One Year After the Massive Equifax Data Breach, Pretty Much Nothing Has Changed (axios.com)

← Back to Stories (view on slashdot.org)

One Year After the Massive Equifax Data Breach, Pretty Much Nothing Has Changed (axios.com)

Posted by msmash on Thursday September 6, 2018 @04:40AM from the they-don't-really-care-about-us dept.

The Equifax data breach was supposed to change everything about cybersecurity regulation on Capitol Hill. A year ago, Equifax announced that 145.5 million U.S. adults had their social security numbers stolen in an easily preventable breach. If any data breach was going to be able to shock Washington into enacting sweeping privacy reforms, this should have been it. Axios: But that didn't happen: "The initial interest that was implied by congressional actions didn't pan out," said Michelle Richardson, director of the Privacy and Data Project at the Center for Democracy and Technology (CDT). What was supposed to happen: After the first of several hearings involving Equifax, Sen. Chuck Grassley (R-Iowa), chair of the Judiciary Committee, said it was "long past time" for federal standards for how companies like Equifax secure data.

Data security wasn't the only anticipated reform. Congress appeared poised to create a national breach notification law governing how and how quickly companies must notify anybody whose personal information is stolen in a breach. Currently, to the chagrin of national retailers, those laws vary state to state. Several investigations were supposed to penalize the credit bureau for lax cybersecurity, including failing to patch the vulnerability hackers exploited despite government warnings. What actually happened: The bills petered out. Mick Mulvaney took over the Consumer Financial Protection Bureau in November and halted the bureau's investigation.

64 of 120 comments (clear)

Min score:

Reason:

Sort:

Change it! by Anonymous Coward · 2018-09-06 04:48 · Score: 1, Insightful

I'd say we should appeal to Donald Trump to change this, but he kind of has his hands full.
1. Re: Change it! by Anonymous Coward · 2018-09-06 05:03 · Score: 5, Funny
  
  He's got big hands, though. Really big, the biggest. Very nice, very big hands. So he'll fix the cyber problem. It really won't be that hard. We've got some great people working on that. Really great, the best.
2. Re:Change it! by Anonymous Coward · 2018-09-06 05:04 · Score: 1
  
  I'm pretty pissed off that Meuller is investigating Trump and not Equifax.
  But my opinion doesn't matter according to the treasonous #resistance
3. Re:Change it! by Anonymous Coward · 2018-09-06 05:05 · Score: 1
  
  He has more than what is in his small hands to worry about.
4. Re:Change it! by Anonymous Coward · 2018-09-06 05:25 · Score: 1
  
  You're hilarious. Yes, the man who appointed the man who halted the investigation is certainly motivated to do something about it...
5. Re:Change it! by alvinrod · 2018-09-06 05:27 · Score: 2
  
  I realize that this is just a troll attempt, but even if we had a president that everyone could agree was competent, trustworthy, etc. the U.S. was founded to get away from exactly this kind of autocracy where one person has the power and authority to change something like this. People always think of all the good that might be done with such power, but rarely consider how much evil can be wrought with that authority just as easily.
6. Re:Change it! by Anonymous Coward · 2018-09-06 05:52 · Score: 1
  
  pretty sure this is not the FBIs job, probably the SEC, and FTC
7. Re:Change it! by ShanghaiBill · 2018-09-06 05:57 · Score: 5, Insightful
  
  I'm pretty pissed off that Meuller is investigating Trump and not Equifax.
  In no way whatsoever are these alternative actions. Mueller would not be the right person to investigate Equifax anyway, since he doesn't grok technology.
  The Equifax fiasco is not hard to understand. Unqualified people were placed in positions of authority, they made stupid decisions, and there were no mechanisms for underlings with better understanding to raise alarms.
  But there are deeper systemic problems. Only in America do we rely on critical information being both secret and widely known. Mere knowledge of someone's SSN, DOB, and address should not be enough to clean out their bank account nor establish credit in their name. No other country has this problem. Until we fix our financial system, data breaches and identity theft will continue to be major problems.
8. Re:Change it! by Anonymous Coward · 2018-09-06 06:16 · Score: 1
  
