How Equifax Lost 147 Million Social Security Numbers cover art

How Equifax Lost 147 Million Social Security Numbers

How Equifax Lost 147 Million Social Security Numbers

Listen for free

View show details

A critical vulnerability was disclosed. A patch was released the same day. Equifax was warned directly. The patch was never applied. Two months later, attackers walked through the door — and spent seventy-six days inside a system holding 147 million Social Security numbers. Episode 5 covers the full 2017 Equifax breach — the Apache Struts vulnerability, the scanner that missed, the certificate that was blind for over a year, the breach response that made everything worse, and the PLA indictment that revealed what the stolen data was really for.

0:00 — Introduction
0:42 — What Is Equifax
1:17 — The Data You Never Chose to Give
1:42 — Growth vs. Security
2:05 — ACIS: A 1970s System on the Public Internet
2:25 — CVE-2017-5638: The OGNL Injection
4:19 — The Missed Scan
5:37 — The Honour System
6:16 — CEO vs. Committee
6:37 — May 13th: The Door Opens
7:13 — No Walls: Lateral Movement
8:20 — The Harvest: 147 Million Records
9:31 — The Expired Certificate
10:45 — Found by Accident
11:09 — The Response Timeline
12:35 — The Response That Made Everything Worse
13:52 — Insider Trading
14:28 — Executive Departures
14:52 — The Settlement
15:34 — PLA Attribution
16:23 — The Intelligence Mosaic
17:05 — Entirely Preventable
17:47 — Closing

Full technical breakdown: zerodaylogs.com

adbl_web_anon_alc_button_suppression_t1
No reviews yet