The Skinny on the Devastating Equifax Data Breach
If you’re still wondering what the Equifax data breach means to you, read on! We round up the news that matters the most to you about the continuing problems with Equifax. The business credit reporting giant is still in hot water.
New Leadership at Equifax
In the wake of the 2017 Equifax data breach, the company was shook up as if it had been hit by an earthquake. In particular, the president, Richard Smith, abruptly left the company. However, the Board of Directors took the rare step of saying they could retroactively reclassify Smith as having been fired for cause.
Currently, Smith receives over $18 million in pension benefits and he holds $20.8 million in stock awards, plus $23.6 million in Equifax stock. A firing for cause would likely mean the company would force him to repay or forego some of that compensation.
If Smith is on the receiving end of a lawsuit and loses, then the Board may very well change its records and say they fired him for cause. Back on October 4, 2017, Smith testified in front of the Senate Banking Committee for about three hours.
Questioning including if the company had told consumers of the breach so they could take proactive steps to prevent consumer credit damage, and how the credit bureau could (and should) have acted to prevent such a breach in the first place. This was reported by, among others, the New York Times.
And now, according to Fortune, Mark Begor was named the new president of the credit reporting agency in March of 2018. Begor’s new job officially starts on April 16. Before taking over the troubled CRA, Begor was the managing director at Warburg Pincus. And before that, he spent 35 years at General Electric.
Mr. Begor will undoubtedly also have to address press inquiries regarding the criminal and civil insider trading case against former senior executive Jun Ying (reported by, among others, Ars Technica). This case was brought by the Securities and Exchange Commission and the United States Attorney’s Office for the Northern District of Georgia.
He (Mr. Begor) will most certainly also have to deal with O’Dell Properties, LLC, O’Dell & O’Neal, P.C., Jellie Donuts, LLC, et. al. v. Equifax, Inc. The O’Dell Properties matter is a class action alleging damages to several businesses due to last year’s data breach.
The Equifax Data Breach: More Indictments On The Way?
Whether more indictments will be handed down in the future is hard to say. Three other Equifax executives also seem to have protected themselves by selling shares with a combined value of $1.8 million on August 1 and 2, a mere few days after the July 29 discovery of the breach, per documents that were filed with securities regulators.
However, the company claimed the executives did not know about the breach when they made their trades. Ying, on the other hand, was turned into the SEC by Equifax.
These executives are the Chief Financial Officer John Gamble; and Joseph Loughran, Equifax’s president of United States information solutions; plus Rodolfo Ploder, Equifax’s president of workforce solutions.
Mr. Begor is probably not going to have an easy time of it.
Continued Software Problems Plague Equifax After the Equifax Data Breach
And then there’s the technical side of things. Back on Thursday, September 7, 2017, the Associated Press reported the data breach at Equifax. A somewhat vague initial report gave way to more detail on Friday the eighth. Here are the details.
AP described the attack on Equifax as a “high-tech heist”. Some 143 million Americans’ data was a part of the breach. This exposed sensitive information such as Social Security numbers. The breach was evidently an exploit in a website application.
Equifax Data Breach: How the Company Shot Themselves in the Foot
However, one of the more troubling issues about the breach is how tardy Equifax was in reporting it. Exposure meant the hackers had access to files between the middle of May and July of 2017. Apparently Equifax caught the breach on July the 29th but the company waited until September 7 to publicly announce it.
According to Ars Technica, the breach came through due to a software security patch not being installed. In fact, Equifax’s IT department had had the fix for two months before installing it.
First Stumbles After the Equifax Data Breach
Then the company stumbled while trying to help the people affected by the breach. The company first established a website, https://www.equifaxsecurity2017.com/, where consumers could look up if their personal data had been a part of the breach. Consumers could also telephone toll-free (866) 447-7559 for additional information.
Equifax also initially attempted to get consumers to waive their rights to sue the company if a consumer would agree to get free credit monitoring. The company has since retracted the waiver attempt.
Fatal Flaws in Trying to Fix the Equifax Data Breach
However, the Equifax Security 2017 website proved to be fatally flawed. On October 12, 2017, Ars Technica reported that there were redirects on the site, which led to spammy sites (e. g. “You just won an iPhone!”) or to a download of Adobe which was anything but.
Instead, these downloads were malicious and Symantec (they are the Norton people), Panda, and Webroot detected them as malware. Malwarebytes, Avira, and Eset also showed red flags, although for a different stage in the process.
Now, according to CNBC, the company attempted to notify numerous persons of how the breach could affect them. That’s the good news. But the bad news is that the letters were inaccurate. Equifax has not confirmed just how many bad letters were sent out.
