ATTENTION ONLINE AND SELF-PROCESSING CREDIT UNIONS
By now you have heard about the breach at Equifax that exposed the personal information of over 145 million consumers. This Bulletin addresses the technical vulnerability that is believed to be the cause of the Equifax breach, namely the use of unpatched software known as Apache Struts.
|What is WannaCry?||Apache Struts is an open-source web framework for developing Java web applications.|
|Does CU*Answers use Apache Struts?||CU*Answers does not use Apache Struts in our web applications. Therefore, our network is not vulnerable to the same attack that compromised Equifax.
Additionally, we have scanned our network to confirm it is not in use and our firewalls are configured to block attack attempts against Apache Struts that may be aimed at our networks.
|What do I need to do?||Most credit unions would not use this technology, but have your IT department confirm it is not in use on your network.
CU*Answers Network Services does NOT use this technology in Complete Care managed networks.
If your IT department confirms it is in use, follow these guidelines:
If you have any questions, contact the Help Desk