In Chris Moschovitis’s recent article for Infosecurity Magazine, he discusses why the Equifax hack doesn’t matter. This recent data breach of the credit reporting agency has exposed nearly 143 million records of Americans, Brits, and Canadians. Of course, this is no small data breach. Equifax’s security measures were obviously sub-par to say the least, and their handling of the incident has left a lot to be desired. There will be, and should be, investigations, lawsuits, and appropriate penalties for those accountable. Having said that, the data breach still doesn’t “really” matter.
It doesn’t matter because all of our most private data is already out there in the world – probably being sold and bought by 100% legitimate businesses – data aggregators. These companies, such as Acxiom or qDatum, purchase people’s information to correlate and normalize the data before selling them back. Every free service you use – from social media to Google to the solitaire app on your phone – is collecting your data. It’s a simple fact of our existence. The life we live today is anything but private.
So, in that sense that none of our data was ever truly protected in the first place. The Equifax hack is getting the much-deserved press, but the problem is far larger. The one positive that can come out of this situation is the raising of public awareness. Once the press finds a new scandal to cover, Equifax will be all but a distant memory for many people. We must fight against that spirit of complacency that causes so many cases of identity theft, data breaches, and more. Cybersecurity is a shared responsibility – and this data breach can help us to put it at the forefront of every conversation.
When it comes to your personal privacy, or the protection of classified business documents, we encourage you to stay vigilant. If your data is already being bought and sold the world over, the only thing you can truly do is to carefully monitor your credit report and your activities. Nail down your own personal data protection system – for yourself and your organization. Ensure that your cybersecurity plan is airtight in case of a breach. You and you alone are accountable – so be aware. Be wary of where you enter personal information, or who your company partners with. Vet software carefully before implementing its use, and make sure your HR department is onboarding and offboarding staff correctly to minimize the risk of data leaking into the wrong hands.
There is much that you can do to protect yourself and your organization. Remember, an ounce of prevention is worth more than a pound of cure! Institute and manage your cybersecurity program today, or be left with a big mess to clean up!