The Equifax data breach was completely avoidable. The breach was compromised through a vulnerability that was discovered and fixed by the vendor months before it was exploited at the company. There are three key lessons from a risk perspective that any CISO, CIO or CFO should have seen coming on this breach. The U.S. Department of Justice has opened a criminal probe into the incident. It seems that there were both failures of judgement and governance leading to and leading to a leading to the breach.”]
Source: https://www.csoonline.com/article/3229508/in-equifax-data-breach-three-hard-lessons-in-risk.html