[–] cdglow 0 points 10 points (+10|-0) ago  (edited ago)

This is so crazy that I almost can't believe it. Call me nuts, but is this Equifax thing maybe some kind of intentionally engineered distraction?

Even with a possible diversity hire in charge of security, how can a company be this repeatedly incompetent?

[–] Mr_Quagmire 0 points 5 points (+5|-0) ago 

Easy, offshore development and operations. This is exactly what you get.

[–] HeavyBeefCurtain 0 points 7 points (+7|-0) ago 

That's the price you pay for having a diversity hire!

[–] daskapitalist 0 points 3 points (+3|-0) ago 

Grey's Law in action. Can we start slapping multi-decade prison sentences on every member of Infosec and fine Equifax out of existence? There is no excuse for such shit security on web front ends for PII. Absolutely none. How the hell did these assholes pass an Infosec audit ever? I'd be thrown out on my ass for building an internal web front end for PII that didnt have a keyboard vomit for an admin password, much less one that was accessible to the freaking internet.

No excuse. Hang the diversity hire CSO and toss the entirety of Infosec in prison for decades.

[–] teatime 0 points 2 points (+2|-0) ago 

Yeah I'd love to see laws actually used against large companies for once.

[–] glugglug 0 points 3 points (+3|-0) ago 

Yep, struts zero day!

[–] parnellsUprising 0 points 3 points (+3|-0) ago 

[–] [deleted] 0 points 2 points (+2|-0) ago 

[Deleted]

[–] daskapitalist 0 points 5 points (+5|-0) ago 

Sufficiently advanced stupidity is indistinguishable from malice. Being a third party bailee that handles PII this way is criminal in many jurisdictions.

[–] captainstrange 0 points 0 points (+0|-0) ago 

Sufficiently advanced stupidity is indistinguishable from malice.

Is there a legal term for this?

There ought to be a legal term for this.

[–] Caesarkid1 0 points 3 points (+3|-0) ago 

It's only an issue because for some reason it is difficult to prove that you did not suddenly move 5 states over and buy a motor-home.