Equifax should be regulated like a public utility | Commentary

Will this summer’s data breach involving 143 million of the credit bureau’s U.S. customers finally generate enough fear and outrage to cause Congress, the financial system and the rest of us to do something about identity theft?

Will Equifax finally be the one?

Will this summer’s data breach involving 143 million of the credit bureau’s U.S. customers finally generate enough fear and outrage to cause Congress, the financial system and the rest of us to do something about identity theft?

It didn’t happen in 2013, when hackers compromised 110 million credit cards at Target. A theft of 56 million customer accounts at Home Depot didn’t do the trick in 2014. Nor did break-ins at Anthem in 2015 (80 million) and Yahoo in 2016 (1 billion!).

It’s scary each time, but never quite scary enough. Maybe a few executives get called on the carpet by Congress while the company issues a public apology and offers to extend credit monitoring services to aggrieved consumers. Maybe it has to pay millions in class-action settlements. Maybe it gets trolled on Twitter.

Most Read Stories

Unlimited Digital Access. $1 for 4 weeks.

But soon enough the outrage fades, and Congress and the public move on. Many experts are saying that the Social Security and credit-card data stolen from Equifax are likely to do far more damage than a typical retail breach because the credit bureaus hold so much of our most sensitive financial data. And the outrage quotient is higher than I can recall in past incidents.

Still, I doubt that the outcome will be different. This is doubly tragic because it’s not just data security that needs to be reformed; so do the credit bureaus themselves.

The main reason nothing happens is that the hackers “are getting so much better at how they use the stolen data,” the cybercrime journalist Brian Krebs told me. For starters, they’re patient. They wait for people to forget about the breach and let their guard down before they begin selling, say, stolen credit-card data to crooks. By the time your stolen data is used to buy something, you can’t even pin the blame on a particular breach because there have been so many subsequent ones.

They’re sophisticated: They now often use real Social Security numbers, combine them with phony identities and create synthetic identities, which they use to build credit histories and receive loans and credit cards. And they’re smart: They never make all the data…

Read the full article from the Source…

Leave a Reply

Your email address will not be published. Required fields are marked *