Equifax example shows what companies shouldn’t do

AP Photo/Mike Stewart

AP Photo/Mike Stewart
Homes Plus
By
Sept 26, 2017
X

As the chief executive of Equifax Inc. steps down, a Dayton-area cyber-security expert says the company’s example in the past few weeks has been a case study in what companies in similar situations shouldn’t do.

“When there’s a potential loss of data or (a sign that) data has been compromised, the first thing not to do is start covering your own butt,” said Shawn Walker, co-founder and vice president of Miamisburg-based Secure Cyber Defense LLC.

Richard Smith, the chief executive of Equifax Inc., is retiring less than a month after his company first publicly acknowledged that it sat on news of a broad cyber-theft of customer financial data.

The retirement is effective today, according to a company statement. Mark Feidler, an Equifax board member, will serve as “non-executive chairman,” Equifax said. Paulino do Rego Barros, Jr., president of company’s Asia Pacific region, has been appointed as interim CEO.

RELATEDSenator calls for SEC, Justice investigation into Equifax

“The board remains deeply concerned about and totally focused on the cyber-security incident,” Feidler said in the company’s statement. “We are working intensely to support consumers and make the necessary changes to minimize the risk that something like this happens again.

“Speaking for everyone on the board, I sincerely apologize,” he added. “We have formed a special committee of the board to focus on the issues arising from the incident and to ensure that all appropriate actions are taken.”

RELATEDEquifax steps back from 'forced arbitration'

Equifax — one of the biggest consumer credit reporting agencies — acknowledged earlier in September that it suffered a “cyber-security incident” that affected about 143 million U.S. consumers.

The unauthorized access to the company’s data happened from mid-May through July this year, but the company did not alert customers until about six weeks after it was uncovered.

Information stolen primarily included names, Social Security numbers, birth dates, addresses and even some driver’s license numbers, the company said.

Walker said Equifax is showing that companies need detailed plans in place to deal with cyber attacks before they happen.

“We’re seeing an example where companies at the highest level are starting to feel the blowback that will come of not adequately protecting data,” Walker said Tuesday.

There were also reports of Equifax executives selling company stock after the breach was discovered but before it was publicly acknowledged.

In Other News
1
Coffee bar creation: Ideas for creating one in your home
2
What will be popular for interior design in 2025? Local real estate...
3
Local real estate: Updated Sugarcreek Twp. home for sale has balcony...
4
Local real estate: Brookville two-story for sale is located on road...
5
Improving outdoor spaces on a budget

About the Author

Follow Thomas Gnau on facebookFollow Thomas Gnau on twitter

Thomas Gnau is a business reporter who joined the Dayton Daily News in 2007. He has reported for daily newspapers in Ohio since 1991.