A US consumer protection watchdog agency said Thursday it has begun an investigation into a massive data breach at credit bureau Equifax that may have leaked sensitive information on 143 million people.

The Federal Trade Commission joins US congressional committees promising to probe the causes and implications of what could be the worst breach of personal information in the United States.

"The FTC typically does not comment on ongoing investigations," said Peter Kaplan, the agency's acting director of public affairs.

"However, in light of the intense public interest and the potential impact of this matter, I can confirm that FTC staff is investigating the Equifax data breach."

The hack disclosed last week at Equifax, one of the three major credit bureaus that collect consumer financial data, potentially affects more than half the adult population.

While not the largest breach -- Yahoo attacks leaked data on as many as one billion accounts -- the Equifax incident could be the most damaging because of the nature of data collected: bank and social security numbers and personal information of value to hackers and others.

US lawmakers have expressed concern over the implications of the hack and have called for hearings.

The House Energy and Commerce Committee announced it would hold an October 3 hearing with Equifax chief executive Richard Smith.

"We know members on both sides of the aisle appreciate Mr Smith's willingness to come before the committee and explain how our constituents might be impacted and what steps are being taken to rectify this situation," said a statement from Senators Greg Walden and Bob Latta.

Smith earlier this week offered an expanded apology to consumers in a column in USA Today.

"Consumers and media have raised legitimate concerns about the services we offered and the operations of our call center and website. We accept the criticism and are working to address a range of issues," Smith wrote.

"We are devoting extraordinary resources to make sure this kind of incident doesn't happen again."

Equifax said in a "progress report" on its website that criminals exploited a vulnerability in a website application called Apache Struts.

Security researcher Kevin Beaumont said in a blog post that he warned of the vulnerability in March and urged companies to fix it.

"I kept reissuing warnings," Beaumont said in a blog this week. "And then I gave up. Many Fortune 500 companies are still running these systems."

rl/oh

EQUIFAX

Tweet

EU defence ministers put to test in mock cyberattack
Tallinn (AFP) Sept 7, 2017
A major cyberattack targets European Union military structures, with hackers using social media and "fake news" to spread confusion, and governments are left scrambling to respond as the crisis escalates. This was the scenario facing a gathering of EU defence ministers in Tallinn on Thursday as they undertook a exercise simulating a cyber assault on the bloc - the first mock drill of its ki ... read more

Related Links
Cyberwar - Internet Security News - Systems and Policy Issues

Thanks for being here; We need your help. The SpaceDaily news network continues to grow but revenues have never been harder to maintain. With the rise of Ad Blockers, and Facebook - our traditional revenue sources via quality network advertising continues to decline. And unlike so many other news sites, we don't have a paywall - with those annoying usernames and passwords. Our news coverage takes time and effort to publish 365 days a year. If you find our news sites informative and useful then please consider becoming a regular supporter or for now make a one off contribution.
SpaceDaily Contributor $5 Billed Once credit card or paypal		SpaceDaily Monthly Supporter $5 Billed Monthly paypal only