Welcome back to Malicious Life. My name is Ran Levy. If you were both particularly attuned to website domain registrations and a little bit psychic, you might have noticed something odd occur on September 5, 2017

when a purchase was made for Equihax.com. The man who bought Equihax was named Brendan Shondonfer.

He lived in the beautiful and historic city of Alexandria, Virginia,

and worked for the cyber security firm, Mandiant.

The reason you would have needed to be psychic to notice and why such a registration would have seemed

odd is that even by September 5th, almost four months

after attackers first broke into Equifax Incorporated internal computer systems and began stealing the personal information of millions upon millions of Americans,

you could have fit everybody who knew about any of it into one spacious conference room.

Richard Smith,

Equifax's CEO, was notified about the intrusion a month and a half earlier on July 13th, the day after it was detected.

Rather than notify the public, Smith claimed in later testimony to U.S. government officials

that he kept the news secret in order to prevent copycat attackers from hearing about and carrying out similar

attacks sooner than they could defend against them.

Justified or not, the excuse gave his team ample time to respond to their discovery,

without yet having to face public scrutiny.

This was what everyone had been preparing for even since 2005 when Tony Spinelli first

got hired on as CSO. Emergency response only a few weeks time to read the intruders, mitigate the damage, and restore

normality.

Richard Smith immediately formed two task teams, Project Sierra and Project Sparta.

Project Sierra, also reference to as the company's Crisis Action Team, was responsible for addressing

the hack, investigating the events, the causes, rewriting administrator

account credentials, cleaning up the network and everything in between.

...