Equifax CIO and CSO resigned — after reporting cybersecurity incident

Equifax for business technologyEquifax revealed the resignation of chief information officer (CIO) and chief security officer (CSO) – following the cybersecurity incident announced on September 7, 2017.

Mark Rohrwasser is interim CIO of Equifax. Mark Rohrwasser joined Equifax in 2016 and led Equifax’s International IT operations since that time.

Russ Ayres is the interim chief security officer of Equifax. Russ Ayres most recently served as a vice president in the IT organization at Equifax. He will report directly to the Chief Information Officer.

On July 29, 2017, Equifax’s Security team observed suspicious network traffic associated with its U.S. online dispute portal web application. In response, the Security team investigated and blocked the suspicious traffic that was identified.

The Security team continued to monitor network traffic and observed additional suspicious activity on July 30, 2017. In response, the company took offline the affected web application that day.

Upon discovering a vulnerability in the Apache Struts web application framework as the initial attack vector, Equifax patched the affected web application before bringing it back online.

On August 2, 2017, Equifax contacted a leading, independent cybersecurity firm, Mandiant, to assist in conducting a privileged, comprehensive forensic review to determine the scope of the intrusion, including the specific data impacted.

Over several weeks, Mandiant analyzed available forensic data to identify unauthorized activity on the network.

The incident potentially impacts personal information relating to 143 million U.S. consumers – primarily names, Social Security numbers, birth dates, addresses and, in some instances, driver’s license numbers.

In addition, credit card numbers for approximately 209,000 U.S. consumers, and certain dispute documents with personal identifying information for approximately 182,000 U.S. consumers, were accessed.

Equifax also identified unauthorized access to limited personal information for certain U.K. and Canadian residents and is working with regulators in those countries.