Could the Equifax hack been prevented by better security?

Dave Marash
Dec 12, 2017 · 3 min read

Full Podcast:

Have a dog? Chances are, from time to time you may also have fleas. That’s kinda how it is in the digital universe. If you collect a lot of data, you will from time to time spring a leak, sometimes because someone has hacked into your data collection. So, you patch the leak like you give your dog some flea powder, and life goes on.

That seemed to be the approach at the credit rating data collecting giant Equifax , until, they suffered something well beyond a leak… a full blowout that exposed the sensitive personal data of 145.5 million Americans, including social security numbers, names, home addresses, and driver’s license numbers.

That gets people’s attention, and so does this. The potential dollar value of the criminal activity this data breach could enable could run well into the billions; exploitation of this one info-theft could go on for a decade or more.

Graphic by Amy Marash, public domain. please use with credit

How could this happen? The resigned CEO of Equifax, Rick Smith, says it was a single employee’s human error that opened the floodgates. But other analysts say this was just one breach of several, and that the responses to other Equifax hacks have often been as inadequate as in the big case revealed in September. Critics, including some from inside the company, say the security culture at Equifax didn’t take seriously the need to protect the intimate details of almost 150 million customers.

Another critic, Ira Rheingold of the National Association of Consumer Advocates said on HERE & THERE, that people whose records are held by Equifax aren’t customers at all. They’re commodities, he said, whose interests aren’t served by Equifax but served up for big profits to banks and credit card companies, car dealers, and gas stations, everywhere your credit or credit card are put to use.

Equifax has proved it’s not too big to fail…but it may prove too big to discipline. Equifax, Experian, Trans Union and Life Lock are just 4 big data collecting dogs, but they dominate the yard.

Voices from both parties in Congress have been issuing angry denunciations, and an old bill to regulate data collection has been re-submitted. Been there, seen that; but some new questions are being asked:

What does it mean that so much data, about so many Americans, is in the hands, or the digital vaults of so few corporations? And how do the private sector databanks of the credit card companies and that of Facebook compare…and how much of what they know do they share with the US Government?

Digital data-processing gear keeps getting better…more info can be collected and stored and winnowed faster and more efficiently than ever. No one can hold back that tide, because it produces so many benefits. But can it be controlled, regulated? and if so, how?

Full Podcast: