You can brand Equifax as the new Yahoo, the new Target or the new Sony — but that would be glaring understatement. The damage wrought by the hacking of Equifax is bigger and broader than in those previous data breaches. And so, expect Equifax to forever wear the hair shirt of corporate catastrophe.
Equifax likely will survive but will pay a stiff, lasting price for allowing a data breach that affects as many as 143 million Americans, more than half of the country’s adult population.
The company is facing a cascade of lawsuits. Federal lawmakers want congressional hearings, and reportedly the FBI is investigating. It’s a sure bet that Equifax and the country’s other two major credit monitoring agencies, Experian and Chicago-based TransUnion, face a big step-up in regulation.
It all amounts to a humbling, painful lesson for Equifax and its executives. But if all the other companies that deal in troves of our private, sensitive data think it’s a lesson with no relevance for them, they’d better think twice. Banks, health care systems, utility companies, telecom providers, colleges, employers, tax revenue departments, insurers, money managers — all typically are custodians of Social Security numbers and a wealth of other private data. Consider the Equifax debacle a loud wake-up call.
What distinguishes the Equifax fiasco is that Social Security numbers were exposed. Those are master keys that identity thieves can use in a variety of ways — to apply for credit as the faux you, steal your medical benefits or even commit crimes in your name.
Someone gets their hands on your credit card? Vexing, yes, but the remedy is simple. Call up the bank that issued the card, cancel the old number and get a new number. Or if someone has pilfered one of your passwords? Change the password and move on. But if hackers swipe your Social Security number? That puts you at peril of identity theft for as long as you’ve got a beating heart.
FROM AN EDITORIAL IN THE CHICAGO TRIBUNE