mostlysignssomeportents:

From mid-May to July 2017, Equifax exposed the financial and personal identifying information of 143 million Americans – 44% of the country – to hackers, who made off with credit-card details, Social Security Numbers, sensitive credit history data, driver’s license numbers, birth dates, addresses, and then, in the five weeks between discovering the breach and disclosing it, the company allowed its top execs to sell millions of dollars’ worth of stock in the company, while preparing a risibly defective and ineffective website that provides no useful information to the people whom Equifax has put in grave financial and personal danger through their recklessness.

Equifax is in the business of helping employers and financial institutions punish people for making oversights in their business and financial affairs. Being late with a single payment or missing a single bill can constitute a black mark on your Equifax records that lasts for years or decades, affecting your ability to rent or buy a home or get a job.

By contrast, Equifax expects its stakeholders – whole nations’ worth of people – to overlook its gross misconduct. The website the company has stood up (an unpatched stock WordPress installation with a defective TLS certificate) just tells you to come back in a week to get a coupon good for a year’s worth of Equifax credit monitoring (without specifically disclosing whether your data was breached). Calling the company’s phone hotline connects you to a third-party subcontractor who directs you to the website and provides no details about the breach.

Searching the site for information about your breach subjects you to a clickthrough agreement in which you waive your right to sue the company.

Chief Executive Richard Smith called the breach “disappointing.”

https://boingboing.net/2017/09/08/identity-theft-politics.html