  Fuck you, cum-lapping, pussy-hat wearing, libtard.
9. Re:Change it! by raymorris · 2018-09-06 06:22 · Score: 4, Insightful
  
  > In no way whatsoever are these alternative actions. ...
  > Unqualified people were placed in positions of authority, they made stupid decisions, and there were no mechanisms for underlings with better understanding to raise alarms.
  And the other situation is Equifax.
10. Re: Change it! by Anonymous Coward · 2018-09-06 06:47 · Score: 1
  
  "You know we're thinking of a seventh branch of the military. The "Credit Force". Because, you know, credit is a really big place, and really important.
11. Re: Change it! by Anonymous Coward · 2018-09-06 07:11 · Score: 1, Funny
  
  "You know we're thinking of a seventh branch of the military. The "Credit Force". Because, you know, credit is a really big place, and really important.
  Fuck. How am I supposed to tell if this is really Donald or a Stable State traitor trying to disrupt his agenda? I know - it's clear nobody but the bestest could come up with the name "Credit Force". It takes a GENIUS level intelligence to think of that. TRUMP TRUMP TRUMP. MANGA
12. Re: Change it! by cyberchondriac · 2018-09-06 07:58 · Score: 1
  
  Manga? Waifu!
  
  --
  
  Look back up at my post, now look back down, you're on the Internet. Now look back up. I'm a signature.
13. Re:Change it! by thegarbz · 2018-09-06 19:44 · Score: 2
  
  No, your other situation is the entire system called credit ratings. Equifax is just a part of the stupid.
  Credit rating in a nutshell:
  Person 1: Sir you have huge debt that means you must be good for it, here's a credit card with an even huger limit.
  Person 2: Sir you're homeless, your credit rating sucks. Have a smaller credit card we know you won't pay off.
  Person 3: Sir you're an engineer earning six figures who just moved into the country? We can give you a credit card with a $200 limit, but because you don't have a credit rating you'll have to pay us $200 for that card. You earn a lot and are intelligent, we can't use that as a basis for a credit system.
Was there an expectation otherwise? by Anonymous Coward · 2018-09-06 04:49 · Score: 1

Seriously, did anyone expect anything to change?
1. Re: Was there an expectation otherwise? by Anonymous Coward · 2018-09-06 05:36 · Score: 1
  
  Dude, whatever you're on is really affecting you. Maybe call one of those rehab places.
2. Re:Was there an expectation otherwise? by Sir_Eptishous · 2018-09-06 05:45 · Score: 5, Funny
  
  I see a lot of these comments, and when I read them I hear a Russian accent.
  
  --
  We play the game with the bravery of being out of range
3. Re:Was there an expectation otherwise? by cascadingstylesheet · 2018-09-06 05:55 · Score: 1
  
  I see a lot of these comments, and when I read them I hear a Russian accent.
  I hear them in a fake Russian accent, posted by a mere troll.
4. Re:Was there an expectation otherwise? by grep+-v+'.*'+* · 2018-09-06 06:16 · Score: 1
  
  I see a lot of these comments, and when I read them I hear a Russian accent.
  So you're admitting that you're Russian? My God, you're famous -- you're the Russian troll everyone's talking about!
  
  Inquiring minds want to know!
  
  --
  If the universe is someone's simulation -- does that mean the stars are just stuck pixels?
5. Re:Was there an expectation otherwise? by jbengt · 2018-09-06 06:54 · Score: 4, Funny
  
  One thing that's become crystal clear is that both parties are 100% owned by big-money corporations.
  That's not true.
  The Republicans are 25% owned by the anti-science religious nuts and the Democrats are 25% owned by the bleeding heart liberals, so they're at most 75% owned by big money corporations.
6. Re:Was there an expectation otherwise? by Sir_Eptishous · 2018-09-06 07:26 · Score: 1
  
  I see a lot of these comments, and when I read them I hear a Russian accent.
  So you're admitting that you're Russian? My God, you're famous -- you're the Russian troll everyone's talking about! Inquiring minds want to know!
  You got me!
  
