Marketplace Logo Donate

Daily business news and economic stories from Marketplace

Is your data safer today than when the Equifax data breach was announced a year ago?

Saxby Chambliss, a former Republican senator from Georgia, advises former Equifax CEO Richard Smith before he testifies to the House Energy and Commerce Committee's Digital Commerce and Consumer Protection Subcommittee on Capitol Hill on Oct. 3, 2017. Smith stepped down as CEO of Equifax after it was reported that hackers broke into the credit reporting agency and made off with the personal information of more than 147 million Americans. Photo by Chip Somodevilla/Getty Images

Subscribe to our Newsletters

It’s been one year since Equifax announced it was the victim of a giant hack — four months after criminals stole the sensitive, personal information of more than 147 million people. In that year, not a whole lot has changed. No federal data breach notification laws, no big changes to how credit agencies collect information or tell you what they’re collecting. Equifax’s stock is almost back up to where it was before it told the public about the breach. One thing that has happened though: Equifax has spent $200 million beefing up its security. That was part of a deal with eight states that let it avoid fines in exchange for better protecting our data. We dig into this in Quality Assurance, our Friday segment where we take a deeper look at a big tech story. Host Molly Wood talks with Lily Hay Newman, a security reporter for Wired, who says senior executives at Equifax told her they’ve improved their security infrastructure. The following is an edited transcript of their conversation.

Lily Hay Newman: [The security improvements are] their side of the story. And for 147 million people [whose data was stolen], there’s probably outstanding questions about what that’s really going to look like and whether they can trust those remediations.

Molly Wood: And we still don’t know what, if any, long-term consequences there might be for Equifax. Is there any update on that side of the house?

Newman: There are some efforts to confirm that Equifax has made the changes to their security posture that they claim. Eight states signed an agreement with them, including California, to do sort of monthly progress updates and then a third-party audit at the end of this year to see how they’re doing and check their progress. But, yeah, in terms of the larger superstructure of the credit monitoring and reporting industry and of the identity protection industry, a lot is really still deeply enmeshed and intertwined.

Wood: And how about the ramifications for consumers? Has any of that started to play out in any traceable way?

Newman: I don’t believe so. I don’t think we know what happened to the data. I don’t think it’s been released on the dark web or being sold anywhere. So, so far, it’s not clear who took it or why. But I think the big ramification is kind of the larger issue of combining Equifax with all the other breaches that have happened. Now we really are at a point where people need to kind of assume that their Social Security number or their driver’s license number or their home address has been compromised in a breach. Because even if it wasn’t Equifax, combining that just massive amount of data with everything else that’s been exposed over the years, the odds are starting to get pretty bad.

What's Next

Latest Episodes From Our Shows

4:50 PM PDT
4:27 PM PDT
1:47 PM PDT
7:58 AM PDT
Oct 3, 2022
Sep 29, 2022
Aug 9, 2022
Exit mobile version