Blog | G5 Cyber Security

Why Was Equifax So Stupid About Passwords?

U.K. Information Commissioner’s Office issued a monetary penalty notice against Equifax last week. Equifax created a “GCS dataset” – for Global Consumer Services – that attackers compromised. The company stored plaintext copies of users’ passwords in a plaintext file, when its own cryptographic standards stated that passwords should only be stored in encrypted, hashed, masked, tokenized or other approved formats. Many consumers would never have known that the company was acquiring, selling or storing their personal details.”]

Source: https://www.govinfosecurity.com/blogs/was-equifax-so-stupid-about-passwords-p-2666

Exit mobile version