  --
  We play the game with the bravery of being out of range
7. Re:Was there an expectation otherwise? by q_e_t · 2018-09-06 18:28 · Score: 2
  
  That is a very cynical view, and I don't believe it is true.
  People don't always engage with politics, and this is partly because they don't feel that they have any real influence, and if that is what it feels like, then being informed isn't a high priority. To give him his due, Trump at the very least has made people believe that they can have an influence on the politics that affect their lives, and that it is worth engaging.
  If you look at the sweep of American (and Western) history over the last 100 years, politics has effected great changes, and that has come about through a combination of direct political action and awareness raising that has widened the right and ability to vote, and the influence ordinary people have, and it has been a very positive development.
Republican House Republican Senate Republican Pres by Anonymous Coward · 2018-09-06 04:50 · Score: 1

= nothing gets done
Did you really think they were going to crack down on corporations? Impose regulations and fines? Hahaha, my sweet summer child.
Who wins... by AVryhof · 2018-09-06 04:56 · Score: 2

It's the same winner, every time. Money.

--
Make America grate again!
Nope by AlanBDee · 2018-09-06 04:58 · Score: 3, Interesting

Politically, nothing happened. But a lot of people locked their credit score. I'm sure credit card companies are now asking for more information to prove your identity to open a new card. People's ssn, date of birth, and drivers license can no longer be trusted as a form of identification for anything. I also had so many friends and family ask what they should do, which opened the door for me to introduce them to things like LastPass, Yubikey, and other security.
And when the whole debate about voting machines came up, one word shut most people up: Equifax.
1. Re:Nope by chispito · 2018-09-06 05:37 · Score: 1
  
  And when the whole debate about voting machines came up, one word shut most people up: Equifax.
  I'm confused, how are voting machines related to the Equifax breach? Do they run Struts? It can't be relate to identity theft, because it's still people that verify your identity (or don't) before you vote, not the mchine.
  
  Electronic voting machines are a bad idea, but I don't see how waving your hands and mentioning a data breach in an unrelated industry supports the case. Isn't the technology probably more like a kiosk or industrial control equipment?
  
  --
  The Daddy casts sleep on the Baby. The Baby resists!
because this is an industry issue. by nimbius · 2018-09-06 04:58 · Score: 2

This industry, the idea that credit is something that can be measured and a value of trust and worthiness ascribed to certain goods and services, is fragile.
Equifax is running out of keys and they just dont seem to care. They are running out of the very currency that funds their business model. If you can no longer trust SSN's because every hacker on the planet has them, and you can no longer trust personal information because its been stolen as well, then the value assigned to the majority of your assets (people) is effectively worthless.
and if all you can report in 20 years is the fact that everyone in your database is categorized as credit-unworthy, then you become worthless as a saleable service to your real customers: banks.

--
Good people go to bed earlier.
1. Re:because this is an industry issue. by Xarius · 2018-09-07 01:54 · Score: 1
  
  I dunno
  In the UK I think they use their own keys. You have to provide your name, some other misc. items like phone number, date of birth and your postal address history. They use a combination of a lot of data items to point to "you".
  This has some problems, but seems to work well enough. I also dislike them intensely and don't trust them at all, just FYI.
  
