We should be outraged by the incompetence of Equifax, as suggested earlier. They were not the victim, we were. Nearly half the population of America may have given up personal information to thieves, a lot of information. Now that some details are emerging, there is even more to be outraged about. The Wall Street Journal reported security researchers at Cisco Systems Inc. discovered a bug in the web server software used by Equifax earlier this year. Apparently, Equifax had not updated to the latest version of the software. Keeping current with security patches is IT 101.
Although Equifax seems to be inept at the basics of security protection of a web server, the company is adroit when it comes to lobbying. The Wall Street Journal reported the company spent at least $500,000 on lobbying Congress and federal regulators in the first half of 2017. One of the key issues lobbied was to get a reduction in the legal liability for credit-reporting companies such as themselves. I would add the best way to limit liability from breaches is to properly administer web servers and keep the software up to date.
