Equifax Data Breach Analysis
The Infamous Equifax Data Breach of 2017
One of the most infamous data breaches of the modern era occurred in March of 2017 and involved one of the largest credit-reporting agencies in the United States, Equifax. This breach was achieved due to the fact that Equifax failed to implement the required software security updates in a timely manner. This fatal security error is what allowed bad actors to take advantage of the exploit known as “CVE-2017-5638” that this update released by Apache Struts, “an open-source development framework for creating enterprise Java applications that Equifax, along with thousands of other websites, uses,” was intended to patch. (Brumfield et al., 2025) This exploit worked in that it allowed hackers to send “HTTP requests with malicious code tucked into the content-type header, Struts could be tricked into executing that code, and potentially opening up the system Struts was running on to further intrusion” (Brumfield et al., 2025).
The bad actors responsible for the breach were identified to be Chinese military sponsored hackers identified as Wu Zhiyong, Wang Qian, Xu Ke, and Liu Lei. These hackers were able to gain access via the exploit into a compromised server where they slowly began elevating their access and permissions to higher level roles. It is then that they began harvesting data and going through the process of encrypting it so that it would not raise any red flags for system administrators. This encryption tactic was made possible since Equifax allowed it’s public-key certificate to lapse for over 10 months meaning that encrypted traffic on the servers was not being inspected.
The repercussions for this data breach were severe for Equifax both financially, as well as publicly regarding their image as a trustworthy credit-reporting agency. Furthermore, this breach has repercussions on hundreds of millions of customers that utilized Equifax, as their personal identifiable information (PII) to include social security numbers was also harvested by the hackers. Overall, Equifax has spent more than 1 billion dollars in security upgrades, as well as another billion dollars in consumer settlements for those affected by the breach. The aftermath of their response also did not breed confidence or do anything positive for their public image. In the wake of the breach Equifax set up a website dubbed as “equifaxsecurity2017.com.” Not only is that domain name already suspicious for those informed enough to recognize phishing website URL’s, but Equifax’s social media accounts also misdirected customers to an incorrect URL on multiple occasions. Furthermore, these websites disclosed that just the action of checking to see if a customer was part of the data breach essentially “waived their right” to join any class-action lawsuit against the company.
The Equifax data breach highlights the importance of effective cyber-security policies. Equifax could have mitigated this disastrous event in a multitude of ways. Firstly, the company obviously should have implemented the patch effectively and timely to avoid the incident in the first place. However, the cyber hygiene they operated with was sub-standard in other ways such as allowing their public-key certificates to lapse for almost an entire year, as well as their lack-luster handling of the situation after it had come under the public eye. Overall Equifax should have had an effective operating procedure and policies in place for Cybersecurity implementations such as dedicated team tasked with ensuring their systems are fully up to date at all times, installing patches, security software, and ensuring that user data is protected, secure, and confidential.
References:
Brumfield, C., Schuman, E., & Solomon, H. (2025, January 24). Equifax Data Breach FAQ: What happened, who was affected, what was the impact?. CSO Online. https://www.csoonline.com/article/567833/equifax-data-breach-faq-what-happened-who-was-affected-what-was-the-impact.html
Bond, Michael, Kieran Human, and Namki Kwon. “Analysis and implications for equifax data breach.” 2022,
FBI. (2020, February 10). Chinese hackers charged in Equifax Breach. FBI. https://www.fbi.gov/news/stories/chinese-hackers-charged-in-equifax-breach-021020