  --
  C17H21NO4
Re:Are computers a good or an evil? by fish_in_the_c · 2018-09-06 05:07 · Score: 1

well, there is increased efficiency, fewer dangerous jobs, Increased food production and more effective distribution of food and resources, better medicine, and the ability to advance human technology and science at an unheard of pace because we can now co-orlate and model systems on a level unparalleled in human history.
Don't forget, computers don't just mean, the box on the desk, there are a multitude of computers in every vehicle made since the 80's , they are part of CAT scans, MIR, and ultrasound machines. They are used to regulate the electric grid , and disseminate information that otherwise it would take months for an interested person to search and understand.
I'd say computer are a tool, the purpose of a tool is to amplify the effects of human actions. The actions of the humans are either or good or bad, the tool still amplifies them.
Use a hammer to build a house, use a hammer to kill your neighbor over beer, either way , the good or the evil does not exist within the hammer.

--
âoeTolerance applies only to persons, but never to truth. Intolerance applies only to truth, but never to persons.
No surprise by sjbe · 2018-09-06 05:11 · Score: 1

Politically, nothing happened.
To the surprise of absolutely no one given the current state of affairs in Washington.

But a lot of people locked their credit score.
So what? That's about the least interesting bit of data Equifax has about you and it does nothing to prevent mass data breaches.

I'm sure credit card companies are now asking for more information to prove your identity to open a new card.
Citation needed.

also had so many friends and family ask what they should do, which opened the door for me to introduce them to things like LastPass, Yubikey, and other security.
So you told them to use an unregulated and unaudited third party single point of failure? Great plan... You do realize that those things would do nothing to prevent a breach at Equifax right?
1. Re:No surprise by AlanBDee · 2018-09-06 07:10 · Score: 1
  
  I'm sure credit card companies are now asking for more information to prove your identity to open a new card.
  Citation needed.
  I don't have a citation, it's just as assumption which is why I said, "I'm sure credit card companies..." instead of "Credit card companies are now..." The difference is a little too subtle, I probably should have put, "I assume credit card companies..." instead since it is just a guess.
  
  also had so many friends and family ask what they should do, which opened the door for me to introduce them to things like LastPass, Yubikey, and other security
  So you told them to use an unregulated and unaudited third party single point of failure? Great plan... You do realize that those things would do nothing to prevent a breach at Equifax right?
  Yep. If Equifax provided an authentication service would you trust it? How about Google, Apple or Microsoft? The fact is that when users try to remember their passwords they end up using the same passwords across multiple sites and/or easy-to-guess passwords. (I assume I don't need to cite this?)
  Using a keystore like LastPass or KeePass make it much easier to manage complex usernames and passwords is in my opinion the best path. Yes, it's a single point of failure but I have three yubikeys; all three of which will grant access to my LastPass account. I exported and printed my LastPass usernames and passwords where a copy is in my safe and another with a family member; both along with other "things you need if I die" papers. If you have a better process I'm happy to hear it?
  Yes I am aware that none of this would prevent a equifax breach but it does make other breaches less damaging. If a site got hacked and you got my password of: "Esg1Hn09NBfq24SYfaCg3Ef91Vy3jB" that won't help you get into any other sites I'm associated with.
2. Re:No surprise by PrimaryConsult · 2018-09-06 07:43 · Score: 1
  
  Locking a credit score doesn't prevent a breach but it does limit the useful things that can be done with the data.
3. Re:No surprise by _Sharp'r_ · 2018-09-06 15:07 · Score: 1
  
  The premise of this story is nonsense.
  1. And as opposed to "nothing", the current Congress did pass and Trump did sign a bill which takes effect in 15 days which according to the FTC includes:
  
  Free credit freezes
  What is it? A credit freeze restricts access to your credit file, making it harder for identity thieves to open new accounts in your name. Usually you get a PIN to use each time you want to freeze and unfreeze your account to apply for new credit.
  What’s new? Currently, credit freezes may involve fees, based on state law. Starting this fall, it will be free to freeze and unfreeze your credit file throughout the country.
  Free child credit freezes
  What is it? A child credit freeze allows you to freeze a child’s credit file until the child is old enough to use credit.
  What’s new? Currently, some state laws allow you to freeze a child’s credit file. Starting September 21st, no matter where you live, you’ll be able to get a free credit freeze for children under age 16.
  Year-long fraud alerts
  What is it? A fraud alert will tell any business that runs your credit that they should check with you before opening a new account.
  What’s new? Currently, fraud alerts last 90 days. Starting this fall, an initial fraud alert will last for one year. It will still be free and identity theft victims can still get an extended fraud alert for seven years.
  2. Equifax is still in court with the Feds, but they already "entered into a consent order with eight states that requires it to improve its data-protection practices in the wake of the huge data breach last year at the national credit-reporting agency."
  