Mr. Begor will probably also be – one would hope – looking to replace a good chunk of the IT department.
The Equifax Data Breach: How All This Affects You
So if you need to dispute your personal Equifax report, go here.
Credit Monitoring: Always a Good Idea, Particularly Important After the Equifax Data Breach
Monitoring your credit is always a good idea, but with the breach and what’s happening with it, it’s more important than ever. When it comes to credit monitoring, Equifax’s credit monitoring service is called Business Risk Monitor.
In addition, we can help you monitor business credit at Experian and D&B for a lot more than it would cost you at the CRAs. Our credit building programs also offer significant savings on credit monitoring.
Reading Your Equifax Business Credit Report
No article on Equifax would be complete without a look into the guts of one of their reports. Know what you’re dealing with, in case you need to dispute anything. Let’s peruse your actual Equifax business credit report. It is in sectors.
Company Identifying Information
The very first part shows identifying information regarding your company, e. g. the business name, and its address and telephone number, but also data such as whether or not your business is a corporation, and the date you first went into business. This area will also consist of the number of employees and your business’s yearly sales. This element will additionally reveal if there are any alerts. So it is just below the date.
These first sections represent a synopsis of the balance of the report.
The next segment consists of two scores:
- Your small business credit risk score for suppliers and
- Your business failure risk score.
Next off, the report shows public records. These consist of bankruptcies, judgments, and liens, and show the amounts, if any, and the filing dates for the most recent ones. This section also demonstrates the conclusion of these matters, e.g. if the lien was paid off.
The next part is a pie chart showing your company’s credit usage. It graphically shows which percent of your available credit line you are utilizing. It also has identifying labels which show how much each percent truly is. So this is your credit utilization rate.
Credit Report Summary
In the summary area, the report shows the quantity of your small business’s credit accounts, and the date these credit accounts became active. It also has any amounts past due, and your most severe status within the last 24 months. This is how slowly you have paid off your debts. And it has the single highest amount of credit extended, the median balance, and the average open balance.
All of these factors go into financial and nonfinancial categories. Your company’s recent activity is also there; this includes things like the number of new accounts opened or delinquent accounts, the number of inquiries, and the number of updated accounts.
This area also includes a line graph which stands for a trend line showing your company’s average days beyond terms by date reported. So this is for your nonfinancial accounts only. The report will point out the recent trend, and how many days, if any, your company is behind terms. This section also shows your business’s payment index and contrasts it to your business’s industry.
Financial Account Highlights and Details for the Most Recent 36 Months
This next sector starts with highlights and then goes into detail). It includes basic information on financial accounts like commercial credit cards and leases, showing status; opening and closing dates; original and current credit limits; balance; unpaid amount, if any. And it has your company’s 24-month history.
The details subsection expands on the highlights section by incorporating facts such as the payment amount and frequency, and if a debt is secured. So secured vs. unsecured credit matters a great deal in case of a bankruptcy. This is because secured creditors get a better place in line for limited assets.
Financial Account Payment Details
This next section shows balances, past due amounts, aging categories, and dates of first delinquency, if any, for the most recent 12 month period.
Non-Financial Payment Credit Experiences and Status
The following section shows trade accounts and the like, as well as includes balances, aging categories, and a 24-month history.
Next up are public records. This section shows more complete facts on judgments, liens, and bankruptcies.
The next part shows the particulars of what went into your business failure risk summary report.
The final portion of the report shows any DBA information and any related files, plus any other miscellaneous information. These can include details including comments which might be in a report.
And… You Should Always Work to Improve Your Equifax Report
Since you know what goes into it, you can see that some of the more vital pieces of information Equifax studies are public records, credit usage, and how you manage your financial and non-financial accounts. Start getting rid of your debts as quickly as possible and not going delinquent. And start steering clear of tardy payments. Then you should be able to improve your Equifax score.
Equifax Data Breach: 2020 Update
On February 10, 2020, the Boston Globe reported that Attorney General William Barr and the United States Justice Department were charging four members of China’s military on suspicion of the 2017 hack into Equifax. The Attorney General noted there have been any number of data theft by the Chinese military in recent years. These thefts have been of sensitive information such as identifying American intelligence officers. Equifax’s financial data could be used to find out if any intelligence officers have money issues – and would thereby be subject to bribery or blackmail.
If you are as passionate about following the Equifax debacle as we are, please help us spread the word about how the Equifax data breach continues to affect nearly everyone, and what you can do about it.