“Another day, another dumpster fire in cyber security,” said Ryan Kalember, senior vice president of the cyber security firm Proofpoint. This is an accurate description of the helplessness some feel when it comes to cyber-attacks. They are difficult to prevent, and are costly to individuals and business alike. The recent victims are Equifax Inc. (NYSE: EFX) and the approximately 143 million U.S. consumers whose personal information has been stolen.
Equifax shares dropped about 14% Friday, after the company announced a cybersecurity incident potentially impacting approximately 143 million U.S. consumers, which is about half the population of the country. Criminals exploited a U.S. website application vulnerability to gain access to certain files, and based on the company's investigation, the unauthorized access occurred from mid-May through July 2017. Equifax has found no evidence of unauthorized activity on Equifax's core consumer or commercial credit reporting databases.
"This is clearly a disappointing event for our company, and one that strikes at the heart of who we are and what we do. I apologize to consumers and our business customers for the concern and frustration this causes," said Chairman and Chief Executive Officer, Richard F. Smith. "We pride ourselves on being a leader in managing and protecting data, and we are conducting a thorough review of our overall security operations. We also are focused on consumer protection and have developed a comprehensive portfolio of services to support all U.S. consumers, regardless of whether they were impacted by this incident."
According to a report by Reuters, the hack is among the largest ever recorded, and is especially alarming due to the richness of the information that was exposed to the hackers. The databases included names, social security numbers, birthdays, addresses and driver’s license numbers.