Overall, reporters, public officials, and bloggers are blaming Equifax for the breach and are quite angry with the company. The Los Angeles Times published an article that stated, "Equifax basically left all our data out on the lawn for anyone to walk off with - the upshot of failing to encrypt the databases that store some of the most sensitive details of our lives" (Lazarus, 2020). The breach wouldn't have happened if Equifax had installed the update and kept its guard up. The attackers used encryptions to go unnoticed while accessing the data but Equifax never thought to encrypt the data in order to protect customer's sensitive information. The author suggests that other companies such as, Google and Amazon, are not encrypting their data either and they should be. Lawmakers should step in and force the companies to encrypt all customer records. There should be fixed penalties for any breach. I think that this might be a good idea even though it will be costly for the companies and make it harder for consumers to access their data. Protecting people's private information should be of the utmost importance.
Twitter blew up within a few hours after Equifax tweeted that there was a cybersecurity incident and they acted immediately to stop the intrusion. They apologized to their consumers and business customers. However, they did not mention that 143 million individuals information could have potentially been hacked. U.S. representative Ted Lieu called the company out and tweeted, "Dear @Equifax: When you say "recently" do you mean about a month and a half ago? Why did you wait so long before disclosing the breach?" Random consumers posted negative tweets about the free credit monitoring system. One stated, "Give us your personal info so we can determine if we leaked your personal info in one of the biggest data breaches in history." The gentleman was obviously mocking Equifax. A lot of angry tweets were posted in response to the public finding out that three Equifax executives sold stock within days of the company claiming to discover the breach. Ted Lieu also tweeted about the decision of the Equifax executives to sell stock in the months after the firm was first aware of the breach in July. I believe that Lieu is in the right position to ask these questions.
Republican Congressman Will Hurd served on the House Oversight Committee, which investigated the breach. He stated, "This breach could have been prevented if Equifax would have followed some very basic things when it comes to good digital system hygiene" (CBS News, 2018). Equifax failed to modernize its technology, did not patch the vulnerabilities which they knew about about from Apache, and stored sensitive data on outdated and not very reliable systems. I believe that what the Committee concluded about the breach is very accurate. I hope that other companies will learn from this and take measures to prevent this from happening to them.
References:
https://www.latimes.com/business/story/2020-02-10/equifax-data-breach-china
https://www.secureworldexpo.com/industry-news/equifax-breach-social-media
https://www.forbes.com/sites/thomasbrewster/2017/09/08/equifax-data-breach-history/?sh=4925a7bf677c
https://www.cbsnews.com/news/equifax-data-breach-was-entirely-preventable-congressional-report-finds/


If Amazon had a data breach, do you think that breach would be worse than Equifax? Especially during times like this, so many people are shopping from home and people are purchasing from Amazon everyday. If Amazon has weak data security, the thousands of credit card numbers that could be stolen is alarming.
ReplyDelete