“Equifax Deserves the Corporate Death Penalty”, one of yesterday’s headlines on WIRED read (Fein, 2017). Equifax is one of the States’ three big credit reporting companies that keep financial data on everyone, so that for example landlords can determine whether or not someone is trustworthy. They suffered a severe security breach, lasting from mid-May through July, but only notified the public in early September.
Equifax failed to protect sensitive personal information of 145 million Americans, nearly half the country’s population. The information in question pertains to names, birth dates, addresses, driver’s license and even worse, social security numbers. As these things cannot be changed as easily as a phone number, this may make a lot of people vulnerable to identity theft. Even more outrageous, to protect themselves, they have to pay credit freeze fees – totalling $4.1 billion – to Equifax (Feng, 2017). Additionally, the identity protection program Equifax is offering for free to anyone who wants to enrol, has two problems: the checker that’s supposed to let you know that you might’ve been hacked is broken; and enrolling in the program prevents the participant in suing Equifax (Profis, 2017).
Breaches of more sensitive data, like bank, social-security, address, and health or employment records, have become so common, a lot of people just shrug an sigh, as an article in The Atlantic puts it (Bogost, 2017). Through the demand of consumers and the willingness of corporates, software development has become easy and popular, making security an afterthought instead of the top priority it should be. Are we becoming indifferent to privacy breaches, just when cybersecurity policy is in desperate need for improvement? And is there a way to protect our personal information, when you’re not really given the choice to have your data stored at corporates like Equifax?
References
Bogost, I. (2017, September 8). The Banality of the Equifax Breach. Retrieved October 20, 2017, from https://www.theatlantic.com/technology/archive/2017/09/the-equifax-breach-marks-the-end-of-shame-over-data-security/539202/
Fein, R. (2017, October 20). Equifax Deserves the Corporate Death Penalty. Retrieved October 20, 2017, from https://www.wired.com/story/equifax-deserves-the-corporate-death-penalty/
Feng, L. (2017, October 20). After Equifax, New Security Considerations Emerge. Retrieved October 20, 2017, from https://www.forbes.com/sites/forbescommunicationscouncil/2017/10/20/after-equifax-new-security-considerations-emerge/#4ef1e74543ef
Profis, S. (2017, September 16). Equifax data breach 2017: Here’s how to protect yourself. Retrieved October 20, 2017, from https://www.cnet.com/how-to/your-guide-to-surviving-equifax-data-breach/