After a massive data breach of the credit reporting agency Equifax that exposed personal data of about 153 million people, the superlatives and the mistakes didn't end there. Just three weeks since Equifax disclosed the situation publicly, the management’s action allegedly showed their lack of response to the damage, experts said.
Equifax’s purported incompetence has been observed by people since Day One when they directed the possible victims to another domain - equifaxsecurity2017.com. Observers noticed that the firm could have built pages within their main domain to handle the data breach. These observers also found serious bugs in the new domain where they directed their clients. While doing all these, the credit monitoring firm asked people to trust their breach-response site and to even submit some digits of their Social Security number to determine whether their data has really been compromised.
Casaba Security’s co-founder Jason Glassberg says, “Equifax sits on the crown jewels of what we consider personal identifying information.” Casaba Security is known as a cybersecurity professional services firm. “You’d think a company like that, guarding what they’re guarding, would have a heightened sense of awareness and that clearly was not the case,” Glassberg adds.
Another expert notes about Equifax’s breach incident. Tinfoil Security’s Michael Borohovski shares, “These are all indicators of a company that had a horrible security culture. Unfortunately, the only word for it is negligence.”
This data breach incident has raised awareness among people of the value of their corporate security. However, another question remains on whether the legislators or the regulators can deliver accountability for such breach.
|Photo by: Kopiersperre via Wikipedia|