If you’re a US citizen, chances are you’ve heard the name Equifax in the news dozens of times over the past month or so. The company is responsible for possibly the most devastating hack of all time, resulting in millions of people’s personal information (including Social Security Numbers and credit card info) being stolen by hackers. While many wonder how this could have happened, there is evidence that the problem could have been prevented painlessly, had the company simply installed a software patch as they were instructed to.
As a result of this hack, Equifax’s stock prices dropped an incredible 18.4% just four days after the news was spread. In the midst of this chaos, many people overlooked the executives, who sold their stocks just days after the hack, which was covered up for nearly one month. Financial leaders and government officials have been reeling since the news hit, wondering if the current credit system is functional enough, now that it has been revealed that it is not foolproof.
Although this tragedy has come into international attention, there is another point I want to make about Equifax that many people shy away from: they don’t learn from their mistakes, because they don’t care about learning from their mistakes.
This statement might sound harsh, but it’s true that the US citizens’ lives are not a priority for this company. The initial hack proved that much. However, the situation was handled poorly after the reveal. Rather than providing a free credit protection service to everyone affected, they offered a one-year free trial of their credit protection software, as long as they entered their personal info (including SSN) into a sketchy online website. Not only was it bad to ask for this private information so quickly after the attack, but the website was easily able to be replicated. In fact, Equifax tweeted links to a fake site, because they did not take the time to fact-check. This potentially led hundreds of people to a phishing site, right after one of the worst data breaches of all time.
Furthermore, Equifax was recently hacked again. This time, their website redirected visitors to a site claiming they must download a new version of Adobe Flash player. If users clicked the ad, their computer would be infected with adware, which was only detected by 3 of 65 antivirus providers, according to Ars Technica.
What exactly does all this mean for Equifax? Even if they are not sued into bankruptcy and somehow manage to recover, their reputation will be damaged forever. The company dropped the ball not once, not twice, but three times in the past few months. Millions of people will be affected for the rest of their lives, and Equifax has proven that they do not care about the safety of those required to use its system.
Data security is one place companies should never compromise. It may be easier to avoid patching a software, or let a bug remain, but hackers can and will exploit any weakness they find. I strongly urge everyone to take the best precautions they can to avoid situations like these, both at home and at work. But for now, continue to keep track of your credit, and remember that nothing is 100% safe.