  “The conditions Equifax agreed to in the consent order require the company’s board to remediate the deficiencies and unsafe practices that contributed to the breach,” the Texas Department of Banking said in a statement.
  The order covers everything from risk assessments and improved oversight of information security and technology by Equifax’s board of directors and its audit committee to vendor management and the patching of software systems. Equifax is required to submit to the states by July 31 a list of all remediation projects it has begun or planned since the breach, and to submit progress reports going forward. The states will conduct on-site reviews to assess compliance.
  
  --
  The party of stupid and the party of evil get together and do something both stupid and evil, then call it bipartisan.
headline by cascadingstylesheet · 2018-09-06 05:12 · Score: 1

The headline can be taken two ways ... the identity theft Armageddon didn't happen either. Did it?
The interesting question would be why ... I know I put a fraud alert on my credit bureau accounts (and have kept renewing it), but did most people really do that?
1. Re:headline by wwphx · 2018-09-06 05:45 · Score: 4, Interesting
  
  I've been mulling over the lack of an armageddon since the breech happened. I'm not a conspiracy theory kind of guy, but my personal conclusion is that it was done by a state actor, and that actor was China. My suspicion is they hoovered Equifax because the exploit made them vulnerable and in doing so it gave China access to a treasure trove of information not just on pretty much every American, but a specific subset: every American working for the U.S. government. Every CIA agent, every NSA agent, in addition to every head of industry, every computer chip researcher. Anyone who might be of interest. At first I thought it might have been theft for stealing medical insurance coverage, but not only did that not happen, but nothing happened. It was such a huge haul of information that no criminal org capable of stealing that amount of info is going to sit on it - they need/want to monetize it for their efforts, but a government who wanted it for different purposes could.
  
  --
  When you sympathize with stupidity, you start thinking like an idiot.
2. Re:headline by Jason+Levine · 2018-09-06 06:13 · Score: 2
  
  I've had my credit frozen since way before the Equifax breach. Somehow (I've never found out how and likely never will), someone got my name, SSN, DOB, and address. They used this to open a credit card in my name. (RED FLAG #1: They got Mother's Maiden Name wrong. So much for security with that.) They then immediately changed the address to an address in another state (RED FLAG #2) but not before paying for rush delivery of the card. Thanks to the latter, the card was rushed out before the address change went through and it came to me instead of to them. Had this not happened, I would have known about it when the collection agency was busting down my doors to collect debt that "I" ran up. While the card was on its way, a woman representing "me" called asking for a $5,000 cash advance before the card was activated (RED FLAG #3). This was thankfully denied. Still, none of these red flags caused the credit card company (Capital One) to rethink whether this was fraud.
  When I called Capital One to ask about this card, they first insisted that I had opened it. Then, they claimed that my wife opened it without my knowledge. (She was standing right there terrified about what this meant.) Finally, they admitted it was probably fraud, but refused to give me more information. As they put it "if we give you their address and you go and shoot them, we're liable." Yes, that's a direct quote. They were concerned I might perpetrate violence on the people who opened a credit card in my name and they'd be legally liable. They weren't concerned about legal liability for opening a line of credit in my name, though. No issue there for them to worry about.
  The police looked into it but a) didn't know how to track where IP addresses came from much less track people across the Internet and b) weren't interested in pursuing a case that they would need to hand off to another department for the arrest. That and Capital One giving the police the runaround (told them to call a line that went to perpetually unanswered voice mail) meant that the people responsible for this were never arrested.
  The most I was able to do was freeze my (and my wife's) credit file. This prevents this from happening in the future since my information is obviously "out there." However, it becomes a pain whenever I need a loan or anything else that needs my credit file thawed.
  
