How Equifax Lost 147 Million Social Security Numbers episode artwork

EPISODE · May 15, 2026 · 18 MIN

How Equifax Lost 147 Million Social Security Numbers

from Zero Day Logs · host ZDL

A critical vulnerability was disclosed. A patch was released the same day. Equifax was warned directly. The patch was never applied. Two months later, attackers walked through the door — and spent seventy-six days inside a system holding 147 million Social Security numbers. Episode 5 covers the full 2017 Equifax breach — the Apache Struts vulnerability, the scanner that missed, the certificate that was blind for over a year, the breach response that made everything worse, and the PLA indictment that revealed what the stolen data was really for. 0:00 — Introduction0:42 — What Is Equifax1:17 — The Data You Never Chose to Give1:42 — Growth vs. Security2:05 — ACIS: A 1970s System on the Public Internet2:25 — CVE-2017-5638: The OGNL Injection4:19 — The Missed Scan5:37 — The Honour System6:16 — CEO vs. Committee6:37 — May 13th: The Door Opens7:13 — No Walls: Lateral Movement8:20 — The Harvest: 147 Million Records9:31 — The Expired Certificate10:45 — Found by Accident11:09 — The Response Timeline12:35 — The Response That Made Everything Worse13:52 — Insider Trading14:28 — Executive Departures14:52 — The Settlement15:34 — PLA Attribution16:23 — The Intelligence Mosaic17:05 — Entirely Preventable17:47 — ClosingFull technical breakdown: zerodaylogs.com

A critical vulnerability was disclosed. A patch was released the same day. Equifax was warned directly. The patch was never applied. Two months later, attackers walked through the door — and spent seventy-six days inside a system holding 147 million Social Security numbers. Episode 5 covers the full 2017 Equifax breach — the Apache Struts vulnerability, the scanner that missed, the certificate that was blind for over a year, the breach response that made everything worse, and the PLA indictme...

NOW PLAYING

How Equifax Lost 147 Million Social Security Numbers

0:00 18:23

No transcript for this episode yet

We transcribe on demand. Request one and we'll notify you when it's ready — usually under 10 minutes.

Frequently Asked Questions

How long is this episode of Zero Day Logs?

This episode is 18 minutes long.

When was this Zero Day Logs episode published?

This episode was published on May 15, 2026.

What is this episode about?

A critical vulnerability was disclosed. A patch was released the same day. Equifax was warned directly. The patch was never applied. Two months later, attackers walked through the door — and spent seventy-six days inside a system holding 147 million...

Can I download this Zero Day Logs episode?

Yes, you can download this episode by clicking the download button on the episode player, or subscribe to the podcast in your preferred podcast app for automatic downloads.
URL copied to clipboard!