Equifax stripped of ‘stable’ outlook over 2017 breach

Equifax stripped of ‘stable’ outlook over 2017 breach

Add that to the US$1.4 billion that the massive incident has cost the company so far



The breach at credit bureau Equifax, which began almost exactly two years ago and lasted for 78 days, is making the headlines again.


Credit rating agency Moody’s has cut its rating outlook for Equifax from ‘stable’ to ‘negative’ due to the severe financial fallout of the hack in 2017, according to a CNBC report. The breach has cost the company some US$1.4 billion so far, excluding legal fees.


Moody’s decision is notable especially because it marks the first time that the cost of a security incident has prompted the agency to change a firm’s rating outlook. “This is the first time the fallout from a breach has moved the needle enough to contribute to the change,” Joe Mielenhausen, a spokesperson for Moody’s, was quoted as saying.


Arguably, however, the downgrade didn’t come out of the blue. Moody’s itself sent a clear message to boardrooms in November 2018 when it announced that its rating outlooks would begin to take account of risks related to cyberattacks.


A tale of woe


Two years can be a long time, so let’s recall how the breach earned Equifax a place in history books.


At its simplest, the incident was facilitated by a critical vulnerability in the Apache Struts web application framework for which a patch was issued on March ..