Equifax Security Breach Demonstrates Corporate Fraud & Negligent Security
Negligent security doesn’t just apply to building owners who fail to keep their premises safe. The recent report released by the House Oversight Committee demonstrates that a consumer data breach—like that of Equifax—can constitute a significant crime of corporate fraud and negligent security as well. According to the report, the breach was “entirely preventable,” and exposes a “negligent company bent on growth and careless about its customers”—one that failed to take data security seriously—to the detriment of a number of innocent people.
How did all of this happen? While the company reportedly had an aggressive plan to grow quickly by acquiring other firms, it failed to meet those basic cyber security needs associated with its growth, leading to the exposure of approximately 150 million accounts—representative of nearly half of the entire U.S. population. According to the recently-released report, Equifax was more interested in collecting data than keeping it safe, allowing hundreds of security certificates to expire and IT development to seriously lag.
Lack of Reasonability Harmed Millions
As a credit reporting agency, Equifax had every piece of valuable information for its millions of customers: Addresses, driver’s license numbers, passport images, social security numbers, etc. Consumers had not voluntarily provided this information, nor are they ever given the option of opting out of having their information collected by these companies. When this type of sensitive information is collected for the purpose of running credit reports, but security practices are weak, it becomes a particular target for hackers. In a nutshell, by failing to have a reasonable security program in place, Equifax paved the way for one of the largest data breaches in U.S. history—and one that was entirely preventable. Hackers could access and remove large amounts of data because the company did not have basic security protocols, such as file integrity monitoring.
Even worse, when wronged customers called in, they were either met with call center employees who were untrained, or they were directed to a phishing website that was also fraudulent and led to a breach of consumer information.
Class Action Litigation: Contact Our Civil Litigation Attorneys to Find Out More
As a result of this negligence, the company was hit with a class-action lawsuit within hours of disclosing the breach, accusing it of failing to maintain adequate electronic security safeguards in an effort to save funds.
At The Baez Law Firm, our Florida civil litigation lawyers are experienced in working on high profile and complex corporate fraud and negligent security cases. We fight to discover the truth and hold those responsible accountable, especially when they failed to take basic measures to protect their customers. Contact our attorneys at the Baez Law Firm today to find out more.