Equifax Real Sorry It Let Hackers Steal Your Driver's License, But It's Not Their Fault.
At the end of last week, credit reporting agency Equifax revealed that an additional 2.4 million people had personal information stolen last year as part of a hack that saw 145.5 million people lose personal information. Equifax says that these 2.4 million people aren't as screwed as the other 145 million people because hackers only made off with some of their drivers license information instead of their Social Security numbers. So you can see that is very comforting.
Skip over the fact that Equifax, one of the top three credit reporting agencies, allowed Social Security numbers for almost half the US population be stolen. Ignore the fact that they tried to hide their catastrophic fuckup for three months. Instead focus on the fact that nine months later Equifaxjust nowrealized that this hack was way worse than they knew.
In typical dystopian corporate fashion, Equifax set up a useless website with a squishy blurb about how this isn't as bad as it seems. They recommend freezing your credit, setting up a fraud alert, and using their horribly broken app.
Don't follow what little advice Equifax is giving you.
In context, this is like someone kicked down the door to your office, stole everyone's wallet, and then grabbed seven years of tax filings on the way out only to have the cops condescendingly tell you they'll investigate. Before leaving, they ask you if you want to buy tickets to the policeman's ball.
Normally you'd expect Congress to do something about hacks, and a few did try. A bill proposed by Sen. Bill Nelson would force companies to notify consumers within 30 days, otherwise its CEOs could face jail time, but it was conveniently lost in legislative purgatory. Instead, Congress passed a bill that barred people from starting class action suits against financial companies , like Equifax, as long as they hid a mandatory arbitration clause somewhere.
There's a number of other state and federal investigations looking into the breach, and a massive 50-state class-action suit is worming its way through the court system, but they're being held back as the Trump administration and Republicans coddle corporations. (More.) The one agency created to deal with corporate fuckery, the CFPB, was investigating the hack, but Mick Mulvaney has stopped the investigation as it would mean doing something in the public interest.
This has been your update on LOL oh well.
Everything is terrible. Please send money.
[ LA Times / Boing Boing / CNN Money / CSO Online ]