20 September 2017
The other day, I noted that Equifax had been breached in March, and quoted the article as saying that the attackers had been "the same intruders" as in the May breach. In a newer news report, Equifax has denied that:
"The March event reported by Bloomberg is not related to the criminal hacking that was discovered on 29 July," Equifax's statement continues. "Mandiant has investigated both events and found no evidence that these two separate events or the attackers were related. The criminal hacking that was discovered on 29 July did not affect the customer databases hosted by the Equifax business unit that was the subject of the March event."So: I'll withdraw the speculation I posted about this incident confirming one of my hypotheses and wait for further, authoritative information. I repeat my call for public investigations of incidents of this scale.
Also worth noting: Brian Krebs was one of the very few to report the March incident.