Business As Usual At Equifax

Have you heard about the massive data security breach at Equifax? Two months ago, the firm unwittingly permitted hackers to access the personal and financial information of 143 million people.

It didn’t reveal the breach until earlier this month. As a result, individuals were unaware of the problem — and thus were unable to take action to defend themselves — for an extended period of time.

Are you wondering how Equifax is responding to this awful event? If you visit its corporate home page, you are taken directly to its Personal Customers web portal.

And on that web page, the firm expresses an appropriate amount of concern. In fact, across the entire top of the page, it highlights the following bold-faced message:

Equifax Cybersecurity Incident:

To learn more about the cybersecurity incident, including whether your personal information was potentially impacted, or to sign up for complimentary identity theft protection and credit file monitoring … Click Here to Enter.

Not bad, eh? But if you visit its Business Customers web portal, there is no hint whatsoever that the firm is concerned about the breach. Its Business Insights blog offers no insights about it. Its Events list does not mention the event. And at the moment, there’s a graphic image that flashes at you across the top of the page, screaming in capital letters:


Presumably, Equifax hopes that the compliance teams of its business customers aren’t worrying about its massive security breach all night! Ironically, the promotional question leads to marketing content about an Equifax service called Compliance Connect.

So if you were to ask Equifax how it is responding to its monstrous data breach event, its answer may depend on your identity.

If you’re a person who is subject to harm, it’s the firm’s top priority. But if you’re a business customer?

Apparently, it’s business as usual.

Attack of the Baby Monitors

This is not a Halloween “spoof” essay. Last week, our baby monitors actually turned on us. As did our security cameras, DVRs, internet routers, and other web-connected devices. They joined forces in an attempt to crash the infrastructure of one of the organizations that maintains the backbone of the internet.

Because of the technology industry’s recent work to develop the Internet of Things, we’ve all heard about the future promise of refrigerators that place orders for food when supplies run low, or of automobiles that drive themselves to our destinations. But the cybersecurity features of these devices have lagged behind those that are maintained for computers.

And so these ancillary devices have proven vulnerable to remote manipulation by hackers. And they all remain in active use by the general public, ready to be summoned to strike again.

Some cybersecurity experts have raised alarms about hackers attacking our electric power grid. But what if such individuals are able to take control of the GPS and cruise control systems of our automobiles? Could they instruct our cars to drive us off our roads at high speeds?

Or what if they are able to access all of the Samsung telephones on earth? Could they program their batteries to explode and burn? That would cause a far more widespread catastrophe than the one that recently affected Samsung’s Galaxy Note 7 users.

Attacks of such magnitude might cause people to fear using their own automobiles or electronic devices. Without our cars and cell phones, many of us would have trouble surviving in our increasingly internet-managed world.

Until last week, such catastrophes only existed in the realm of science fiction. And perhaps, despite the attack of last week, they remain ensconced in that realm.

But the next time you consider replacing your stand-alone digital thermostat with a new web-enabled one, you might want to think twice about it. After all, you’ll be placing yourself at the mercy of a hacker shutting down your heat during a frigid winter evening, or your air conditioner during a humid summer afternoon.

No, this isn’t a fictional Halloween nightmare. But it could easily become a non-fictional real world tragedy if we don’t begin to take our cybersecurity more seriously.