retail news in context, analysis with attitude

The consumer credit reporting agency Equifax yesterday said that hackers had gained access to the personal data, including Social Security numbers and driver’s license numbers of some 143 million US consumers.

The New York Times writes this morning that “criminals gained access to certain files in the company’s system from mid-May to July by exploiting a weak point in website software, according to an investigation by Equifax and security consultants. The company said that it discovered the intrusion on July 29 and has since found no evidence of unauthorized activity on its main consumer or commercial credit reporting databases … In addition to the other material, hackers were also able to retrieve names, birth dates and addresses. Credit card numbers for 209,000 consumers were stolen, while documents with personal information used in disputes for 182,000 people were also taken.”

“This is about as bad as it gets,” Pamela Dixon, executive director of the World Privacy Forum, a nonprofit research group, tells the Times. “If you have a credit report, chances are you may be in this breach. The chances are much better than 50 percent.”

The Times writes that “the company handles data on more than 820 million consumers and more than 91 million businesses worldwide and manages a database with employee information from more than 7,100 employers, according to its website. Equifax also houses much of the data that is supposed to be a backstop against security breaches. The agency offers a service that provides companies with the questions and answers needed for their account recovery, in the event customers lose access to their accounts.”
KC's View:
I guess the odds just went up that many of us are going to be getting emails from banks and retailers suggesting that we change passwords and issuing new credit/debit cards.

While this is pretty bad, what is even more reporting is the report that in the days following the hack, but before it was reported publicly, three Equifax senior executives, including the CFO, apparently sold stock that they owned in the company. Hard to have a lot of faith in a company where senior execs behave so faithlessly.