Security Market Segment LS
Thursday, 28 September 2017 04:21

Equifax breach identity fraud could last many years


Credit-reporting company Equifax Inc's massive data breach compromised the personal information of up to 143 million Americans and continues to dominate the news as even San Francisco city joins in the rage.

In the wake of the Equifax disaster, in which it is alleged Equifax violated the law by failing to protect consumers' information and then waited six weeks to disclose the breach, and then issued confusing and misleading information, the Equifax chief executive and chairman, Richard Smith, has now stepped down.

The former chief security officer, Susan Mauldin, has been revealed as having credentials in music rather than computer science or security, but is now clearing her LinkedIn profile and other online profiles of any background information.

Meanwhile, the city of San Francisco has filed a lawsuit against Equifax on behalf of the state of California. City attorney Dennis Herrera says more than 15 million affected people are from California, and says the Atlanta-based Equifax violated a California law prohibiting illegal, unfair or fraudulent business practices. The lawsuit seeks penalties of US$2500 for each violation and restitution for Californians who bought credit monitoring services from Equifax.

The Equifax data breach revealed social security numbers, birth dates, bank account numbers, and the status of various credit accounts.

"The data breach will subject California residents to increased risk of identity theft and fraud for many years to come," the lawsuit states.

Equifax continues to operate under a Federal Trade Commission consent decree, but remains under tight scrutiny and possible sanctions. The organisation has scheduled hearings in Washington DC before the House Subcommittee on Digital Commerce and Consumer Protection. Despite resigning, Smith will be compelled to front Congress and explain how the cyber-breach occurred, what, if any, electronic safeguards the company had in place, and what it plans to do besides offering free credit monitoring and identity theft protection.

The breach was disclosed on 7 September, with Equifax revealing hackers had compromised the personal information of nearly half the population of the United States. Equifax said Smith would forgo his 2017 bonus, but will still receive a payout of US$18 million. Equifax is searching for a successor to fill his position.

The breach occurred from mid-May through July 2017, and Equifax also identified unauthorised access to limited personal information for certain residents of the UK and Canada.

Equifax, like many US companies, requires people to agree to settle disputes by arbitration and forgo their right to a trial by jury. Big corporations have poured money into the political system to win less regulation and mandatory arbitration clauses have become the norm.

Yet, in the wake of the Equifax disaster, the Consumer Financial Protection Bureau is fighting to help regular Americans defend their right to trial by jury, as guaranteed by the 7th Amendment to the US Constitution.

Whatever the result, confidence is shaken in the whole credit system, and the fallout may reverberate for years to come. Regular American people — potentially anyone who has ever applied for credit — must obsessively monitor personal credit reports for years to come, identity theft being a real danger that will not pass swiftly.

The writer is currently in Washington DC.


26-27 February 2020 | Hilton Brisbane

Connecting the region’s leading data analytics professionals to drive and inspire your future strategy

Leading the data analytics division has never been easy, but now the challenge is on to remain ahead of the competition and reap the massive rewards as a strategic executive.

Do you want to leverage data governance as an enabler?Are you working at driving AI/ML implementation?

Want to stay abreast of data privacy and AI ethics requirements? Are you working hard to push predictive analytics to the limits?

With so much to keep on top of in such a rapidly changing technology space, collaboration is key to success. You don't need to struggle alone, network and share your struggles as well as your tips for success at CDAO Brisbane.

Discover how your peers have tackled the very same issues you face daily. Network with over 140 of your peers and hear from the leading professionals in your industry. Leverage this community of data and analytics enthusiasts to advance your strategy to the next level.

Download the Agenda to find out more


David M Williams

David has been computing since 1984 where he instantly gravitated to the family Commodore 64. He completed a Bachelor of Computer Science degree from 1990 to 1992, commencing full-time employment as a systems analyst at the end of that year. David subsequently worked as a UNIX Systems Manager, Asia-Pacific technical specialist for an international software company, Business Analyst, IT Manager, and other roles. David has been the Chief Information Officer for national public companies since 2007, delivering IT knowledge and business acumen, seeking to transform the industries within which he works. David is also involved in the user group community, the Australian Computer Society technical advisory boards, and education.



Recent Comments