Oh, Equifax. Things just keep getting worse.
Equifax protected some accounts connected to an internal portal in Argentina with the password "admin," in a move that was either incredibly amateur or hubristic (or both).
SEE ALSO: This chatbot could help you sue Equifax
The screwup was discovered by Milwaukee-based cybersecurity firm Hold Security, which was able to gain access to a number of people's personal data using, according to CNBC, "guesswork."
This horrible password, which deserves a huge facepalm, played no part in the security breach that impacted 143 million Americans. Still, Hold Security was able to access the Argentinean equivalent of social security numbers for about 100 employees' and consumer credit report disputes. Once the company portal was accessed, a user could fiddle with employee data, and even sneak around to steal employee's usernames and passwords, according to security researcher Brian Krebs, who's call to Equifax about the issue led to the portal being taken down. Hold Security reached out to Krebs following the discovery. Read more...
More about Tech, Password, Equifax, Tech, and Cybersecurityvia Zero Tech Blog
