Fountainhead, LLC dba RS Design
  • Home
  • Services
  • Portfolio
  • Affiliates
  • Blog
  • Contact

Blog

Equifax Data Breach Startling New Information

Oct 24, 2019fountainheadComments (0)

In an absolutely disturbing and ridiculous turn of events new findings have surfaced in the Equifax data breach. Apparently, Equifax's IT department used the following for both their username and password: "admin". That's right, you read that correctly. They used not only the same word for both their username and password, but they used perhaps the most notorious word other than the word "password" for credentials that were supposed to keep our collective personal information safe.

That this is a GROSS case of negligence, doesn't even begin to describe the ineptitude that follows because that's not where the story ends. Really? Yup. Not only the username and password were weak, they also failed to use encrypted servers for our personal information, so things like our names, addresses, social security numbers, secret passphrases, etc. were all stored on unecrypted servers that were PUBLIC-FACING!!!

What does unencrypted mean? It means that the data stored on the server wasn't disguised so that if someone was able to gain access they wouldn't be able to read the data because it would be gibberish. Encryption in this case is typically done using a type of Hash that disguises the real data with false data in and around it, to unecrypt that data you would need the key which is virtually impossible to break depending on the degree of encryption.

What does public-facing mean? It means that this server was accessible via the internet [instead of on an intranet only accessible within the company], anyone could find it and access it, especially with an incredibly weak username and password like "admin". We can't even begin to understand who in their right mind thought this was ok or even acceptable. It doesn't even make sense as a cost-saving measure, because any decent IT person would have the common sense not to use the same word for the username and password, let alone a common no-no like "admin".

Having seen these recent revelations gives us great pause in the efficacy of other organizations practices and methods for safe-keeping our personal information. Be careful with the information you give, and take any measures you can to secure your data, use VPNs, use Two-Factor Authentication, don't use the same passwords for multiple logins, or at the very least keep passwords you use for financial/sensitive accounts/information distinct and separate. Read the fine print of Terms of Agreement. It might be a pain, but it might just protect you from the horrible costs of your identity being stolen.

https://finance.yahoo.com/news/equifax-password-us...

  • Previous: Daplie: The Cloud System to Take Back the Internet

Tags

equifaxdata breachonline best practicesadminencryptionpasswordsusernames

Comments (0)


Add a Comment





Allowed tags: <b><i><br>Add a new comment:


All Blog Posts

Latest Posts

  • Equifax Data Breach Startling New Information   Oct 24, 2019
  • Daplie: The Cloud System to Take Back the Internet   Dec 02, 2016
  • How Much Does It Cost To Build A Website?   Sep 13, 2015
  • I'm starting a business, what do I need to do?   May 08, 2015

Archives

  • October 2019 (1)
  • December 2016 (1)
  • September 2015 (1)
  • May 2015 (1)

Tags

  • website design (2)
  • starting a business (1)
  • passwords (1)
  • encryption (1)
  • admin (1)
  • online best practices (1)
  • data breach (1)
  • equifax (1)
  • Business Cloud Storage (1)
  • Personal Cloud Storage (1)

Latest Comments

  • As a professional web developer, I agree with aspects of both arguments.

    If you want to scrape from the bottom of the barrel, you can outsource a site for very cheap. You'll license a popular…     4 years, 2 months ago
  • Hi Erica,

    This is true and both of those answers have very different costs associated with them. In addition, how fancy, unique or complicated a house you want also affects the cost to build…     6 years, 8 months ago
  • When I say "I want to build a house" this does not give an unambiguous answer, I need a palace or a booth for a dog. 6 years, 8 months ago
  • you are in reality a good webmaster. The site loading pace is incredible. It kind of feels that you're doing any unique trick. Moreover, The contents are masterpiece. you have done a great process on this… 7 years, 2 months ago
  • Hi Lucy,

    We certainly understand your perspective, but as we responded to Erika's statement we stated those costs in ranges and highly recommend you read our article on Starting A Business…     7 years, 10 months ago
  • I must say I do agree with Erika, the cost you noted up their can scare someone who knows nothing about websites or blogs and the totaly of everything may not be up to $1,000 even with a custom design. 7 years, 10 months ago
  • Hi Erika,

    If you note we gave ranges for costs of various items related to web design and development. It might be useful for you to read our previous article about Starting A Business for…     8 years ago
  • That seems like a pretty high estimate... most of that stuff can be done for free, even for a novice 8 years ago
  • It is perfect time to make some plans for the future and it's
    time to be happy. I've read this post and if I could I wish to suggest
    you some interesting things or advice. Perhaps you can…     8 years, 1 month ago
  • You really make it seem so easy with your presentation but I find
    this topic to be really something which I think I would never understand.
    It seems too complicated and extremely broad for…     8 years, 1 month ago