Equifax pulls mobile apps due to basic security errors

In September 2017, unrelated to the massive data breach the company simultaneously announced, Equifax withdrew its mobile apps from Apple's App Store and Google Play because of security flaws that meant that data transferred between users and Equifax was not encrypted in transmission. Given the flaws in implementing HTTPS, attackers could inject their own markup, including JavaScript - which in turn would allow them to ask for any information they wanted without any indication to the user that the request was not genuine.

https://www.fastcompany.com/40468811/heres-why-equifax-yanked-its-apps-from-apple-and-google-last-week

tags: Equifax, malware, security, vulnerabilities, mobile

Writer: Cale Guthrie Weissman

Publication: Fast Company