Slashdot Mirror
Equifax Tells Investors They Could Be Breached Again - And That They're Still Profitable (nypost.com)
"Equifax executives will forgo their 2017 bonuses," reports CNBC. But according to the New York Post, the company "hasn't lost any significant business customers... Equifax largely does business with banks and other financial institutions -- not with the people they collect information on."
Even though it's facing more than 240 class-action lawsuits, Equifax's revenue actually increased 3.8% from July to September, to a whopping $834.8 million, while their net income for that period was $96.3 million -- which is still more than the $87.5 million that the breach cost them, according to a new article shared by chicksdaddy: The disclosure, made as part of the company's quarterly filing with the US Securities and Exchange Commission, is the first public disclosure of the direct costs of the incident, which saw the company's stock price plunge by more than 30% and wiped out billions of dollars in value to shareholders. Around $55.5m of the $87.5m in breach-related costs stems from product costs â" mostly credit monitoring services that it is offering to affected individuals. Professional fees added up to another $17.1m for Equifax and consumer support costs totaled $14.9m, the company said. Equifax also said it has spent $27.3 million of pretax expenses stemming from the cost of investigating and remediating the hack to Equifax's internal network as well as legal and other professional expenses.
But the costs are likely to continue. Equifax is estimating costs of $56 million to $110 million in "contingent liability" in the form of free credit monitoring and identity theft protection to all U.S. consumers as a good will gesture. The costs provided by Equifax are an estimate of the expenses necessary to provide this service to those who have signed up or will sign up by the January 31, 2018 deadline. So far, however, the company has only incurred $4.7 million through the end of September. So, while the upper bound of those contingent liability costs is high, there's good reason to believe that they will never be reached.
The Post reports that some business customers "have delayed new contracts until Equifax proves that they've done enough to shore up their cybersecurity."
But in their regulatory filing Thursday, Equifax admitted that "We cannot assure that all potential causes of the incident have been identified and remediated and will not occur again."
Even though it's facing more than 240 class-action lawsuits, Equifax's revenue actually increased 3.8% from July to September, to a whopping $834.8 million, while their net income for that period was $96.3 million -- which is still more than the $87.5 million that the breach cost them, according to a new article shared by chicksdaddy: The disclosure, made as part of the company's quarterly filing with the US Securities and Exchange Commission, is the first public disclosure of the direct costs of the incident, which saw the company's stock price plunge by more than 30% and wiped out billions of dollars in value to shareholders. Around $55.5m of the $87.5m in breach-related costs stems from product costs â" mostly credit monitoring services that it is offering to affected individuals. Professional fees added up to another $17.1m for Equifax and consumer support costs totaled $14.9m, the company said. Equifax also said it has spent $27.3 million of pretax expenses stemming from the cost of investigating and remediating the hack to Equifax's internal network as well as legal and other professional expenses.
But the costs are likely to continue. Equifax is estimating costs of $56 million to $110 million in "contingent liability" in the form of free credit monitoring and identity theft protection to all U.S. consumers as a good will gesture. The costs provided by Equifax are an estimate of the expenses necessary to provide this service to those who have signed up or will sign up by the January 31, 2018 deadline. So far, however, the company has only incurred $4.7 million through the end of September. So, while the upper bound of those contingent liability costs is high, there's good reason to believe that they will never be reached.
The Post reports that some business customers "have delayed new contracts until Equifax proves that they've done enough to shore up their cybersecurity."
But in their regulatory filing Thursday, Equifax admitted that "We cannot assure that all potential causes of the incident have been identified and remediated and will not occur again."
The fact it still exists shows how corrupt things are.
"Equifax admitted that profit declined 28% from a year ago. However, after wiping away the $87.5 million in costs of the data breach for its adjusted earnings metric, Equifax was able to claim a 6% gain in profit and beat average analyst estimates. Equifax’s adjusted earnings are nothing new for it or thousands of other companies. MarketWatch has shown repeatedly how companies use adjusted earnings to make their results appear better than they actually are... the company stripped the charges from a non-GAAP earnings figure that it provided, which allows Equifax to claim that profits are growing even as it takes a hit from the data breach. https://www.marketwatch.com/st...
