Skip to main content

Security firm says Equifax made it far too easy to access salary and job data

cfpb investigation equifax hack headquarters
Smith Collection/Gado/Getty Images
One of the more notorious data breaches in 2017 was the Equifax hack that exposed the private information of roughly 145 million Americans. The Equifax breach is particularly troublesome because of the company’s status as a central clearinghouse for some of the most sensitive information that’s stored online. Now, it appears that the company’s lax security extends beyond basic security and may have made salary and employment information far too easy to access.

The news comes via KrebsonSecurity, which broke the story on October 8, 2017. Apparently, Equifax TALX, a service that is used for automatic verification of income and employment history data that’s used when someone applies for a loan, has utilized authentication procedures that are far too easy to bypass. Simply put, accessing the data is far too easy for anyone with access to information — such as social security numbers and dates of birth — that has been readily available for many people thanks to past data breaches.

Recommended Videos

The TALX system should only be accessible by credentialed companies such as banks and employers. As KrebsonSecurity discovered, however, many accounts can be accessed merely by entering an employer name and a complete or partial social security number. Then, the PIN that’s requested is in a majority of cases just a date of birth in easily guessed formats. Once validated, some very juicy information is available, including salary and employment history that dates back a decade or more.

Please enable Javascript to view this content

Even the system’s advance authentication can be bypassed if the TALX customer failed to fully populate all the relevant information, and in many cases, detailed instructions on how to complete the authentication forms is available online. That makes it far too easy for nefarious parties to guess at how to successfully authenticate and gain access to the system.

If you’re concerned about your information being made accessible to unauthorized parties, then KrebsonSecurity provides a way to help safeguard your data:

“Fortunately, you can reduce the likelihood that an acquaintance, co-worker, stalker or anyone else can do this by claiming your own account, changing the PIN, and selecting a half-dozen security questions and answers. As always, it’s best not to answer these questions truthfully, but to input answers that only you will know and that can’t be found using social networking sites or other public data sources.”

As KrebsonSecurity notes in an update, Equifax has taken the TALX portal down for scheduled maintenance. It’s unknown whether that’s purely coincidental or if it’s in response to the story that was published yesterday. In addition, some commenters on the original story indicated that additional steps are being added that should help, although the data is still too easily accessible for anyone who’s willing to do the necessary research.

Mark Coppock
Mark Coppock is a Freelance Writer at Digital Trends covering primarily laptop and other computing technologies. He has…
AMD flagship GPUs to make a comeback with RDNA successor
AMD Radeon RX 7900 XTX hovers over a raging fire.

A recent leak on the Chiphell forums has revealed AMD's ambitious plans for its upcoming CPU and GPU architectures. According to a post by forum member zhangzhonghao, AMD is preparing to utilize TSMC’s cutting-edge N3E process node for its next-generation Radeon GPUs and potentially for some of its future CPUs.

The leak highlights the development of GPUs based on the new UDNA architecture, which will succeed the current RDNA. These GPUs are expected to include a flagship model capable of competing with Nvidia’s top-tier GeForce RTX cards, addressing the lack of a high-end option in AMD’s current RDNA 4 lineup.

Read more
Intel’s Arc B570 puts up an impressive fight against the RTX 4060
Fans on the Intel Arc B570.

Intel just released one of the best graphics cards you can buy -- the Arc B570. As you can read in my Intel Arc B570 review, it delivers solid gaming performance at 1080p, and at a price we haven't seen in years. But it faces some stiff competition from Nvidia in the form of the RTX 4060.

I put the two budget GPUs on the test bench to see how they hold up in a variety of games, and I'll walk you through the results I gathered. Although both cards are excellent options under $300, Intel's new Arc B570 is hard to argue with considering how much less expensive it is than the Nvidia competition.
Specs and pricing

Read more
Samsung’s 27-inch 5K QD-OLED display is the future of gaming
Odyssey OLED G6

Many tech brands are developing next-generation innovations for upcoming products, giving the industry just a taste of what can be expected in the future.

Samsung is one brand leading the charge, as its Samsung Display sector is a primary supplier for display panels throughout the industry. It recently showcased several upcoming technologies, including a 27-inch 5K QD-OLED display. FlatPanelsHD spoke with Samsung Display at CES 2025, where the publication received a private demo of the next generation QD-OLED monitors with a 220 PPI (pixels per inch) pixel density.

Read more