Hackers broke into Equifax’s computer systems in March, two months earlier than the company had previously disclosed, according to a Wall Street Journal report.
That gave the intruders months to probe vulnerabilities and eventually gain access to the data of 143 million Americans. The Journal cited a report from the Mandiant unit of security firm FireEye that was sent to some Equifax customers this week.
The breach on March 10 came two days after security researchers at Cisco Systems warned of a flaw in an open-source software package called Apache Struts. One expert told the Journal that hackers probably found the Equifax server by “spamming” the internet for computers with that flaw.
The attackers then essentially cased the Equifax system for several weeks, the Journal reported. They eventually gained access to Equifax usernames and passwords, as well as “documents and sensitive information stored in databases, between May and late July, according to the Mandiant report, according to the Journal.
In an update last Friday, Equifax said only that hackers gained access to “certain files containing personal information” between May 13 and July 30. It did not mention earlier activity.
An Equifax spokesperson contacted by email said the company’s investigation found that someone had “interacted” with the company’s server on March 10. But the representative characterized that as “part of a common pattern of probing of systems on the Internet to find vulnerabilities.” There was no evidence that this probing was related to the more serious compromise of sensitive information, the spokesperson said.
“This is completely consistent with what Equifax has previously released” on the subject, the company representative said.
A spokeswoman for FireEye declined to comment.