Equifax data breach ethical issues2/11/2024 The annual report released by the company had zero keywords mentioning the risks associated with data breaches and Equifax may not be the only company at fault in this regard. Equifax made the same mistake and failed to acknowledge the inherent risks that came with the domain that they operated in. Īs a company moves into the digital space, all the positives that come along with it may conveniently drown out all the risks. ![]() The security issue that led to the Equifax breach(published on March 10,2017). Equifax had a lot of time to address the issue and in multiple instances security analysts reported the lack of support for security updates. The security issue was published on March 10 and was rated as a risk based on a CVSS score of 10 (please see Exhibit 2). But were there visible signs that Equifax ignored that might have helped them mitigate the risks and prevent this attack from happening? The hackers exploited a security vulnerability,CVE-2017-5638, associated with Apache struts, a software framework used by Equifax. While Equifax publicly announced about the breach in September, reports suggest that the hack took place months earlier in May-June 2017 and that Equifax may have even known about the issue as early as July 2017, based on the fact that key executives ended up selling their stock options right after the data breach took place. All Rights Reserved.Pathways to Just Digital Future Watch this tech inequality series featuring scholars, practitioners, & activistsĮquifax operates in the business to business space providing consumer credit information to its customers, ranging from insurance firms to banks and other financial institutions. All content of the Dow Jones branded indices © S&P Dow Jones Indices LLC 2019 and/or its affiliates. Standard & Poor's and S&P are registered trademarks of Standard & Poor's Financial Services LLC and Dow Jones is a registered trademark of Dow Jones Trademark Holdings LLC. Dow Jones: The Dow Jones branded indices are proprietary to and are calculated, distributed and marketed by DJI Opco, a subsidiary of S&P Dow Jones Indices LLC and have been licensed for use to S&P Opco, LLC and CNN. ![]() Chicago Mercantile Association: Certain market data is the property of Chicago Mercantile Exchange Inc. Factset: FactSet Research Systems Inc.2019. Market indices are shown in real time, except for the DJIA, which is delayed by two minutes. CNNMoney's Paul La Monica contributed to this report "The fact that it had a data breach of this magnitude is really quite significant and a great concern for the future of the business," said Chaffee. Equifax told CNNMoney that the sales were just a "small percentage" of what these executives own and that they all "had no knowledge that an intrusion had occurred" when they made the sales.īut Equifax ( EFX) shares plunged 14% on Friday, so these executives did in fact benefit from the fact that the information was not public at the time of their trades. And Rodolfo Ploder, president of workforce solutions, sold stock for just more than $250,000 on August 2. information solutions, sold shares worth about $685,000 on August 1 as well. Joseph Loughran, Equifax's president for U.S. Equifax Chief Financial Officer John Gamble sold shares of the company's stock worth nearly $950,000 on August 1. One salient fact that the company has revealed: Three of its top executives sold large blocks of stock days after the company discovered the breach. Related: Equifax executives sold stock before hack was disclosed "The stock price for the last five weeks did not accurately reflect the facts that we now know. The company will almost certainly face lawsuits from both consumers who had their records stolen and Equifax investors, according to Chaffee. The SEC would not say Friday whether it was looking at Equifax's disclosure in this case, and Equifax did not respond to requests for comment on why it took so long to make the information public. Attorney's office for the Southern District of New York. Federal Trade Commission, a number of state attorneys general, and the U.S. ![]() After its own massive data breach was disclosed last year, Yahoo said that it was under investigation for how it handled the hack by the SEC, the U.S. The SEC issued guidelines in October 2011 to companies as to when they have to disclose a breach.
0 Comments
Leave a Reply.AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |