Daily Archives: October 16, 2023

Equifax poked with paltry $13.4 million following 147m customer data breach in 2017

Posted on by

Credit bureau company, Equifax, has been fined US$13.4 million by The Financial Conduct Authority (FCA), a UK financial watchdog, following its involvement in “one of the largest” data breaches ever.

This cyber security incident took place in 2017 and saw Equifax’s US-based parent company, Equifax Inc., suffer a data breach that saw the personal data of up to 147.9 million customers accessed by malicious actors during the hack. The FCA also revealed that, as this data was stored in company servers in the US, the hack also exposed the personal data of 13.8 million UK customers.

The data accessed during the hack included Equifax membership login details, customer names, dates of birth, partial credit card details and addresses.

According the FCA, the cyber attack and subsequent data breach was “entirely preventable” and exposed UK customers to financial crime.
“There were known weaknesses in Equifax Inc’s data security systems and Equifax failed to take appropriate action in response to protect UK customer data,” the FCA explained.

The authority also noted that the UK arm of Equifax was not made aware that malicious actors had been accessed during the hack until six weeks after the cyber security incident was discovered by Equifax Inc.

The company was fined $60,727 by the British Information Commissioner’s Office (ICO) relating to the data breach in 2018.

On October 13th, Equifax stated that it had fully cooperated with the FCA during the investigation, which has been extensive. The FCA also said that the fine levelled at Equifax Inc had been reduced following the company’s agreement to cooperate with the watchdog and resolve the cyber attack.

Patricio Remon, president for Europe at Equifax, said that since the cyber attack against Equifax in 2017, the company has “invested over $1.5 billion in a security and technology transformation”. Remon also said that “few companies have invested more time and resources than Equifax to ensure that consumers’ information is protected”.

Source: Equifax fined $13.4 million following data breach

Cisco Can’t Stop Using Hard-Coded Passwords

Posted on by

There’s a new Cisco vulnerability in its Emergency Responder product:

This vulnerability is due to the presence of static user credentials for the root account that are typically reserved for use during development. An attacker could exploit this vulnerability by using the account to log in to an affected system. A successful exploit could allow the attacker to log in to the affected system and execute arbitrary commands as the root user.

This is not the first time Cisco products have had hard-coded passwords made public. You’d think it would learn.

Source: Cisco Can’t Stop Using Hard-Coded Passwords – Schneier on Security

Google’s AI stoplight program leads to less stops, less emissions

Posted on by

It’s been two years since Google first debuted Project Green Light, a novel means of addressing the street-level pollution caused by vehicles idling at stop lights.

[…]

Green Light uses machine learning systems to comb through Maps data to calculate the amount of traffic congestion present at a given light, as well as the average wait times of vehicles stopped there.

[…]

When the program was first announced in 2021, it had only been pilot tested in four intersections in Israel in partnership with the Israel National Roads Company but Google had reportedly observed a “10 to 20 percent reduction in fuel and intersection delay time” during those tests. The pilot program has grown since then, spreading to a dozen partner cities around the world, including Rio de Janeiro, Brazil; Manchester, England and Jakarta, Indonesia.

“Today we’re happy to share that… we plan to scale to more cities in 2024,” Yael Maguire, Google VP of Geo Sustainability, told reporters during a pre-brief event last week. “Early numbers indicate a potential for us to see a 30 percent reduction in stops.

[…]

“Our AI recommendations work with existing infrastructure and traffic systems,” Maguire continued. “City engineers are able to monitor the impact and see results within weeks.” Maguire also noted that the Manchester test reportedly saw improvements to emission levels and air quality rise by as much as 18 percent. The company also touted the efficacy of its Maps routing in reducing emissions, with Maguire pointing out at it had “helped prevent more than 2.4 million metric tons of carbon emissions — the equivalent of taking about 500,000 fuel-based cars off the road for an entire year.”

Source: Google’s AI stoplight program is now calming traffic in a dozen cities worldwide