  --
  My sci-fi novel, Ghost Thief, is now available from Amazon.com.
3. Re: headline by schklerg · 2018-09-06 07:12 · Score: 2
  
  The problem with that reasoning is Equifax's security was so demonstrably poor that it could have been China or your 8 year old cousin. They should have been sued, fined, and regulated into oblivion.
  
  --
  Be Excellent To Each Other
4. Re:headline by ftobin · 2018-09-06 11:09 · Score: 1
  
  Did you have security freezes with all three major agencies? I'm surprised that an organization would give you credit without being able to verify your worthiness, unless there's a "back door" that we're not aware of. I've had to do freeze lifts for even things like opening a bank or brokerage account, but I don't mind, since that happens maybe once every few years.
  Transunion has the least painful process by far, since you actually have an account with them so you don't have to re-enter a bunch of personal data each time, and the lift control is much better. For example, you can have a temporary lift, and then cancel it (I just did it a couple of days ago).
5. Re:headline by thegarbz · 2018-09-06 19:45 · Score: 1
  
  I'm not a conspiracy theory kind of guy
  But when I am, dammit if I don't go all out.
6. Re:headline by Jason+Levine · 2018-09-07 00:30 · Score: 1
  
  Yes. My credit with all three agencies is frozen (as is my wife's). The fraudulent card was issued before I had the freeze on. That happened back in my blissfully ignorant days when I thought my information was secure because I was careful about it. Now I know that your information is only as secure as the least secure company holding your data. And with breaches happening so often, it's best to just assume your data is out there and act accordingly.
  
  --
  My sci-fi novel, Ghost Thief, is now available from Amazon.com.
Why should it change? by houghi · 2018-09-06 05:13 · Score: 1

Not talking about what or why you WANT it to change. Why SHOULD they change. No accountabiliy, no reason.
If I would steal cookies as a kid and all my mom would do was moan about ot, I would eat them all and demand more.
A light punishment after the first cookie was enough.
Accountability: it somehow matters.

--
Don't fight for your country, if your country does not fight for you.
1. Re:Why should it change? by Jason+Levine · 2018-09-06 06:17 · Score: 2
  
  One of the big problems is that big agencies like Equifax contribute to politicians and hire lobbyists.
  Imagine your example, but when you steal 10 cookies, you give your mother a cookie. In exchange, she wags her finger at you for stealing cookies but nothing else. Meanwhile, your younger brother has no such arrangement and gets grounded for a week for eating a cookie crumb that wasn't his. After the most recent Cookie Stealing Incident, your mother moans about how horrible it is that people steal cookies and pledges to get to the bottom of it, but then ups the punishment on your younger brother while munching on a cookie you gave her.
  
  --
  My sci-fi novel, Ghost Thief, is now available from Amazon.com.
Ah, democracy by alternative_right · 2018-09-06 05:13 · Score: 1

You're free.
You're equal.
You are tolerated.
Maybe these are not the right things to be hoping for; perhaps we need reality, sanity, and the ability to address glaringly obvious problems instead.

--
Alternative Right.
Republicans by Anonymous Coward · 2018-09-06 05:13 · Score: 1

is the short answer. Can't let anything inconvenience the corporations, after all.
Something important has changed by bagofbeans · 2018-09-06 05:25 · Score: 1

Free credit freezes are due this month thanks to Economic Growth, Regulatory Relief, and Consumer Protection Act
https://www.congress.gov/bill/115th-congress/senate-bill/2155/text?format=txt/

