The latest privacy breach is outrageous in two ways. First, Equifax incompetence should cause us to not use them or trust them. This is the third time they have been hacked in two years. The news coverage makes it sound like it is just one of many, and being hacked is just the way it is. That is not the true. It is possible to protect against breaches. Not doing so represents gross negligence and incompetence. Security is especially important for the business they are in, providing credit rating information at a personal level. They have obviously not made this a priority. A small company may not have the skills and resources to properly protect their website. Equifax has nearly seven billion in assets and nearly four billion in revenue. There is no excuse for them not protecting our data.
The second thing we should be outraged about is their response. Three of their top executives sold nearly $2 million of company stock right after the breach happened. The company said the executives were not aware of the breach. We were not either, and the company did not disclose the breach for six weeks. Even more outrageous to me is the company apologized, but then said they will compensate the millions of consumers who had their privacy violated because of Equifax incompetence, by offering a free year of the company’s service. In other words, their response is to launch a promotional campaign to get people to sign up and then start paying after a year. In order to sign up and find out if you were affected, you have to go to their site and enter personal information. I would not accept their offer if they paid me to do so. One thing out of this disaster is clear: lawyers will make millions. Whatever settlement is eventually reached will be trivial for consumers and in no way compensate for the violation of our privacy due to Equifax incompetence.