On Saturday, Trump said he would impose additional sanctions against Iran in a bid to prevent the country obtaining nuclear weapons.World Politicsread more
Tensions between the U.S. and Iran will likely escalate in the near future, a former adviser to the Iranian government said on Monday.Energyread more
Chinese vice commerce minister said Monday that Beijing would like the U.S. to cancel "inappropriate" actions against Chinese companies.China Economyread more
A decisive win for Turkey's main opposition party in a re-run of a mayoral election in Istanbul this weekend has prompted hopes for economic and political change.Europe Politicsread more
Sixteen Asia Pacific countries have been negotiating the Regional Comprehensive Economic Partnership since 2013, with India's reluctance to open up its markets a major...Asia Economyread more
The secretary of State said he was traveling to Saudi Arabia and the United Arab Emirates to make sure that the U.S. is "strategically aligned" with its allies.Politicsread more
Experts say Facebook's cryptocurrency project Libra has been a catalyst for the price of bitcoin going higher.Technologyread more
Goldman Sachs helped state firm 1MDB to raise $6.5 billion in 2012 and 2013, and collected higher-than-typical fees of $600 million for the deals.Financeread more
Value investing has become increasingly irrelevant thanks to central banks and technology, according to AB Bernstein.Investingread more
Indonesian Trade Minister Enggartiasto Lukita said all 16 countries negotiating a mega Asia-Pacific trade agreement should remain in the framework.World Economyread more
Stocks in Asia Pacific traded mixed on Monday afternoon, while oil prices continued to rise as tensions between the U.S. and Iran lingered after the latter shot down an...Asia Marketsread more
Equifax left sensitive consumer information exposed to hackers by relying on a computer code it should have known was vulnerable to attack and without having safeguards to protect the data, the state of Massachusetts said in a lawsuit filed Tuesday.
It's the first lawsuit filed by a state against the credit reporting agency for the massive hacking that was revealed earlier this month.
The state's attorney general said still-unidentified third parties entered Equifax's system through a section of its website where consumers could dispute information on their credit reports. The hackers were in the system from mid-May through July without Equifax detecting them, the lawsuit said.
What's more, Equifax didn't upgrade security for its website even though such fixes were available as early as March, and it didn't put in safeguards like encryption that would have protected the data, the state said.
On CNBC's "Power Lunch " Tuesday, Massachusetts State Attorney General Maura Healey said, "Equifax needs to make this right. They need to pay for their mistakes in leaving so many of us so vulnerable."
The lawsuit was filed in Suffolk County Superior Court.
In a statement, an Equifax spokesperson said, "We cannot comment on pending litigation. Equifax reached out to state and federal regulators at the time of the public announcement to inform them of the breach and to establish open lines of communications. Since then, Equifax has been in regular communication and is cooperating with federal agencies, regulators and state attorneys general. Equifax has agreed to provide testimony to Congress and we will continue to work with all these parties to resolve the issues."
In the lawsuit, Massachusetts says Equifax's failure to secure consumer information means it has exposed more than half the state's adult population to the risk of identity theft, tax return scams, financial fraud, health identity fraud and other harm.
Equifax has been scrambling to respond to the outpouring of criticism about the breach, in which hackers took personal information like Social Security numbers, names, addresses and birth dates for up to 143 million consumers. The company said it discovered it in late July. It didn't disclose it publicly until Sept. 7.
Some critics have pointed out that Equifax might have prevented the issue by moving more quickly to update the security. A flaw in a web application it used was exposed in March and the developer, Apache Software Foundation, issued a remedy.
Equifax has said it discovered the breach July 29 and blocked suspicious traffic. It said it saw more suspicious activity on July 30 and took the application offline. It also said it was aware of the vulnerability disclosed in March and took efforts to identify and patch any vulnerable systems.
After Equifax announced the breach, the Apache foundation said the data were compromised by Equifax's "failure to install the security updates in a timely manner."
Massachusetts had previously announced plans to file the lawsuit, which is seeking unspecified civil penalties and other relief. Several other states have banded together to investigate, and members of Congress have demanded that Equifax executives travel to Washington to testify. The Federal Trade Commission also said it is investigating.
The July hack followed a data breach in March involving a payroll and tax service Equifax offers, though the company said the two intrusions are not related. In that earlier breach, hackers managed to reset passwords for employees of some companies that used the service and then were able to take payroll and tax information.
In a statement to CNBC, an Equifax spokesman said the company told customers, affected individuals and regulators. "The criminal hacking that was discovered on July 29 did not affect the customer databases hosted by the Equifax business unit that was the subject of the March event," the statement said. "The two events are not related."