The Other Equifax Breach
Accidentally leaked credentials
Equifax, the credit monitoring company in headlines for exposing 143 million Americans’ data, used an easy-to-guess default password to access the records of Argentinians.
Security blogger Brian Krebs Sept. 12 reported Equifax Argentina used the username and password “admin/admin” for an online portal that its employees used to manage credit report disputes. Anyone who logged in could access employee records as well as about 14,000 consumer complaints that include their DNI—the equivalent of a Social Security number.
The company temporarily shut the website down, BBC reported Sept. 13. An Equifax spokeswoman told the BBC the company found no indication that customers had been “negatively affected” and the incident was not related to Equifax breach that affected U.S. consumers.
September 12, 2017
Krebs On Security
Link to report
location of breach
location of perpetrators
date breach occurred
date breach detected