Bloomberg explore the fact that credit bureaus have little incentive to take hackers seriously and discusses if they should indeed become public utilities with government oversight.
There are two core issues that the U.S. should be grappling with in the wake of the Equifax breach. The first is that this country’s methods for securing data are absurdly porous. Thieves who have stolen your identity aren’t likely to have much a problem answering those “security questions” companies rely on. (“What is your mother’s maiden name?”) Passwords are breakable. And it is crazy that companies force us to hand over our social security numbers as a security measure. Many companies still don’t take data security seriously enough—including Equifax, even though, as its chief executive Richard Smith correctly noted, the breach “strikes at the heart of who we are and what we do.” As Wired reported on Thursday, a patch to fix the vulnerability was made available two months before the breach. Equifax failed to use it.