Hello and welcome to the M-Lex series of podcasts.

I'm Josh Sisko, M-Lex Senior Correspondent here in San Francisco, California.

Two weeks ago today, the U.S. consumer credit rating giant Equifax announced that its computer network had been breached earlier in the year, and that hackers were able to access the information of roughly 143 million people, more than half the U.S. adult population.

Here today to discuss the Equifax data breach is Mike Swift, Mlex's chief global digital risk correspondent here in San Francisco.

Hi, Mike.

Hey, Josh.

So, there have been a number of significant data breaches, including some that were bigger than Equifax.

Why are so many people upset about this one?

Well, it's more about sort of the quality of the information that was accessed in this case.

You know, there have been bigger breaches like the breach of Yahoo,

and, you know, that involved email addresses and passwords and names and things like that.

But in this case, these guys really got sort of the Holy Grail for

identity theft. They got Social Security numbers. They got driver's license numbers and they got

credit card numbers as well as names and addresses. So they have some very potent weapons to go out and commit financial fraud against people

on a massive scale.

How did the hackers even breach Equifax's database?

So this was the area of Equifax's website that was attacked was their dispute resolution center. And the software

that runs on the server side of big websites like this, it tends to be kind of a mix and match

thing. And in this case, the product that was affected was called Apache Struts. It was developed by

a nonprofit organization called the Apache Software Foundation that produces a lot of open source

software for that runs on the server side of websites.

And it wasn't that Apache produces a bad product.

...