting that data unencrypted over the internet.

Related

When it did finally encrypt that data, it “left the keys to unlocking the encryption on the same public-facing servers, making it easy to remove the encryption from the data.”

The court filing suggests that the inadequacies in Equifax’s encryption protocol fell short of industry standards and data security laws, going as far to say that the company “did not know what they were doing with respect to data security.”

The hack on Equifax in 2017 reportedly impacted approximately 147 million people, exposing their personal information and social security numbers.

As part of a settlement from the incident, Equifax is paying more than $300 million toward credit monitoring services for the impacted customers. It’s also compensating customers who paid out-of-pocket expenses as a result of the breach.

If you were impacted, you can apply to receive credit monitoring services or a $125 settlement via Equifax’s site now.

Editors’ Recommendations

Topics
Emily Price
Emily Price
Former Digital Trends Contributor
Emily is a freelance writer based in San Francisco. Her book "Productivity Hacks: 500+ Easy Ways to Accomplish More at…
Luke Grimes says Costner’s absence made this easiest season of Yellowstone to film
Luke Grimes leaning on a fence in Yellowstone.

The absence of Kevin Costner from the second half of Yellowstone's fifth season was one of the defining stories of the show's second half. While many fans may have missed Costner and his character, John Dutton, there was at least one member of the cast who thought Costner's absence made filming the show easier.

In an interview with Esquire, star Luke Grimes got candid about filming the final season. “Hopefully, everyone can see that it was time,” he told Esquire. “To be really honest, there was a part of Kevin being gone that meant some of the conflict was gone. Obviously, it didn’t make it super fun to be around. Not pointing any fingers, but it was actually the easiest season we’ve filmed.”

Read more
Nvidia may not budge on its VRAM choices
Logo on the RTX 4060 Ti graphics card.

According to new leaks about the RTX 50-series, Nvidia may still keep its most popular GPU starved for VRAM. Wccftech claims that the RTX 5060 will retain an 8GB memory configuration combined with a 128-bit bus. Does this mean that the RTX 5060 won't find its footing among some of the best graphics cards? Not necessarily.

The publication cites its own sources as it reveals some of the specs for Nvidia's more affordable GPUs, ranging from the RTX 5070 Ti to the RTX 5060. And while there are some changes, it does seem that, for the most part, Nvidia is satisfied with its approach to video memory -- which games like Indiana Jones and the Great Circle are constantly putting to the test. Newer AAA games will only push for higher memory capacities, which we may not find in Nvidia's most affordable GPU, but the rest of the stack is looking a little better. Let's go over the specs.

Read more
Nvidia’s RTX 5080 may be better than the RTX 5090 in one small way
The PNY RTX 4080 XLR8 installed in a PC.

The launch of Nvidia's next-gen best graphics cards is right around the corner, and we're getting new leaks about the specs almost every day. Today, Benchlife reveals that the RTX 5080 may be the only RTX 50-series GPU to receive 30Gbps memory modules from the get-go. This would give the RTX 5080 a slight advantage, but there's also some conflicting information about the memory configuration for this GPU.

All of Nvidia's next-gen graphics cards are said to use new GDDR7 memory, and yesterday's Zotac leak confirmed that the RTX 5090 will sport 32GB of GDDR7 VRAM. That's a massive upgrade over the previous generation, but the RTX 5080 won't enjoy the same improvements -- the GPU is said to retain both the 16GB memory and the 256-bit bus we've already seen in the RTX 4080 (and its Super version).

Read more