CRN reported yesterday (December 14), in the revealing article entitled, "FBI Cybersecurity Expert Abagnale: Equifax 'Sloppiness' Caused Massive Breach", by authors Steven Burke and Michael Novinson: "Frank Abagnale, an FBI cybersecurity specialist and identity fraud expert, told CRN that the massive breach at credit reporting agency Equifax is a simple case of a company failing to patch and update critical infrastructure." "FBI Security Superstar Abagnale" (famously portrayed by Leonardo Di Caprio in Steven Spielberg's 2002 film, "Catch Me If You Can"), as named by CRN, "has consulted with the FBI on most of the major cybersecurity breaches in the last 15 years including Equifax." According to Burke and Novinson, Abagnale said that, "The breach was caused because Equifax didn't do what they were supposed to do... They didn't update their technology. They didn't fix their patches. Their sloppiness caused a hacker to access the data. So they were negligent."
The article states that, "Equifax, for its part, has blamed what it has called a 'U.S. website application vulnerability' for the breach of 145 million consumers personal information and also the breach of the credit card numbers for approximately 209,000 US consumers." However, according to Abagnale, as quoted by CRN: "The breach resulted in what the credit monitoring company has called certain dispute documents with personal information of 182,000 US consumers..." and that, "for a company the size of Equifax not to "be keeping their technology up to date is absurd."
While Equifax stated in response to Abagnale's criticism, according to the article, "that it has been 'transparent and comprehensive' in its reporting on the scope of the breach," Abagnale said, "Hackers do not cause breaches," People do. All hackers do is look for a weak point."
(Copyright © 2017 The Channel Company. All Rights Reserved. Photo of Frank Abignale Copyright © 1999 - 2017 Peg Eastman for Abagnale & Associates. All Rights Reserved.)
Please contact Derive Healthcare, the dedicated practice of Derive Technologies, for more information about our complete portfolio of healthcare-tailored IT Security services, including risk assessment and planning, strategies and policies, and a comprehensive suite of security technology solutions. You can reach us by calling (212) 363-1111 [New York], (201) 299-9132 [New Jersey] or TOLL-FREE at (844) 363-1110, or by completing the form on this page (please include "Derive Healthcare IT Security Solutions" in the form's comments).