Equifax pulls mobile apps due to basic security errors


In September 2017, unrelated to the massive data breach the company simultaneously announced, Equifax withdrew its mobile apps from Apple's App Store and Google Play because of security flaws that meant that data transferred between users and Equifax was not encrypted in transmission. Given the flaws in implementing HTTPS, attackers could inject their own markup, including JavaScript - which in turn would allow them to ask for any information they wanted without any indication to the user that the request was not genuine.


tags: Equifax, malware, security, vulnerabilities, mobile

Writer: Cale Guthrie Weissman

Publication: Fast Company

See more examples
Related learning resources