TITLE III--PROTECTIONS FOR VETERANS, CONSUMERS, AND HOMEOWNERS
SEC. 301. PROTECTING CONSUMERS' CREDIT.
(a) In General.--Section 605A of the Fair Credit Reporting Act (15
U.S.C. 1681c-1) is amended--
(1) in subsection (a)(1)(A), by striking ``90 days'' and
inserting ``1 year''; and
(2) by adding at the end the following:
``(i) National Security Freeze.--
``(1) Definitions.--For purposes of this subsection:
``(A) The term `consumer reporting agency' means a consumer
reporting agency described in section 603(p).
``(B) The term `proper identification' has the meaning of
such term as used under section 610.
``(C) The term `security freeze' means a restriction that
prohibits a consumer reporting agency from disclosing the
contents of a consumer report that is subject to such security
freeze to any person requesting the consumer report.
``(2) Placement of security freeze.--
``(A) In general.--Upon receiving a direct request from a
consumer that a consumer reporting agency place a security
freeze, and upon receiving proper identification from the
consumer, the consumer reporting agency shall, free of charge,
place the security freeze not later than--
``(i) in the case of a request that is by toll-free
telephone or secure electronic means, 1 business day after
receiving the request directly from the consumer; or
``(ii) in the case of a request that is by mail, 3
business days after receiving the request directly from the
consumer.
``(B) Confirmation and additional information.--Not later
than 5 business days after placing a security freeze under
subparagraph (A), a consumer reporting agency shall--
1. Re:Something important has changed by Bob+the+Super+Hamste · 2018-09-06 06:11 · Score: 1
  
  Too bad neither of my state senators voted for it but then one really can't expect much out of Amy Klobuchar. At least my Representative in the House voted for it.
  
  Looks like I may have some things to get setup in a couple of weeks when things go into effect on Sept 21.
  
  --
  Time to offend someone
2. Re:Something important has changed by Dragonslicer · 2018-09-06 08:21 · Score: 1
  
  Too bad neither of my state senators voted for it but then one really can't expect much out of Amy Klobuchar. At least my Representative in the House voted for it.
  I admit that I haven't read much of the bill, and so this may be unfair stereotyping, but when there's a bill that regulates large companies and only one Republican between both the House and Senate votes against it, I get suspicious of what the bill will really do.
3. Re:Something important has changed by Bob+the+Super+Hamste · 2018-09-07 01:17 · Score: 1
  
  From what I read of it, it is fairly long, it seems like it is pretty good. Then again there are a number of change these words to these other words in existing law which is usually where things go sideways. In the senate it looks like 16 democrats and 1 independent also voted for it. In the house it looks like 33 democrats voted for it too. So while not a strongly bipartisian bill it seems like there is support from both sides and from what little reporting on I have seen seems to indicate that it did roll back some of the Dodd-Frank regulations so that may be why there wasn't as strong of democrat support. Then again I don't really know if those roll backs were good or bad as I just don't have enough knowledge in that area.
  
  --
  Time to offend someone
4. Re:Something important has changed by Dragonslicer · 2018-09-07 02:27 · Score: 1
  
  ...from what little reporting on I have seen seems to indicate that it did roll back some of the Dodd-Frank regulations...
  Thanks, that's the answer I was looking for.
Re: Are computers a good or an evil? by houghi · 2018-09-06 05:29 · Score: 1

The hammer is an inate object, just like an atom bomb. It has no concience, so blaming anything on it to s irrelevant.
The bkaming is more a lingiustic issue. We 'blame' tsunamis for the death of people,

--
Don't fight for your country, if your country does not fight for you.
Why should anything change? by CaptainDork · 2018-09-06 05:33 · Score: 4, Insightful

There's no incentive, no motive.
Customers are helpless to do anything about it so they just shrug and move on.
Their shit is out there anyway, what with all the other goddam break-ins.
In the spirit of, "too big to fail," Equifax is too big for their breaches.
All your base are belong to us.