Well now that they have revealed those numbers, the class action lawsuit lawyers have a concrete goal for the settlement sums, lmao.
They won't have to factor in the costs of lawyers until later.
People should ignore the class action suits, and file millions of personal suits, assuming there are sufficient ambulance chasers available to work knowing they'll only be paid if they win.
If these corporations were actually people, they would be feed to the dogs. They prey on people coming and going. They sell and trade information to manipulate people, while gaming the system in their favor. There are plenty of ways to do business without completely disregarding any semblance of privacy.
--
"Use the force Luke" - O. W. Kenobi
You can play the feds like a violin.
Does it matter? There was no evidence the data has been tampered with and that would be easily spotted by comparing another source of data, but even so, any data collected since is what's important for the Equifax customers.
Equifax collects information on individuals and makes timelines for businesses, whether or not a portion of that information at some point in time was made public does not make one iota of difference to their customers.
If they use Equifax data and it ends up being bad, they won't pay for it, loans made out are guaranteed by the tax payer, the tax payer gets an even worse credit score and thus pays increased feeds to the banks for the next two decades.
There is no losing for these guys, that's why they got the IRS contract and will continue getting contracts, how the data is handled is not important to their customers.
Custom electronics and digital signage for your business: www.evcircuits.com
Corporations are going to treat people like shit until a few CEOs and board members are punished, and not just financially. We've got Guantanamo Bay and it hasn't been at all useful to fight terrorists, so why not start putting these monsters there?
There is a saying, that "The only way to stop a bad guy with a corporation is a good guy with a gun." I know it sounds a little bit harsh, but it's just not going to stop until something drastic happens.
I'll tell you the last thing these corporate jackoffs need is a fat tax cut.
You are welcome on my lawn.
It was probably from some other even more scammy scammer that was just using the Equifax letterhead and hoping to prey on suckers.
Someone please shoot those wankers already, they're just torturing themselves anymore.
And even more important, us.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
If enough people freeze their credit with Equifax - but not with Experian and Transunion, Equifax will lose customers. I just got a new credit card and my credit is frozen with them. Just had to talk with the card people over the phone.
"But in their regulatory filing Thursday, Equifax admitted that "We cannot assure that all potential causes of the incident have been identified and remediated and will not occur again."
WE SUCK!
How convenient the executives sold their shares before it plunged. So why are they still not in jail?
sudo rm -r -f --no-preserve-root /
Has convinced human resources departments everywhere that there is a correlation between credit scores and reliability - correlation does not imply causation. Furthermore, they've also managed to sell their product to consumers wishing to know what their credit score is. The rake in the money by the millions and the true victims are the plebes of society. Equifax sells their service to banks under the blanket of "helping the bank minimize risks." It is just another case of the 99% butt-raping the 1%.
let me guess $27.1 million on legal fees, $0.1 on investigation and $0.1 on security improvements?
Equifax credit score, Equifax risk score, VantageScore, Equifax Bankruptcy score?
https://www.equifax.com/busine...
br How many of these scores are there?
Didn't you hear, the company hired the Three Wise Monkeys (other wise known as their own corporate layers) to do an investigation. They went "La, la, la, I can't see or hear you" and exonerated the executives of any wrongdoing.
Do you really expect the SEC under Trump to actually do anything?
The real "Libtards" are the Libertarians!
Equifax is indeed a special class. Their existence does not depend on anything provided to the average american, but rather to businesses.
To stop doing business with Equifax by proxy, you have to stop doing business with the proxy. Be that your local auto dealer, or furniture store, or business offering an in store discount credit card, etc.
Microsoft is in a somewhat similar, but not quite so similar position. Most businesses depend on Microsoft software. Most employees then buy Microsoft because they use it at work. Most techies grow up on Microsoft, and buy games for Microsoft because that is what their parents bought. Ergo, most techies are familiar with Microsoft, so Microsoft has the largest market for IT personnel, which are typically the biggest expense in an IT department. Laws of supply and demand mean Microsoft's TCO is usually less than Linux.
