On September 8, 2017, Equifax revealed that they suffered a massive data breach, with approximately 143 million records compromised, including social security numbers, first and last names, birth dates, addresses, and more in some cases.
The unfortunate fact is that the breach was just one of many examples of incidents caused by software security practices and culture within large organizations that will take major work to fix.
There have been lots of opinions as to how the breach was caused by negligence. One of the most common criticisms is that Equifax failed to apply a three-month-old patch—or software update—from open source provider Apache. The logic goes that basic patch management practices should have caught this oversight.
Read the rest here: https://www.infosecurity-magazine.com/opinions/equifax-plea-practices-damned-again/