Last week, the credit bureau Equifax made a shocking announcement: they’ve been hacked. Not only has the cyber security at one of the nation’s three biggest credit bureaus breached, but the personal data of up to 143 million of its customers was compromised – which is about half of all U.S. consumers.
According to reports of the hack, the information that cyber-criminals obtained from Equifax’s database includes names, Social Security numbers, birthdates, addresses and driver’s license numbers.
It can also potentially include logins, passwords, and security questions for internet websites and other financial accounts.
While this new Equifax breach may be considered one of the worst abuses of consumer trust in history, it is not the largest data breach ever. In fact, about 500 million had their account information and data stolen when Yahoo was hacked previously.
As we’ve seen, many large institutions and businesses are hacked these days, with cybercrime the fastest growing form of crime in the world. So what makes the Equifax hack so disturbing and even anger inspiring? Five things:
- Equifax’s security SHOULD be lock-tight
As one of the three major credit bureaus in the U.S. (along with Experian and TransUnion), Equifax is tasked with protecting the sensitive financial data for nearly every American. To allow a hack of this magnitude is inexcusable, and puts into question the validity, credibility – and even motives of the company and its leadership, as we’ll see. Basically, if Equifax (who also sells credit theft protection services!) can be so easily hacked for 147 million consumers, who exactly can we trust?
- Equifax makes money collecting and selling your data – and it’s not voluntary
Equifax is not in existence to perform a public service, nor or they affiliated or even closely regulated by the government. In fact, Equifax – like all of the credit bureaus – is a private entity in existence for one sole purpose: to make money for its shareholders. In fact, the credit giant makes billions in profits by collecting financial and demographic data on American citizens and then selling that information (in the form of credit reports) to banks, lenders, auto dealers, credit card firms, and marketers. But for U.S. consumers, having their data and credit history tracked and recorded by Equifax is not voluntary. Therefore, you are forced to participate and contribute to Equifax’s profitable ventures whether you want to or not, and without permission – and that now includes having your data hacked.
- They knew about the hack but took weeks to go public
This is where Equifax’s motives and even integrity seriously come into question. In fact, Equifax reports that knew about the massive data breach as early as July 29 (and who knows if they really found out earlier). However, they didn’t announce the hack publically and warned consumers until early September. That’s six weeks where hackers had their hands on the personal and sensitive data for 143 million consumers and Equifax customers.
Due to the fact that Equifax chose not to tell people that they were hacked, the criminals got a head start of about 1/10th of a year to engage in whatever criminal activity they wished, undeterred and unmitigated. As of yet, Equifax hasn’t adequately explained the reason for delaying the disclosure that they were hacked.
- Equifax executive sold large shares of their own company before the breach was announced.
Brace yourself – you might want to sit down for this one.
It’s been revealed that in the time between the data breach was discovered by Equifax (July 29) and the hack was publically announced (September), at least three high-level Equifax executives sold shares of stock in their own company.
In fact, these three executives sold their stock only a couple of days after the breach was discovered internally, but still made $1.8 million from the sales of that stock. The questionable sellers include Equifax’s Chief Financial Officer, John Gamble, who dumped 6,500 shares for $145.60 for a profit of $946,400.
Of course, after the data breach was made public, the stock plummeted, and soon sat at $123 a share, down 13% from his sale price and still plummeting.
What does the firm say about the shady stock sales? To date, Equifax sticks to the story that those executives “didn’t know” about the massive data hack – including the CFO
***
Now do you understand why you should be fuming mad?
Contact Blue Water Credit if you want to discuss your exposure to the hack and get some real help.
