Eric T. Schneiderman, New York’s attorney general, on Wednesday. He has opened an investigation into the large-scale data breach disclosed by Equifax on Thursday. Credit: Drew Angerer/Getty Images.
By Fred Leeb, Leeb Partners, LLC, September 11, 2017
Will the hack of Equifax be the first of many similar cyber attacks? Should we assume that any personal data isn’t safe anymore even if it is held by the largest and supposedly most secure company? Are the three major credit bureaus (Equifax, TransUnion and Experian) just going to behave like the three little pigs, trying vainly to protect themselves from future cyber hacking bullies? Will they just squeal and be part of the cyber threat problem (trying to minimize their own liabilities) or will they be transparent, follow their own advice about safeguarding information properly and be willing to be held accountable?
Equifax announced on September 7th that 143 million social security numbers and other critical personal data (including dates of birth and driver license numbers) were stolen. Equifax, just like the other two major credit bureaus, ironically has claimed in the past to be the best at protecting our most trusted information.
In addition to failing its mission, Equifax also has admitted now that three of their executives sold some of their stock on August 3rd, three days after the company learned about the hack. Then the company waited about five weeks before reporting the massive data breach to the public. Was this because the company wanted to wait until hurricane IRMA flooded all the news coverage so as to downplay their own disaster? What was their level of concern for the 143 million people that had their most sensitive personal information at risk for that lengthy period? Didn’t they care that the importance of this hack cannot be overemphasized and is a serious threat to the very fabric of our economy? Didn’t they realize that it throws into doubt all of our future transactions, credit reports and credit scores, loans, bank and investment accounts, and personal credibility?
If we take a step back to see the bigger picture, when is the country going to wake up to the huge magnitude of the cyber threat facing all aspects of our society? The Equifax breach is just the most recent and most far-reaching blow of many more that are likely to be on the way in the near future. The key issues are:
- Will anything be done to block the wide range of future cyber threats that could cripple the U.S.?
- Will the government assist corporate America to protect our society?
- Will the three credit reporting agencies comprise just another industry that is too big to fail? Do the rules that apply to small businesses and individuals not apply to them?
- Will this be another example of senior executives not being penalized for selling off some of their stock holdings before announcing the bad news to the public?
- Will anyone at Equifax be punished personally for the tremendous liabilities that could result?
The next few months should provide answers to these questions but the initial indicators are not good.
Please see the following for links to two important articles on this subject. The first is from the New York Times (Equifax Hack Exposes Regulatory Gaps, Leaving Consumers Vulnerable) by TARA SIEGEL BERNARD and STACY COWLEYpublished on SEPT. 8, 2017. The second is from TechCrunch (Equifax execs dumped stock before the hack news went public) by Taylor Hatmaker (@tayhatmaker), John Mannes (@JohnMannes) posted Sep 7, 2017.
If you would like your business issues addressed by an experienced, unbiased outside expert, call Fred Leeb at Leeb Partners, LLC now at 248-514-3262 for a free initial meeting to identify the issues and to implement the necessary changes. The meeting will be completely confidential and without further obligation.