You may have heard that Equifax, one of the three major credit bureaus, let cyberintruders steal data on at least 143 million of their “customers.” (What’s the proper word for people who are in a company’s database whether they want to be or not? “Ccustomer” doesn’t quite describe it.)
If you go the the PR site Equifax has set up in response, you’ll find this “news” bolded at the very top:
No Evidence of Unauthorized Access to Core Consumer or Commercial Credit Reporting Databases
But the moment you dip into the actual statement text you get:
The information accessed primarily includes names, Social Security numbers, birth dates, addresses and, in some instances, driver’s license numbers.
Um … if that’s not part of their core consumer database, what is? One is left to wonder.
But! All is not lost! They’re offering FREE! CREDIT! MONITORING! To practically everybody in the Entire Known Universe!
Oh, lucky, lucky us. All we have to do, either to sign up for the monitoring or check to see whether Equifax gave our personal data to crooks, is … give them our name and 2/3 of our SSN.
Yes, give these sloppy, uncaring a-holes even more for them to hand over to identity thieves. And it seems that unless you were among the 200,000 or so who also had your credit card numbers stolen, this is the only way you’ll learn if you were one of their victims. (News reports differ on this, but some say they don’t plan to notify all the afflicted.)
The fact that they want six digits of your SSN rather than the standard four further suggests that they handed thieves at least that much of 143 million SSNs.
And I call them sloppy, uncaring a-holes not on the basis of this single breach. Not only is this at least their third info giveaway, but among credit watchers, Equifax is notorious for being the unparalleled worst of the three credit bureaus to deal with. Have a dispute with them? Get ready for a “customer” service nightmare. A mistake in the data they hold on you? Good luck getting it fixed. (Of course right now mistakes in your Equifax data might be a blessing in disguise.)
There’s so much that they aren’t saying at the moment.
We do know, apparently, that right after the company discovered the attack on July 29, This happened:
Potentially adding to criticism of the company, three senior executives, including the company’s chief financial officer, John Gamble, sold shares worth almost $1.8 million in the days after the breach was discovered. The shares were not part of a sale planned in advance, Bloomberg reported.
Pity that innocent “customers” and “consumers” can’t so easily dump Equifax.