On a Saturday night, a security engineer at Equifax was updating an SSL certificate on a Network Intrusion Detection System (NIDS). Immediately after, suspicious connections were detected. After a more in-depth investigation, it became evident that the situation was far graver than anticipated. A service had to be promptly shut down to prevent further exploitation, but by that point, the damage was already done. Malicious actors had been exfiltrating data for several months and had already collected personal information from 163 million customers.