Equifax says it's spent $200m on security since the breach, so everything's OK now

Originally published at: https://boingboing.net/2018/07/25/doxing-the-nation.html


Not that Equifax’s competitors are any better at security, but they have not (as far as we know) set in motion the ruination of millions of lives.

I feel like this may be an overly-optimistic take on the impact that credit bureaus can have on people.


Must have been one hell of a Christmas Party and Corporate Retreat to claim the spent $200M


They called for a mulligan.

This feels like closing the barn doors after the horses got out. I guess it’s great for the chickens that are still in the barn, but those loose horses are still financially f*cked.


What we need is a attorney general who will go after people who betray our natio… never mind…


I’d prefer that their assets be divided into three categories:

  1. money
  2. property
  3. data
    and that #3 be deleted forever, #2 sold and added to #1, and #1 used to pay for the prosecution of everyone C-level and above.

I don’t think Equifax has anything to show for this $200m spent on security. Besides, I don’t think that $200m is enough to clean house and fix the root causes of the security breach.

(The PR whitewash exercise didn’t cost THAT much.)

After the equifax shitshow I froze all my credit agency accounts (for which TransUnion charged me - fuck you very much).

Now I found that I can’t shop for insurance without completely unfreezing everything (for which TU would charge me again). I tried the temporary unfreeze with a PIN code, and none of the insurance companies I asked for quotes (for whom I had painstakingly set up codes and temporary permissions - and TU charged me again) were able or willing to deal with this.

So the system is still unredeemably broken and if we had a functioning government they might address this. But we don’t.


What would be a reasonable cash penalty for a data breach? $10 per person impacted $100 or maybe considering the potential damage to a person’s finances, maybe a thousand or $10,000, per person affected.

what about companies like Equifax that would be closed down by $100 or thousand dollar per person penalty?

It’s very much like the dangerous tool or gun question. If you can’t keep it away from a two-year-old, maybe you shouldn’t have it at all.

In other words they shouldn’t even collect any data that they can not secure.

Oh Equifax, go fuck yourselves with a rusty chainsaw. The lot of you ought to be in the slammer.

This topic was automatically closed after 5 days. New replies are no longer allowed.