Ricochet is the best place on the internet to discuss the issues of the day, either through commenting on posts or writing your own for our active and dynamic community in a fully moderated environment. In addition, the Ricochet Audio Network offers over 50 original podcasts with new episodes released every day.
Equifax Data Breach Was an Unconscionable Mistake
I’ve been waiting for someone else to post about Equifax so I could vent my wrath in a comment, but as I haven’t seen much yet, I can no longer contain myself. I cannot believe that a company charged with holding the most sensitive information about us — information that we neither asked for nor wanted to be held on our behalf — has been breached. The information of half of American adults may have been stolen. Bad enough, but they didn’t even bother to tell us about it for over a month. Never mind their executives selling nearly 2 million dollars in stock in the meanwhile. Never mind the anemic apology from their CEO:
“This is clearly a disappointing event for our company, and one that strikes at the heart of who we are and what we do. I apologize to consumers and our business customers for the concern and frustration this causes.”
This is the type of apology we’ve become accustomed to when someone uses an incorrect gender pronoun, not when the lives of 148 million people are potentially wrecked. My cousin lived through identify theft and it is awful. No doubt Mr. Smith has an army of lawyers and admins who will clean up the mess should his identify be stolen. But for the rest of us, it is time taken away from work and family, hours on the phone, loss of the ability to travel and sometimes worse. I have already had to spend $20 freezing my credit. They’ve offered free credit monitoring for a year (did you hear that identify thieves, you have to wait a year!), after which, no doubt, we’ll be stuck automatically with their $29.99 a month service. But even if it were free for the rest of my life, how can we trust their credit monitoring service? So that will be another $300 per year for the mess they created.
I hope Equifax goes down for this. The money will go to the law firms and not to the victims, but right now, I just want blood. God help me, I may even want Elizabeth Warren.
Thank you for letting me vent. It seems churlish to do so with Irma bearing down on Florida. My prayers to all of you in her path.
Published in General
Our son told us about this a couple hours ago. His outrage mirrors yours. What a mess!
What is needed is for the government to step in and take over the handling of privacy.
It is infuriating. As you said, it affects half of the adult population.
This certainly warrants a criminal prosecution.
Oh, man, you’re funny. The government? Aren’t they the ones who lost my information to Chinese hackers because I once had to apply for a security clearance for a consulting job? There was no real reason I needed a security clearance. It was not military related. It wasn’t State Department related. But they required we do it, and now the Chinese have it because the government was so “careful” with the information.
As someone caught in the OPM data breach I assume you were being sarcastic…
I, too, was very upset when I first saw this Thursday night, and shame on me for not posting it.
It is upsetting that Equifax has more information about you than your doctor – without your permission, mind you – and yet they are completely carefree about protecting it.
More upsetting is that they discovered the hack – I don’t think they actually know when it happened – on July 29th, yet made no announcement about it until September 7th.
Even more upsetting is, as you mentioned, that their executives sold massive amounts of their stock in Equifax, knowing that when this hack got announced, that Equifax shares would probably plummet, and did. On Friday, Equifax shares lost 13% of their value. That’s criminal action there.
I am not willing to pay to subscribe to Financial Times, but they have an article titled “Equifax faces legal storm over its handling of data breach” and that gives me a glimmer of hope, that these careless cretins will be frog-marched out of the building next week.
Here’s hoping the SEC comes down HARD on these monsters.
I keep wondering if it’s time to declare that it is impossible to keep information transmitted over the Internet private.
I have to believe Equifax had state-of-the-art security. And now I am thinking it is all a farce. Nothing on the Internet is safe.
At least not yet.
I read a book twenty years ago on computer security for businesses, and the author made an interesting point. Sabotage comes first from disgruntled employees. But in the case of these financial services companies, they also have disgruntled people they are reporting on. Somewhere out there someone is probably celebrating the idea that the CEO and the other top executives for this company will lose their job, their credit, and good name. These credit score companies would be likely targets anyway, even if it were possible to keep hackers out, something I am beginning to doubt.
I was hoping somebody would bring that up as a reminder. Thanks.
