Learning from Others’ Mistakes: What Every Business Can Learn from the Equifax Hack

By Avery Hocutt | April 20, 2018

The Equifax hack was one of the worst cybersecurity breaches in American history.

Here’s how it happened: hackers entered the Equifax servers through Apache Struts, a popular open-source development framework for Web applications. The Equifax hack ultimately compromised the personal data of over 143 million people, or about half the U.S. population.

By now, we know that the company could have easily avoided the disaster. Four months before the breach, the Apache Software Foundation issued an alert for the vulnerability. Equifax either ignored the alert, or never saw it in the first place.

Over 40% of WordPress websites are not up to date

While the Equifax hack is unique in terms of its scale, it’s actually not unusual at all in terms of its inaction. Even though WordPress powers about 75 million websites—over 25% of all websites, in fact—almost half of them are not up to date. Furthermore, recent studies show that over 51% of businesses have no budget whatsoever for cybersecurity. That means that, with no IT personnel in place, companies who received warning security announcements like the one Equifax received either ignore them, or don’t see them at all.

Don’t be the next Equifax hack: How to protect your website’s data

In order to secure your data, there are two things you should seriously consider: ongoing, regular website maintenance; and professional IT services. IT professionals can scan your network for potential vulnerabilities and implement security measures which block potential threats. Many IT companies can also provide security awareness training that helps employees identify possible phishing scams.

Website maintenance can also help significantly reduce your risk of a cyberattack. With a quality site maintenance program, professional developers will regularly examine your website for out-of-date plug-ins, broken links, and other weaknesses that can increase the risk of a breach. Keeping your site routinely monitored and updated can help close the “gaps” which cybercriminals often target.

As a bonus, regular web maintenance will ensure your site delivers a better user experience, among other things.

An ounce of prevention vs. a pound of cure

On the surface, website maintenance and IT services might seem like too much of an expense to be worth it. But compared to the cost of a breach, it’s actually very low. For instance, think back to the Equifax hack: within four days of announcing its data breach, the company’s value tumbled by over $3.5 billion. Add that to the litigation costs and other expenses, and that’s just the tip of the iceberg.

Long story short: It’s much more cost-effective to be proactive than reactive. Fixing a compromised site (or rebuilding it from scratch) can cost ten times as much as monthly maintenance. And that’s not the worst that could happen: a hack could empty your company bank accounts; damage your reputation beyond repair; or compromise your clients’ data, causing you embarrassment at best, and litigation at worst.

Then there’s the opportunity cost: while you scramble to try to bring your business back to speed, you’ll be losing out on sales. Every way you look at it, you’re much better off protecting yourself before a crisis than resolving one after the fact.

Interested in site maintenance?

We’ve worked with many businesses over the years, and we’ve seen first-hand the consequences of neglected website maintenance. It won’t surprise you to learn that we offer a site maintenance service, called OverSite™, to help protect our customers from breaches and slow performance.

Our OverSite clients benefit from our development team’s constant vigilance. For instance, when WordPress issued a critical security update a few months ago, our OverSite clients’ sites were immediately updated and the owners were notified.

If you’d like to learn more about OverSite, give us a call. It’s more crucial to protect your site now than ever before, and we’d love to help.

Red Letter Marketing is a branding, marketing, and advertising agency based in North Carolina.