Anger mounts over consumer credit data hack
What is Equifax and why does it have personal information on half the American population?
By
Kevin Reed
15 September 2017
As further details emerge about the server breach at Equifax—one of the largest and most damaging theft of sensitive personal data in history—the magnitude and long-term implications of the credit reporting agency’s negligence are becoming clearer. The failure of Equifax to take the most basic security measures to protect the credit information of 143 million customers has rightfully provoked an angry response from people all around the world.
According to a company press release on September 7, hackers exploited a “website application vulnerability” at Equifax and gained access to huge volumes of consumer data—including Social Security numbers, birth dates, addresses and credit card account details—over a two-and-a-half-month period in the late spring and early summer of this year.
When the breach was discovered on July 29, company executives did nothing to alert anyone that their credit standing was in serious jeopardy. Instead, three top executives moved to sell $1.8 million of their company stock while they waited another six weeks to report the hack to the public.
Along with the press release, the CEO of Equifax Rick Smith appeared visibly shaken in a YouTube video where he promised to provide identity theft protection and credit file monitoring services at no charge to “every US consumer.” While he claimed that a preliminary investigation showed “no unauthorized activity on our core credit reporting databases,” he said that a dedicated web site and call center had been set up to “help consumers manage their personal situation.”
It quickly became clear that Equifax had no…