It’s your data. Shouldn’t you know if someone steals it?
By Lou Correa
The Equifax breach was unlike any other cyber breach — 143 million people had their private financial information stolen. Unlike other breaches, where you can always get a new credit card, here, you can’t get a new Social Security number, or new employment history, or new residence history. You can’t replace this information.
The Equifax breach demonstrated the potential vulnerabilities poor cybersecurity can create. Not only did the breach expose the personal and financial information of up to 143 million Americans, it was easily preventable. According to news reports, Equifax failed to install a critical software update after being notified of a potential security weakness and had weak and predictable passwords guarding access to our information. These two errors contributed to the hackers’ ability to steal Social Security numbers, birth dates, home addresses, driver’s license numbers, credit card numbers and credit dispute claims. Equifax had enough information on individuals that it could enable criminals to open bank and credit card accounts under your name, file for a tax refund, or even hijack your online bank account.
Due to the severity of the breach, the resignation of Equifax CEO Richard Smith is not shocking. When 143 million Americans are exposed, action is needed. But his resignation does nothing for the systemic failures that allowed this breach in the first place. If we as a country are going to take cybersecurity seriously, we need to work together. It only takes one “weak link in the chain” of associated firms to expose millions of consumers. And, while the use of large data and smartphones has made life easier, our world of constant connectivity and the free flow of data means that we’ll be constantly battling to protect our personal information.
I serve on the House Homeland Security Committee, and regularly deal with cybersecurity threats. These issues […]