Equifax CEO "Steps Down"

Norman_Bates

Equifax CEO Richard Smith "stepped down" today in the aftermath of the most recent severe hacking of its database in  which the credit card numbers of over 200,000 consumers were stolen and the financial data of many others potentially compromised.  Of course, he retains his $18.4 pension.  Apparently, this was the third such hacking of Equifax in the past year, prompting the question of why more foolproof measures were not implemented after the first.  It seems that congress intends to question Smith about his oversight of the company during these matter, perhaps starting by asking him about his decision to place someone with degrees in music in charge of the company’s data security.  http://www.marketwatch.com/story/equifax-ceo-hired-a-music-major-as-the-companys-chief-security-officer-2017-09-15

I trust congress will also question Smith about the fact that "three senior executives, including the company’s chief financial officer, John Gamble, sold shares worth almost $1.8 million in the days after the breach was discovered. The shares were not part of a sale planned in advance, Bloomberg reported."  https://www.nytimes.com/2017/09/26/business/equifax-ceo.html?mcubz=0  Gee, wonder what prompted their decision to dump their stock??

I have tried to place a credit freeze on my accounts.  Experian and Trans-Union were immediately responsive in implementing my request.  Equifax, however, demonstrated the same disregard it did in the year after the initial breach was discovered.  After at least a week without a response regarding my request for a credit freeze, I received an email today from Equifax telling me that they were aware I might not yet have received a response but I should expect to hear one "soon"...yeah, right.  

Perhaps others have been more successful.

Forget the mythological swamp in Washington.   Drain wall street and morally vacuous financial companies.  Start with Equifax, then on to Wells Fargo, etc.



Perseverance

The third?! Equifax is the worst.  What really irks me is that I didn't authorize them to have my information.  I did the credit freeze as well (it was easy) and then registered for TrustedID.  It took them almost 2 weeks for them to email me to finally register.  I cannot imagine they'll survive through this.


spontaneous

The problem is that we, the people affected, aren’t their customers. Corporations and banks are their actual customers. So as pissed of as John Q Public might be, he can’t actually take his business elsewhere since he was never a customer in the first place.


drummerboy

I think this is an unwarranted attack on Music majors, of which I am one.

We can learn other stuffs too.



Equifax CEO Richard Smith "stepped down" today ... 
...
It seems that congress intends to question Smith about his oversight of the company during these matter, perhaps starting by asking him about his decision to place someone with degrees in music in charge of the company’s data security.  http://www.marketwatch.com/story/equifax-ceo-hired-a-music-major-as-the-companys-chief-security-officer-2017-09-15



yahooyahoo

CEO should step down into prison.  Maybe if some of these guys were actually prosecuted for the fraud they commit, this kind of sh#t would stop happening.


Tom_Reingold

When we apply for credit, we do consent to using our data. Though I feel the power is massively imbalanced.

@drummerboy, you're joking, right? The guy wasn't qualified to KNOW if the company was doing a competent job. That's the problem.

I think this guy deserves to have his golden parachute taken away and for him to be stripped of all wealth. There is not a punishment big enough to fit his malfeasance.


Norman_Bates

Agree that there should be some degree of accountability for failing to address a known security breach that subsequently endangered the financial well-being of millions.  But it's the execs selling off of their personal stock before warning others and/or regulators that I find truly infuriating. As a non-attorney, I wonder if such behavior by Equifax execs could subject them to civil tort action?  As for criminal charges, perhaps that is a stretch?...I suspect incompetence and moral disregard is not illegal.  Otherwise, much of the current White House administrative team would be arrested.

Pleased to see that Sen. Elizabeth Warren is pursuing this matter...

https://www.google.com/amp/s/www.cnbc.com/amp/2017/09/26/equifax-dumped-ceo-to-get-ahead-of-brutal-grilling-from-sen-warren-next-week-analyst.html


qrysdonnell

As someone who's worked in IT management for a long time without any college degree, I can tell you that if someone has a decent amount of experience their prior college experience makes essentially no difference. This doesn't mean that hiring managers won't care, because some places just like to check that box for the heck of it. It doesn't matter what degree you have, you just have 'a degree'. Technology changes enough that any specifics you're going to learn are moot in a few years anyway.

The actual problem in this scenario (as well as with the recent NHS ransomware attacks) is that managers aren't properly weighing the risk of getting attacked versus the risk of causing an outage by installing updates. (Recovery from many disasters, even when prepared is not always quick or easy). To someone that hasn't been around IT, patching sounds like a no brainier. And while it should be, the reality is that sometimes when you patch things they break - and getting hacked like this is still relatively rare. Most IT people with a few years experience will have lived through a server that hasn't come up after being patched - while many can go a whole career without being actively hacked - a few random employees getting phished is usually all you see. So practical experience drives larger corporations where policy is written largely by old-school executives who are going to be slightly divorced from reality to accept the lower chance security risk instead of the occasional operational problems. Which, of course is idiotic in the long run, but it feels good at the time. I wouldn't be surprised if people at Equifax had tried to be more proactive with patches in the past and gotten yelled at for the occasional issue.

At least Smith has a fallback career!   cheese 


drummerboy said:

I think this is an unwarranted attack on Music majors, of which I am one.

We can learn other stuffs too.





Equifax CEO Richard Smith "stepped down" today ... 
...
It seems that congress intends to question Smith about his oversight of the company during these matter, perhaps starting by asking him about his decision to place someone with degrees in music in charge of the company’s data security.  http://www.marketwatch.com/story/equifax-ceo-hired-a-music-major-as-the-companys-chief-security-officer-2017-09-15



drummerboy

I'm not sure of the intent of your comment to me. I'm not talking about the CEO, I'm talking about the poor Music major.


Also, we never consented to the collection of our data. How does that work? Why do they get to see all of that info about us without permission?


Tom_Reingold said:

When we apply for credit, we do consent to using our data. Though I feel the power is massively imbalanced.

@drummerboy, you're joking, right? The guy wasn't qualified to KNOW if the company was doing a competent job. That's the problem.

I think this guy deserves to have his golden parachute taken away and for him to be stripped of all wealth. There is not a punishment big enough to fit his malfeasance.



qrysdonnell

I'd imagine in some pages of fine print somewhere you consented to just about anything they want to do.

drummerboy said:

I'm not sure of the intent of your comment to me. I'm not talking about the CEO, I'm talking about the poor Music major.




Also, we never consented to the collection of our data. How does that work? Why do they get to see all of that info about us without permission?




Tom_Reingold said:

When we apply for credit, we do consent to using our data. Though I feel the power is massively imbalanced.

@drummerboy, you're joking, right? The guy wasn't qualified to KNOW if the company was doing a competent job. That's the problem.

I think this guy deserves to have his golden parachute taken away and for him to be stripped of all wealth. There is not a punishment big enough to fit his malfeasance.





In order to add a comment – you must Join this community – Click here to do so.