Perhaps it's an understatement to say that it has not been a good few weeks for Equifax. The credit report company revealed last week that a security breach earlier in the year left up to 143 million people susceptible to identity theft. Hackers may have stolen Social Security numbers and other sensitive data from the service. Critics have blasted the company for a lack of coherent, cogent responses to the issue, and various customer service tools provided to aid users in securing their information and surveying the scope of the damage were so overloaded that they were essentially non-functioning. Now, it seems that a fresh security breach has taken place. This particular malicious activity affects the company's Argentinian operations. The reason why the security breach happened? A set of login credentials that were (perhaps comically) simple.
Login: "Admin", Password: "Admin"
Brian Krebs, a blogger focusing on cyber-crime, indicated that a tool used for Equifax employees in Argentina allowed access by inputting "admin" as the username and password at the main website interface. Simply inputting these credentials would give anyone access to records including national identity numbers for thousands of Equifax customers in Argentina, according to the BBC.
In response to notification that the most recent breach had occurred, Equifax moved to temporarily shut down the website which was affected. A spokeswoman indicated that "we learned of a potential vulnerability in an internal portal in Argentina which was not in any way connected to the cyber-security event that occurred in the United States last week. We immediately acted to remediate the situation, which affected a limited amount of information strictly related to Equifax employees. We have no evidence at this time that any consumers or customers have been negatively affected, and we will continue to test and improve all security measures in the region."
The Argentine security concern involved a local Equifax business called Veraz. Krebs indicated that "[it] was wide open, protected by perhaps the most easy-to-guess password combination ever." Hold Security, a U.S. cyber-security company which Krebs advises, made the discoery.
Federal Investigation Possible
While news is still unfolding regarding the Argentine breach, U.S. senators are moving to take action regarding the earlier U.S. data leak. Equifax took about six weeks to announce the discovery of the U.S. hack to the public. Earlier this week, 36 senators called for a federal investigation related to another aspect of the earlier breach: three executives of Equifax sold about $2 million worth of company shares in the immediate aftermath of the breach, before the information was made public.