Equifax: Part 2

Good post and information. Thanks, Seth.   

FWIW, checking the Equifax site to see if your file was affected doesn't commit you to anything and doesn't require you to agree to anything.  It's the subsequent enrollment in the one-year monitoring that (initially) does (did) that but Equifax now claims they're waiving any arbitration language.  No reason to believe them, but there you are.

From what I've read & heard, if you check, the answer is uniformly, "Yes".

As an afterthought and in a purely abstract way, the consequences to 143 million people aside, it's nice to see such arrogant pricks humbled.

Truly arrogant pricks are never humbled, they just go quiet for a little while and pop up just as arrogant or moreso someplace down the track.  However, a couple of surgeries come to mind: a lobotomy and castrastion so there's no evil spawn.

And then there's all these highrollers and politicians suggesting we go electronic and cashless. 

I checked before (http://drjbhl.joeuser.com/article/484905/Potentially_143_Million_Peoples_Data_Breached), and rechecked...still negative.

So, you might just be seeing folks who might well have had their data breached.

What I find unforgivable in all this is that it was so easily preventable. I mean, seriously, just who doesn't know that software has to be updated, especially after being informed of a vulnerability and having the patch easily available? A music major.

It does seem incredibly stupid doesn't it?  Almost too stupid.  I've been wondering if someone somewhere along the chain was influenced by an outside party.  Equifax would be a huge target.

When such a company is dealing with millions of peoples accounts it IS its responibility to protect that data at all costs.  However, employing an under-qualified person to oversee that responsibility, as it seems happened in this case, makes that company both negligent AND irresponsible.  And for mine, a music major with little to no tech/IT experience is not only under-qualified but somewhat arrogant [possibly a liar] to have walked into such a job.

And there'll be lawyers lining up to represent victims because they all love the smell of a class-action suit in the morning.

Credit freezes can be done online for any reason and without any special documentation, for costs ranging from free to $15 depending on what state you're in. The worst of them is Transunion, who requires you to create an account to do it. For the others, you just put in your info and your payment and you're done. Experian requires a duration to be given (up to seven or eight years) but the others don't; it's effective permanently until you unfreeze it.

It's fraud alerts that are only effective for 90 days unless you provide a police report, etc. But you can do those online too, and for free.

Behind a lot of technical problems are people problems.    The technical expertise to prevent these problems is probably already all there, at Equifax.   For whatever reason, people just didn't care.   It's work.

Absolutely could be the case.

However. that very scenario provides additional opportunity for outside influence.  I'm not sure it should be dismissed as incompetence, attitude, or overwork.  Something of this magnitude warrants a closer look as far as I'm concerned.  Somebody could be sitting with a million dollars in an offshore account right now.

The Peter Principle

I interviewed at Equifax about 12 years ago for a project management position.  The distinct impression I got was that the management level above that was looking for someone to take the blame for projects with bad histories that would be assigned to him.  I'm a technical guy; that level of internecine warfare I avoid like the plague (which is why I avoided the academy).  But in that environment, incompetents rising high is no surprise at all. 

Yup, kind of like that.

And unqualifieds.  During my working life I saw many who had little to no clue what they were doing rise through the ranks to positions of power.  One in particular, who didn't even finish primary school and could neither read or write properly, still used his fingers to count, charmed his way up the managerial ladder and attained a very high level of power and influence..... all because he was 'charming' and had a vibrant personality.  He was the least qualified, made more mistakes than most, and it made no sense, but there he was, area manager and in charge of the factory where I worked.

Turns out Equifax had also been hit in March.  Not a lot of detail here, mainly just linking because it seems like I would have to be "making this stuff up":

https://www.cbsnews.com/news/equifax-data-breach-happened-months-before-big-one-hit-report/

One way or another, seems like there's a problem.

Should one mention the people who sold some of their stock three days prior to make a public announcement regarding the breach?

They said they didn't know... 

Interesting, but what suggests a connection, beyond some people selling their stock?  Equifax stock traded during that time, and every transaction has a buyer and a seller. 

Well, obviously the buyers didn't know...

Thought it was 2-3 days after the breach event, not 2-3 days before public announcement which was much later.  Either way, doesn't pass the smell test.  Not even close.

EFX is averaging about 400k shares traded every trading session.   Each trade has a buyer and a seller.   The only irregularity I'm seeing is a sharp decrease in trading volume on August 6th--not increase.   

San Francisco Chronicle 9/7/17 LINK

[quote]The sales all occurred before the company publicly reported the breach, a disclosure that quickly sent its stock tumbling more than 13 percent Friday. The timing of the sales could attract federal scrutiny, legal experts say, though proving insider trading would be difficult. A company spokeswoman said the executives did not know about the breach when they sold their shares.[quote]

Hard to believe they were unaware.

Thanks.  That's it.   Selling by registered insiders right after they discovered the breach, but before it went public, certainly does the trick.

One would assume that shorts are obvious, but maybe not?

I'd bet pounds to a pinch of sh!t that they knew well in advance of it being made public.  That's the upper crust and corporate high-rollers for you.... slippery one day slimier the next.