Data breaches like the one reported by credit-reporting company Equifax are a great calamity of modern life. The ancient Egyptians had swarms of locusts; we have plagues of identity thieves and computer hackers. Nowadays we aren’t totally at the whim of nature or some capricious higher power, but we do have to actively protect our own interests.
In the case of Equifax, the breach lasted from mid-May through July. The hackers accessed people’s names, Social Security numbers, birth dates, addresses and, in some instances, driver’s license numbers. They also stole credit card numbers for about 209,000 people and dispute documents with personal identifying information for about 182,000 people, according to the Federal Trade Commission. You can visit www.equifaxsecurity2017.com for more information and to perform a basic check on whether your data is known to have been compromised. Also see tinyurl.com/FTC-Equifax-FAQ.
This was, of course, far from the first time a company or agency has lost control of private confidential information. Yahoo, Target and others have been in the news when electronic burglars have blown holes in Internet security and made off with information that can be used to set up fraudulent credit cards, empty bank accounts, divert tax refunds and commit other forms of theft.
It bears remembering that companies on the receiving end of computer hacks are victims themselves, incurring great costs and loss of trust.
At the same time, however, these companies bear comparison to a bank that didn’t employ good enough security guards or a strong enough vault for our money. After all the breaches of recent years, it is angering and dispiriting to learn a company set up to make money by policing the credit of individual Americans itself became the instrument that could allow criminals to wreck our credit. Lawsuits will inevitably arrive at a fuller understanding of how this happened and whether it should have been possible to avoid it. In technical legal terms, a major question will be whether companies owe consumers a fiduciary duty to fully safeguard our information. Most of us would argue they do.
In the meantime, we clearly must all become more active participants in protecting our own financial interests. Just as every responsible parent cautions young-adult children to guard debit and credit cards as if they were actual cash, we all must treat our credit lines and financial facts in the same way — like cash that can be stolen if we aren’t vigilant.
Having credit that some criminal can wreck is a decidedly modern “first-world problem” — in other words, a nuisance we’re highly privileged to possess. Even half a century ago in America, such easy access to credit was unheard of. And in much of the world, it still doesn’t exist. In essence, most of us have a nearly forgotten slush fund of hypothetical money floating around for thieves to grab when we aren’t watching.
We each should treat the Equifax incident as a spur to revamp management of our credit assets. The Washington Post offers some concise advice (tinyurl.com/Credit-Freeze-Post) on how to freeze (and unfreeze) your credit in such a way as to keep others from tapping it.
Other necessary steps include becoming more knowledgeable about passwords and the security questions financial institutions commonly use to establish people are who they say they are. For example, a genealogy blogger (tinyurl.com/Security-Question-Blog) has described how publicly accessible online family trees can provide scammers with many answers to commonly asked security questions, such as your mother’s maiden name.
Responding to all this is a hassle, one that most of us assumed we didn’t need to deal with. But we obviously can’t trust private corporations — or possibly even public agencies — to treat our private information as cautiously as they should. Congress and state lawmakers should hold corporate feet to the fire to make rights, responsibilities and penalties completely clear. And each of us must acknowledge and act upon the knowledge that our credit requires careful ongoing management.