On September 7, 2017,
Equifax, which is a major credit-reporting bureau, announced that there was a
cybersecurity attack in which attackers had breached the system. “Equifax is a
global information solutions company that uses unique data, innovative
analytics, technology and industry expertise to power organizations and
individuals around the world by transforming knowledge into insights that help
make more informed business and personal decisions.” (Equifax, 2018). It was
reported that nearly 145.5 million people were impacted by the breach exposing
each and every one of them to identity theft (Johnson, 2017). Many people are
angry and frustrated with how the company went about handling the situation.

The company knew something
was wrong when they started receiving thousands of calls from clients
complaining. What frustrated people even more was that Equifax presented their
clients with free identity theft protection but what they didn’t know was that
in the terms and conditions that almost no one reads, there was a clause
stating that the customers agreed to not sue them (Johnson, 2017). As time went
on, Equifax eventually dropped the clause in their terms and conditions. What
made the situation even worse was that the frim waited three full weeks before notifying
the board about the cyberattack and several months before informing their
customers and the public (Johnson, 2017). Shortly after the public learned
about the breach, the CEO was voted out by the board.

It was later discovered
through research that the Equifax was breached from mid-May through July 2017
due to a vulnerability in the web-application that had a patch available in
March (Newman, 2017). The company had more than two months to take action to
fix the issue and minimize the risk presented. Instead, the company took the
risk to have millions of their clients personal and sensitive information be
hacked and sadly, that’s exactly what happened.


Apparently, this isn’t the first
time Equifax has been under heat for its actions. Back in 1970, Equifax, which was
named Retail Credit Corp at the time was exposed by Alan Westin, the nation’s primary
authority on privacy law, for keeping a secret database containing records about
their clients lives and using their financial misfortunes against them (Johnson,
2017). At court, Westin argued that, “Almost inevitably, transferring
information from a manual file into a computer triggers a threat to civil
liberties, to privacy, to a man’s very humanity because access is so simple”
(Johnson, 2017). Due to this situation, the Fair Credit Reporting Act was created,
which empowered consumers to have control over their own personal information that
companies have stored on them (Johnson, 2017). People began to be skeptical and it took
a while for the trust to be gained back by clients. Although, fast forward 47 years
later and they are in the gutter yet again for a massive cyberattack due to their
lack of proper risk management.

We will write a custom essay sample on
On innovative analytics, technology and industry expertise to
Specifically for you for only $16.38 $13.9/page

order now

Equifax had a duty to
protect the data of its consumers and it failed immensely especially since most
people don’t even know how they are associated with the company. Some may check
their credit report and see that they have not been a victim of the breach but that
doesn’t mean it won’t happen in the future. Since the information is out there,
it can be used years down the road for something like identity theft. One thing
people can do to protect themselves is freeze their credit, which shuts down
credit access (Johnson, 2017). Freezing credit prevents people from committing
identity theft; although, the down side of this is that one will eventually
have to unfreeze their credit and be exposed to the risk again.

Equifax is suffering
scrutiny and massive losses due to the breach, which is well deserved since the
issue was known and could have been prevented. If Equifax would have simply taken
action when they discovered the vulnerability, this whole situation could have been
successfully prevented. Equifax is now heavily impacted and will continue to pay
the cost for their actions, especially with all the lawsuits that have been filed
and most likely will continue to be filed as time goes on. What people should
regularly do now to insure they do not become a victim is taking advantage of
free identity monitoring services, be aware and on the look out for scams like phishing
emails, and checking your credit report often (Johnson, 2017).


I'm Dora!

Would you like to get a custom essay? How about receiving a customized one?

Click here