
Equifax Breach Response Turns Dumpster Fire - troydavis
https://krebsonsecurity.com/2017/09/equifax-breach-response-turns-dumpster-fire/
======
nodesocket
Whoever said knowledge is power had it wrong. More like knowledge is
terrifying. equifaxsecurity2017.com is running Wordpress, which I'm sure is
vulnerable in some sort of way.

The check form is literally a marketing tactic to sign up for some 3rd party
monitoring service. I used last name Smith and a random series of 6 digits for
a social security number and was greeted with:

    
    
        Thank You
        Your enrollment date for TrustedID Premier is:
        09/14/2017
        Please be sure to mark your calendar as you will not 
        receive additional reminders. On or after your enrollment 
        date, please return to faq.trustedidpremier.com and click 
        the link to continue through the enrollment process.
    

Equifax security and negligence is borderline criminal.

~~~
bhhaskin
Not saying it isn't a dumpster fire, but many high profile websites run on
WordPress. It is an excellent CMS. Anything is vulnerable in some sort of way.