However, this doesn't mean Microsoft is "special", just temporarily advantaged. With the Android and iPhone devices increasing in popularity, Microsoft is being dethroned. Microsoft's TCO for businesses is likely to increase, giving their competitors an opportunity. Microsoft's future may soon depend on them being the best option in a highly competitive market.
Forget the free credit monitoring, that will just tell you that a problem is already underway. Freeze your credit, which keeps anyone from opening a new line of credit, or anyone else from examining your credit. You can briefly unfreeze if necessary to, for example, get a loan or a new card. In some cases freezing and unfreezing can cost you, but that's a lot less hassle than trying to undo a situation that's already begun. I'm optimistic that Congress at some point is going to make the credit agencies freeze and unfreeze for free, the way they made them provide an annual credit report for free.
...the risk/damage.
Encrypt each user's information with an individual AES256 key. Then perimeter penetration, while still bad, is limited in scope, and while keys like that can be broken, it's expensive at a per-user basis (rather than free for millions of users.)
This requires a key management system, but they exist today. How do you avoid all the keys being stolen? That's actually vastly simpler and easier than securing the rest of the network. How to keep the thieves from cracking the interfaces/APIs to the KMS? That's actually simpler and easier than other approaches as well - and is easily monitored and requests can carry requisite AND encrypted meta-data to use against a policy engine on the front of that KMS.
Long story short - all enterprises are going to be doing something like this in 5-10 years (banks are doing it already.)
Loading...
If everyone single person put a security freeze on their Equifax account, would it hurt the company?
"Equifax executives will forgo their 2017 bonuses," reports CNBC. But according to the New York Post, the company "hasn't lost any significant business customers... Equifax largely does business with banks and other financial institutions -- not with the people they collect information on."
"The dope about the dopes is our product, the banks that buy it are our customers. These idiots might be pissed off at at us, but who cares, we don't need their love, just their info." All absolute truths.
There is some minor hiccups due to law suits. The first line of defense it has is binding arbitration. Since we the public are not really the customers, we have not really agreed to any binding arbitration clause. It is possible the fine pint in our credit application might have some line about binding arbitration. But, that is with the bank, second that is for any dispute about the accuracy and veracity of the credit reports. Not about lack of security in Equifax harming us.
But even if it gets bigger, it would be well nigh impossible to prove Equifax breach is why our identities are stolen.
So in the end, the sad fact is, nothing is going to happen to equifax.
sed -e 's/Chuck Norris/Rajnikant/g' joke > fact
This is not about credit check. They have other services such as providing your salary history, big purchase history (which has nothing to do with credit check), proof of identity (your exact last 3 addresses and other info), employer history, etc.
each of those are a different service. If you call them to freeze your credit, the only thing that will happen is that all those services selling your data will contain yet another line "froze credit checks on this day at some hour via telephone numer 555-555-555, proving identity with ssn"
It does matter, the reason is you can no longer with any level of certainty guarantee that the person applying for the credit is the actual person they say they are, so your data is corrupted, in fact it doesn't matter who you get your credit info from, if it was in the compromised data you cannot be sure it is them.
every body should now be issued with new social security numbers, names and birthdays. and Equifax should pay.
What I said is that to Equifax and the Equifax customers it doesn't matter. In any model you propose, there must be an economic loss in order for these companies to change, however in this situation they lose no money.
Let's say you are right and the information is all corrupt and the banks write bad loans because of it. The Feds have guaranteed the loans so the banks lose nothing, at best they have now saddled a bunch of people with payments that will continue to haunt them for the next decade, if they do end up having a string of people that go bankrupt, the government has already indicated in the past they will just bail out Equifax and the banks, making it the tax payer's problem to pay for it.
The banks and Equifax at no point lose any money. If you try to make Equifax pay, they won't and within about 5-10 years if a judgment even comes down from a court, they declare bankruptcy and sell all their assets for $1 to one of the many subsidiaries.
Custom electronics and digital signage for your business: www.evcircuits.com