Yes, I was being sarcastic, but it is at times like this that we are at risk of government vultures seeking their prey. Well, vultures eat only dead things, and we’re not dead yet. Maybe government sharks is a better analogy.
*That* is where the feds should be concentrating their attention. But there will be others who seek to grow the regulatory state and take over management of these companies. And the new management will not be subject to criminal prosecution.
I’ve been seeing this all over Facebook. But what is equifax and how should that affect me?
They track a lot of credit score information and supply it to lenders and anyone else who can afford to buy it from them–employers, landlords, and so on.
It isn’t possible. I think we have to rethink the idea of the social security number or any other number as a private key to our identify. I’m not a cybersecurity expert, but we have to have better ways than this.
Yeah, like getting rid of social security numbers and socialism and letting us be free men again? Hah. It will never happen.
That is true. Which is why private industry better do a better job of holding its CEO’s and other high ranking officials accountable. From what I’ve seen, big business does no better than the VA in holding people at the top accountable for massive failures. The CEO may lose his job, but somehow I think he won’t suffer very much, as he’ll be backed by a very lucrative golden parachute or whatever they call it. Just as high ranking government officials end up on permanent paid administrative leave until they are ready to retire at full pensions. Private enterprise can’t work if people don’t pay for their failures.
Consider a Credit Freeze:
https://www.consumer.ftc.gov/articles/0497-credit-freeze-faqs
The business in question will not be able to sell your data and you will have some protection as well from identity theft, there are of course some down sides. It’s a trade off.
I am no way going to defend Equifax’ negligence, but the sales alone are not necessarily damning:
In many public companies, executives with access to insider information are required to make stock sales and purchases on a schedule set well in advance, to avoid the reality or appearance of trading on that information. If the sales were of that nature, then they need some ‘splainin and proof of the fact. If not, then the execs need the book thrown at them.
Thanks for the info. I didn’t know that.
I just figured they thought they were Congressmen for a while.
A couple of things on this that bear checking out:
Equifax is offering “free” credit monitoring to those affected. The monitoring is offered through an Equifax subsidiary (but of course), and my understanding is that, once the year is up, they automatically roll you over and charge you for the next year if you don’t affirmatively opt out. In addition, if you sign up for the free year, the terms of service limit your damages to that found in arbitration or small claims court. One waives the right to bring suit for larger amounts.
EDIT: The latter, at least, may have been changed. See further below.
Yes, I spent yesterday freezing my credit. It was surprisingly easy to do. If I’d have known about this before, I would have done it a long time ago.
The government requires us to have a SSN that is now being exploited by crooks to rob us. The government must take this seriously and go after any and all hackers and thieves. I consider it to be an act of war for any country to aid or tolerate criminals rather than help us capture them. Few horses were stolen when horse thieves were shot. just saying
So does anyone think there’s any way to get justice here? What would justice require in this case?
A rail. tar and feathers for a start….
I was rather surprised myself, that it could be done online with all three agencies for a pittance. It seems too easy and the downsides so minor.
@lockeon Thank you for the information and I hope that is what it is. I sincerely don’t want to believe that all executives are corrupt.
@gossamercat are you new? If so, welcome and yes, we were just as shocked hearing this news. I couldn’t believe that a credit monitoring company was hacked – then you hear about the executives selling the stock – and third, they offer a year free credit monitoring?? Gee…if the hackers didn’t get all your info the first time, they’ll get it the second! These credit monitoring companies are awful. I have had to fight a couple erroneous things on my credit. I only succeeded on one. They are almost deaf to your case. That power affects for credit for years, and your ability to purchase. It’s also very scary how hackers keep gaining ground – They wait to tell you they’ve been hacked obviously for their hides, the share holders.
These are all good questions. Many people I spoke to didn’t know about it. Perhaps the hurricanes are absorbing too much attention or perhaps we’ve heard about these things one time too many. I was going to shrug it off too until I heard the numbers and then checked that I may be one of them. Will justice be done? Who knows what justice is, in this case? But I do think we have to rethink privacy and the concept of the social security number. Almost any other number can be re-issued, but not that one, as far as I know. I don’t think it was ever designed to be the key to our entire electronic lives.
Dave Ramsey is laughing at us all right now.