Equifax Breach | QA Consultants

To all QA Consultants Customers, Contacts, and Friends,

You have likely heard about the Equifax breach by now, which on September 7, 2017, grabbed headlines around the world as Equifax revealed that personal data of roughly 143 million consumers in the United States and certain UK and Canadian residents had been compromised.   Equifax has not issued a public statement pinpointing which vulnerability was exploited.  However, multiple sources have reported Equifax and their agents have attributed this breach to a vulnerability in Apache Struts, a free, open-source framework for creating Java-based web applications.

If you are one of our QAC RootSecure Managed Cyber Risk Service Customers:

RootSecure detects Apache Struts components and their vulnerabilities on web servers
If the industry consensus is correct, RootSecure identified the key vulnerability in the Equifax breach as far back as April 2017, clearly identifying this as a critical, high priority issue to mitigate
Upon discovery in customer networks, the RootSecure SOC immediately recommended patching procedures that when executed, were proven to be 100% successful in elimination of these specific Apache Struts vulnerabilities
We remain concerned, however, if your web application properties are not within the scanning surface range of your RootSecure deployed sensor, you may still be at risk
Please include these subnets / hosts within your RootSecure scanning range
Contact the RootSecure SOC through normal channels

For Non-RootSecure Customers who may be at risk:

You will need to identify where you may have web applications being internally developed or third-party deployed, notably using Java Enterprise Edition, built on this architecture
It is likely that such an implementation will utilize Apache Struts as a component in some way even if you are not aware of this, as it very well could be a third-party component included within your purchased systems
RootSecure can be quickly deployed to help you discover this issue even where you might not know whether the Apache Struts component even exists within your infrastructure
Ensure that the latest patches are applied to Apache Struts (instructions are in the FAQ)
We are now prepared to field outside requests for assistance from this event

Please contact us at [email protected]  and specify “Equifax Assist” in the subject header

Without these kinds of vulnerabilities continuously emerging and remaining prevalent in networks everywhere, these vicious and malicious global disasters could never occur.   Subsequently, we hope that we can come together as a community, and make Managed Cyber-Risk “an important thing to do” for everyone to stay safe.