The Unhackable is Unthinkable

Is there any entity that exists that cannot be hacked?

Even one of the three largest credit reporting agencies in the United States – Experian – that holds millions upon millions worth of consumer data, yep hacked.

Global information services group Experian announced Thursday that one of its business units had been hacked. The breach occurred on a server that contained data on behalf of one of its clients, T-Mobile. The data includes personal information for a combination of about 15 million customers and applicants in the U.S. who at one point may have applied for T-Mobile service. The company said that the incident did not impact its own consumer credit database (Source: Nasr, R., CNBC NEWS, 1 Oct 2015).

Am I supposed to be comforted by Experian’s statement that the breach did not impact its own consumer credit database? Here is a company that according to its website “…help businesses to manage credit risk, prevent fraud, target marketing offers and automate decision making.” Is it opposite day at Experian? In addition to Experian being responsible for massive amounts of consumer data, let’s underline the fact they sell identity theft protection. Yet Experian is so inept they cannot prevent identity theft within their own system.

I have not heard much about this occurrence, in fact hardly anything. When in reality, there should be uproar. These organizations have zero accountability. Even when our own government data is hacked, let’s say the bar has not been set real high.

Who can you trust to safeguard your information; at this point I think it is safe to bet that you can trust no one to safeguard your information. 

It is clear we have no idea what we are doing when it comes to utilizing technology. And by organizations and the like continuing to roll out and adopt the latest in technology that they do not understand they are continually putting us at a real risk. Yet, what is their risk?

If you aren’t 100% percent certain the data you collect is protected – then your organization should not be utilizing technology it does not fully understand. We are too far into these discussions and awareness of security issues for an organization to claim they are a “victim”, or for this to be occurring at all. It’s high time that organizations are held accountable – both organizations that allow your information to be stolen, and organizations that do not conduct proper due diligence and allow fraudulent information to be used.

Experian should immediately get out of the business of selling identity theft protection when they cannot even protect the data that they monitor. Lucky for the T-Mobile customers concerned with identity theft looks like they are being offered two years of free credit monitoring and identity resolution services through...Experian. So the same company that put your personal information at risk is your option for monitoring the aftermath? 

 

photo by martin belum