In 2017, millions of Americans had their data — credit card numbers, Social Security numbers, driver’s licence numbers — stolen from the credit reporting agency Equifax. But there’s been accountability, says CEO Mark Begor: executives didn’t get bonuses.
Ayanna Pressley: I just want to know if anyone was fired and held accountable for this data breach.
— Public Citizen (@Public_Citizen) February 26, 2019
Predictions at the time were grim for Equifax and the credit reporting industry. Public outrage was expected to force change and executives who seemed to use advance knowledge of the scandal for insider trading were expected to face the full might of the criminal justice system.
But that didn’t happen.
And it wasn’t as though the data breach at Equifax was purely the result of outside actors. A Congressional report released late last year found that the breach was “entirely preventable,” arguing that Equifax failed to modernize its technology and instead stored valuable and sensitive data on outdated and subpar systems. It was also found that the company failed to patch its infrastructure when vulnerabilities were detected.
Equifax’s then-CEO Richard Smith still made over $9 million the year the breach occurred.
Worse, companies continue to place profit protection ahead of consumer protection. Instead of being punished for that, Equifax was rewarded by Congress.
“In exchange for a small provision helping servicemembers watch their credit, the bill forces them to give up their right to take Equifax to court the next time the company’s recklessness exposes sensitive financial data,” said Sen. Sherrod Brown (D-Ohio), now a potential 2020 presidential candidate, while serving as ranking member on the Senate’s Banking, Housing and Urban Affairs committee.
Brown continued: “If that weren’t bad enough, the bill also gives Equifax a big new business opportunity, directing our federal housing watchdog to adopt a new credit scoring model that will benefit a company Equifax co-created.”
Equifax’s data breach is the fifth largest to occur in the 21st century. At 143 million impacted, it was dwarfed by Yahoo’s 2014 data breach that released information on 3 billion accounts. But the sensitivity of the information obtained by the Equifax breach and the fact that no real punishment or reform arose from that breach made it especially egregious.
And so, when Begor told Congress that executives were held accountable by losing bonuses, it is little wonder that Rep. Ayanna Pressley (D-Massachusetts) responded harshly.
“Ultimately, if the goal here is to treat people and customers as consumers and not as products,” she said, “then we can’t in any way be complicit to executives that are turning a profit that are unscathed when there are customers that are still struggling to recover from the damage that your company caused.”
Katelyn Kivel is a contributing editor and senior legal reporter for Grit Post in Kalamazoo, Michigan. Follow her on Twitter @KatelynKivel.