New victims affected by Equifax data breach: Latin American customers

Thursday 14 September 2017 09:45 CET | News

Argentina, and possible other Latin American countries, where Equifax does business were affected by the credit company’s major data breach, according to KrebsOnSecurity.

Security experts from Hold Security, who examined Equifax’s South American operations after the company disclosed the breach, discovered that an online portal designed to let Equifax employees in Argentina manage credit report disputes from consumers in that country was wide open, protected by an easy-to-guess password combination: “admin/admin.”

Once inside the portal, the researchers found they could view the names of more than 100 Equifax employees in Argentina, as well as their employee ID and email address. Furthermore, the “list of users” page featured a clickable button that anyone authenticated with the “admin/admin” username and password could use to add, modify or delete user accounts on the system.

The Equifax Argentina employee portal, known as Veraz or “truthful” in Spanish, went offline shortly after being contacted by KrebsOnSecurity.

Free Headlines in your E-mail

Every day we send out a free e-mail with the most important headlines of the last 24 hours.

Subscribe now

Keywords: Equifax, data breach, sensitive data exposed, credit score bureau, US, Argentina, credit card numbers, online security, fraud prevention, lawsuits
Categories: Securing Transactions | Digital Identity, Security & Online Fraud
Securing Transactions | Digital Identity, Security & Online Fraud
Countries: World
This article is part of category

Securing Transactions


Securing Transactions