Equifax, the credit monitoring company in headlines for exposing 143 million Americans’ data, used an easy-to-guess default password to access the records of Argentinians.
Security blogger Brian Krebs Sept. 12 reported Equifax Argentina used the username and password “admin/admin” for an online portal that its employees used to manage credit report disputes. Anyone who logged in could access employee records as well as about 14,000 consumer complaints that include their DNI—the equivalent of a Social Security number.
The company temporarily shut the website down, BBC reported Sept. 13. An Equifax spokeswoman told the BBC the company found no indication that customers had been “negatively affected” and the incident was not related to Equifax breach that affected U.S. consumers.