Equifax CIO, CSO Step Down

  /     /     /  
Publicated : 22/11/2024   Category : security


Equifax CIO, CSO Step Down


Embattled credit-monitoring company names interim replacements for both positions and outlines more details about the massive breach.



Equifax late today announced that its chief information officer and chief security officer were retiring and effective immediately.
While the credit-monitoring firm did not include the executives names in its announcement, Equifaxs website 
lists
David Webb as Equifax CIO. Webb, who has served as CIO since 2010, will be replaced by interim CIO Mark Rohrwasser, who has been with the company since last year and led Equifaxs international IT operations. 
According to 
Boardroom Insiders
, Susan Mauldin is Equifaxs CSO, and has been with the company since 2013. She will be replaced by Russ Ayres, who most recently served as vice president in its IT department.
Equifax said it first observed suspicious network traffic on July 29 that appeared to come from its US online dispute portal Web application. The security team blocked that traffic, but another wave came through the next day. The security team then took the affected Web application offline.
When Equifax drilled deeper into the problem, it found a vulnerability in the Apache Struts Web application framework (CVE-2017-5638), and determined that flaw was the initial attack vector.
Upon discovering a vulnerability in the Apache Struts web application framework as the initial attack vector, Equifax patched the affected web application before bringing it back online, Equifax stated.
The
Apache Struts patch
 for the flaw was first made available in early March.
Equifaxs Security organization was aware of this vulnerability at that time, and took efforts to identify and to patch any vulnerable systems in the companys IT infrastructure, Equifax stated. While Equifax fully understands the intense focus on patching efforts, the companys review of the facts is still ongoing. The company will release additional information when available.
Read more about the Equifax statement
here
.
 
Join Dark Reading LIVE for two days of practical cyber defense discussions. Learn from the industry’s most knowledgeable IT security experts. Check out the INsecurity
agenda here
.

Last News

▸ There are plenty of online tools for reporting bugs. ◂
Discovered: 23/12/2024
Category: security

▸ 27 Million South Koreans Hit by Online Gaming Theft. ◂
Discovered: 23/12/2024
Category: security

▸ Homeland Security Background Checks Breach Raises Concerns. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Equifax CIO, CSO Step Down