Two Equifax executives are retiring after a massive data breach affected nearly 150 million people in the U.S., and the company has come under fire for its response.
Equifax apparently learned of a huge data breach that leaked the private, credit-related information of 44 percent of Americans on July 29, more than a month before the company notified consumers that their data was compromised. (Equifax was silent about the breach until September 7.)
The hack involved names, Social Security numbers, birth dates, addresses, and driver’s license numbers, according to Equifax. Nobody knows – at least according to the company – who carried out the cyberattack or what they’re doing with the information.
Instead of letting consumers know they were at-risk, Equifax executives chose to hire a private cybersecurity firm to investigate the issue… and three executives sold off about $2 million in stock during the month the company knew about the breach but refrained from telling the public. (Equifax issued a statement that said the execs “had no knowledge that an intrusion had occurred at the time they sold their shares,” but there’s an investigation underway that may reveal a different story.)
Equifax has set up a website – www.EquifaxSecurity2017.com – and a call center that you can reach at 866-447-7559 to offer impacted Americans access to a free credit-monitoring service. Despite a shaky rollout, the program seems to be working now.
You can find out whether you were affected by visiting Equifax’s website and entering your last name plus the last six digits of your Social Security number. (Never mind that that’s the type of information Equifax already let slip through their fingers.)
A large number of states have begun class-action lawsuits against the company for those affected, which experts say will soon be consolidated into regional suits.
“Equifax probably injured 143 million people, which is kind of a record,” said John Coffee, the professor at Columbia Law School who directs the schools Center on Corporate Governance.
What Do You Think?
Was your information affected by Equifax’s data breach, and if it was, have you enrolled in the company’s indentity theft protection program? Will you participate in one of the class-action lawsuits? I’d love to hear your thoughts on the company’s month-long cover-up and the executives’ sales of $2 million in stock, too, so please let me know what you’re thinking on my Twitter feed or on my Facebook page – and use the hashtag #EquifaxDataBreach to join the conversation.