I saw a post on Twitter the other day that cracked me up.
One report in the NY Times suggested that Equifax doesn’t even know who is impacted.
Here is the deal, Equifax’s business is to gather this information and sell it to 3rd parties. When you need a loan or want a new credit card, the company extending credit to you goes to this company, or ones like it, to check on your credit. They gather this information from lots of different places and you have no options to tell them to stop doing this. They are creating this database of information about you and you have no control on how they protect this most sensitive information.
We are the ones impacted by their lack of security. We are the ones further impacted by the huge delay in telling us. What was stolen is about us and it impacts us. Equifax might take a stock hit, but not much more.
This company needs to be put out of business. The class action law suit should put them out of business. There should even be clawbacks on executive compensation and stock options.
A year of credit monitoring is not even meaningful punishment for this poor stewardship and lack of property security protection.
Company and organization leadership teams need to take the protection of confidential information seriously. There need to be examples, like here, where the company is put out of business because of their lack of proper attention and focus. Probably the CIO will be fired, but really, the board and the senior leadership team should be fired.