Well, Richard Smith has “resigned” from Equifax. The CEO being fired is a rare outcome of a breach, and so I want to discuss what’s going on and put it into context, which includes the failures at DHS, and Deloitte breach. Also, I aim to follow the advice to praise specifically and criticize in general,…
Read More It’s Not The Crime, It’s The Coverup or the Chaos
Post thumbnail
[Thursday, September 21th is the latest of 5 updates.] When I wrote “The Breach Response Market Is Broken,” I didn’t expect one of the players to validate everything I had to say. What I said was that the very act of firms contracting with breach response services inhibit the creation of a market for breach…
Read More Breach Vouchers & Equifax 2017 Breach LinksStamford Police said Jevene Wright, 29, created a fictitious company called “Choice Point Screening” and submitted false invoices for background checks that were submitted to Noble Americas Corporation, an energy retailer firm located in Stamford. (Patrick Barnard, “The Stamford (CT) Patch“) I don’t want to minimize the issue here. Assuming the allegations are correct, the…
Read More Choice Point ScreeningChoicePoint was supposed to take steps to protect consumer data. But the FTC alleged that in April 2008 the company switched off an internal electronic monitoring system designed to watch customer accounts for signs of unauthorized or suspicious activity. According to the FTC, that safety system remained inactive for four months, during which time unauthorized…
Read More Dear ChoicePoint: Lying like a cheap rug undercuts all thatThe University of Miami has chosen to notify 41,000 out of 2.1 million patients whose personal information was exposed when thieves stole backup tapes. The other 2.1 million people, apparently, should be reassured, that their personal medical data was stolen, but the University feels it would be hard to read, and well, there’s no financial…
Read More University of Miami: Good for the body, bad for the soul?In a comment, Tom Lyons asked: I have two clients who are asking me to investigate matters with Choice Point as it relates to inaccurate employment records provide to prospective employers. I am seeking persons who have similar experiences to determine a “pattern and practice” on the part of Choice Point. I don’t know Mr.…
Read More ChoicePoint's data qualityChoicepoint regularly claims a very low rate of errors in their reports. In the Consumer Affairs story, “Choicepoint gets a Makeover,” Choicepoint President Doug “Curling claims his company has a less than 1/10th of 1 percent error rate.” Now WATE in Knoxville, TN, reports that “Anderson Co. man finds credit report error:” At his insurance…
Read More Choicepoint’s Error RateOr so “Shipcompliant” would have us believe, with a blog post entitled “Free the Grapes! Updates Wine Industry Code for Direct Shipping Practices.” The new addition to the Code is step 4, which specifies that wineries should verify the age of the purchaser of the wine at the time of transaction for all off-site transactions…
Read More "Free the Grapes" Externalizes RiskThe Atlanta Business Chronicle reports that “ChoicePoint tumbles to third-quarter loss:” ChoicePoint Inc. went into the red in the third quarter, hurt by about $50 million in charges related to asset impairment, stock expenses and legal fees from a data breach in 2005. Choicepoints losses are a severe outlier. As I said in March, 2005,…
Read More Choicepoint reports $50M more expenses, some due to breachTopping the list, Vodaphone has been fined $100M (€76M) for failing to protect 106 mobile accounts. “Greek Scandal Sees Vodaphone fined” at the BBC, via Flying Penguin. On this side of the Atlantic, Choicepoint, Experian and Reed-Elsevier are looking to pay $25 million to settle claims that they invaded the privacy of 200 million drivers…
Read More Fines, Settlements in Privacy Invasions