Equifax Breach Potentially Triggered by Apache Struts VulnerabilitySep 11, 2017, 23:00 (0 Talkback[s])
(Other stories by Sean Michael Kerner)
A financial analyst firm with ties to Equifax has reported a potential root cause of the massive breach at the credit reporting and monitoring. A Baird Equity Research report claims Equifax told the company that a vulnerability in the open-source Apache Struts framework was the root cause of the data breach.
"Our understanding is data retained by EFX primarily generated through consumer interactions was breached via the Apache Struts flaw," the report stated.