Was China behind the Equifax hack? It had hallmarks of nation-state hackers in the past: After first penetrating Equifax's network, the intruders handed off the operation to a more sophisticated group, which led some investigators to suspect Beijing. But others aren't so sure. Complicating factor: bad blood at the time of the hack between Equifax and its security contractor Mandiant.
From Bloomberg Technology:
Read Full Article »In one of the most telling revelations, Equifax and Mandiant got into a dispute just as the hackers were gaining a foothold in the company's network. That rift, which appears to have squelched a broader look at weaknesses in the company's security posture, looks to have given the intruders room to operate freely within the company's network for months. According to an internal analysis of the attack, the hackers had time to customize their tools to more efficiently exploit Equifax's software, and to query and analyze dozens of databases to decide which held the most valuable data. The trove they collected was so large it had to be broken up into smaller pieces to try to avoid tripping alarms as data slipped from the company's grasp through the summer. In an e-mailed statement, an Equifax spokesperson said: “We have had a professional, highly valuable relationship with Mandiant. We have no comment on the Mandiant investigation at this time.”
