Following the massive data breach that was disclosed on September 7, Equifax announced on Friday that Chief Security Officer Susan Mauldin and Chief Information Officer David Webb are retiring from the company effective immediately.
Russ Ayres, who previously served as a Vice President in the Equifax IT department, has been appointed interim Chief Security Officer.
Mark Rohrwasser has been appointed interim Chief Information Officer. Rohrwasser joined Equifax in 2016 and has led Equifax’s International IT operations since that time, the company said.
Ayres will report directly to Rohrwasser.
Equifax informed customers last week that hackers had access to its systems between mid-May and late July. The breach, which affects roughly 143 million U.S. consumers, involved names, social security numbers, dates of birth, addresses and, in some cases, driver’s license numbers.
The company has hired FireEye-owned breach investigations firm Mandiant to work on the investigations, and noted that “Equifax’s internal investigation of this incident is still ongoing and the company continues to work closely with the FBI in its investigation.”
Equifax initially only revealed that the cybercriminals exploited a vulnerability in a “U.S. website application” to access files. However, financial services firm Baird later claimed to have learned that the application in question was Apache Struts, a framework used by many top organizations to create web apps.
While some believed that the Apache Struts vulnerability was the recently patched CVE-2017-9805, which has been increasingly exploited in the wild to deliver malware, a more likely candidate was CVE-2017-5638, a vulnerability disclosed and fixed in March, and leveraged by cybercriminals shortly after.
An update posted by Equifax on Wednesday to the website dedicated by the company to the cybersecurity incident confirms that CVE-2017-5638 was the Apache Struts 2 flaw exploited by attackers.
This shows that the breach was possible due to the company’s failure to patch a critical vulnerability in more than two months after its disclosure. Following the incident, others started highlighting holes in Equifax’s cyber security, including unpatched cross-site scripting (XSS) vulnerabilities reported to the company more than one year ago, and the lack of many basic protections.
Security blogger Brian Krebs reported on Tuesday that an Equifax Argentina employee portal exposed 14,000 records, including employee credentials and consumer complaints.
After New York Attorney General Eric T. Schneiderman announced the launch of a formal investigation into the Equifax breach, Illinois and nearly 40 other states joined the probe.
Equifax shares have fallen more than 30% since the disclosure of the breach, wiping more than $5 billion off the company’s market capitalization.
Equifax says that it maintains data on more than 820 million consumers and more than 91 million businesses worldwide.

For more than 10 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.
More from Mike Lennon
- Check Point to Acquire SASE Security Firm Perimeter 81 for $490 Million
- Rapid7 Announces Layoffs, Office Closings Under Restructuring Plan
- Horizon3 AI Raises $40 Million to Expand Automated Pentesting Platform
- Watch Now: Cloud & Data Security Summit Sessions
- Watch on Demand: 2023 CISO Forum Sessions
- Virtual Event Today: CISO Forum 2023 – Register to Join
- Watch Now: Threat Detection and Incident Response Virtual Summit
- Registration Now Open: 2023 ICS Cybersecurity Conference | Atlanta
Latest News
- Atlassian Security Updates Patch High-Severity Vulnerabilities
- Car Cybersecurity Study Shows Drop in Critical Vulnerabilities Over Past Decade
- UK’s New Online Safety Law Adds to Crackdown on Big Tech Companies
- Critical Infrastructure Organizations Warned of Snatch Ransomware Attacks
- Omron Patches PLC, Engineering Software Flaws Discovered During ICS Malware Analysis
- MGM Resorts Computers Back Up After 10 Days as Analysts Eye Effects of Casino Cyberattacks
- Intel Launches New Attestation Service as Part of Trust Authority Portfolio
- Tor-Based Drug Marketplace Piilopuoti Shut Down by Law Enforcement
