Breach at Equifax exposes data of 143 million people

No doubt the biggest news item of the week. I'll try to digest it into a TL;DR and list some links for further reading.


  • Equifax is a credit reporting company, one of the three largest, serving 820 million customers and 91 million businesses.
  • It was breached through the Apache Struts vulnerability back in mid-May. The breach was discovered at the end of July and disclosed this week.
  • The breach exposes personal data of 143 million customers, including some UK and Canadian residents.
  • The leaked data includes names, social security numbers, dates of birth, addresses, some drivers licenses and 209,000 credit card numbers.


  • Good short overview, with a bit of tongue-in-cheek and facepalm thrown in, by Graham Cluley: link
  • Reddit megathread to dive in as deep as you want: link
  • Equifax's site where it provides updates about the breach: link
Dieter Van der Stock

Patches and updates

  • Android's September update fixes 81 vulnerabilities, of which 13 are remote code execution bugs (link)
  • Microsoft's Patch Tuesday also fixes 81 vulnerabilities, including one zero-day in .NET which is being exploited in the wild (link)
  • Chrome 61 fixes 22 vulnerabilities and adds support for 'WebUSB', an API for non-standard USB devices (link)
Dieter Van der Stock