--
It little behooves the best of us to comment on the rest of us.
1. Re:Why should anything change? by Dragonslicer · 2018-09-06 08:22 · Score: 2
  
  In the spirit of, "too big to fail," Equifax is too big for their breaches.
  I see what you did there.
2. Re:Why should anything change? by CaptainDork · 2018-09-06 09:29 · Score: 1
  
  I froze on all three majors.
  Hopefully inquiring minds have to go through me first.
  
  --
  It little behooves the best of us to comment on the rest of us.
What I'm interested in seeing by wwphx · 2018-09-06 05:33 · Score: 1

is if Equifax gets hacked yet again, because there's a fresh new Struts weakness that was announced within the last week that was every bit as bad that lead to this breech. I would fine it hilarious if they're getting cleaned out once again even as we post.

--
When you sympathize with stupidity, you start thinking like an idiot.
1. Re:What I'm interested in seeing by xxxJonBoyxxx · 2018-09-06 05:44 · Score: 1
  
  This is how you know Slashdot ain't really news for nerds anymore. Here are teh types of article that would be linked into TFsummary if it was:
  
  https://www.darkreading.com/application-security/thoughts-on-the-latest-apache-struts-vulnerability-/a/d-id/1332716
  
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11776
If anyone wants this to change by rsilvergun · 2018-09-06 05:37 · Score: 1

We need to elect politicians who support regulation as a solution. You can't rely on market forces since you're not able to "shop around" for a credit agency. They're assigned to you.

--
Hi! I make Firefox Plug-ins. Check 'em out @ https://addons.mozilla.org/en-US/firefox/addon/youtube-mp3-podcaster/
1. Re:If anyone wants this to change by brantondaveperson · 2018-09-06 16:46 · Score: 1
  
  Weird. Other countries don't have this problem.
Our government is broken and corrupt by Rick+Schumann · 2018-09-06 05:43 · Score: 1

Of course nothing changed; the politicians, The Rich, they're all already 'protected', they were never in any danger from this, only The Poor, and middle-class working people stood to lose anything -- and our own alleged 'representatives' in our government don't really give a rat's ass about any of us filthy plebians. Politicians are too busy trying to hold on to their power and position, a large part of which is serving corporate interests (whose money got them elected in the first place; thanks so much Citizens United), the rest of which is kowtowing to (you guessed it) The Rich, who likewise funded their campaigns. Meanwhile the rest of us cross our fingers and hope we don't get our bank accounts drained, credit cards maxed out, and identity stolen and ruined forever; I, for one, don't even bother worrying, I have nothing to take, my identity is basically worthless, and there's not a gods-be-damned thing I can do about it all anyway, it's out of my hands, so why make myself sick with worry? I'll be there when Monsieur Guillotine is brought out again, and the people who have shit on us are dealt with, but until then what can we do but try to survive? Also meanwhile, we have to vote for Democrats whether we like it or not, because it's mainly the Republicans who currently hold a majority who are ignoring this shit, and throwing things farther and farther out of balance every month, so regardless of Democrats being just as corrupt, we have to pit them against each other and hope something actually gets done. The alternative is anarchy and chaos, which would complete the descent of the United States from a top-tier first-world country down into a third-world lawless shithole like Libya or Syria or Somalia.

Enjoy your Thursday, everyone!
Regulating and suing the wrong company by FeelGood314 · 2018-09-06 05:54 · Score: 1

You are not Equifax's customer, you are their product. (Just like you are facebook and google's product). You are however your credit card companies customer. If there was pressure put on the credit companies not to share information with an insecure entity like Equifax then Equifax would either put some effort into security or go bankrupt. Equifax has to have a near complete picture of everyone's credit score to remain in business. If even a few creditors stopped sharing information with them they would be in big trouble.
We need a fire-wall by Pascoea · 2018-09-06 06:05 · Score: 1

Just tell Donald that it's a wall, he'll start pushing for funding.
No interest in consumer protection. by XXongo · 2018-09-06 06:59 · Score: 5, Insightful

The last line of the summary says it all: "Mick Mulvaney took over the Consumer Financial Protection Bureau in November and halted the bureau's investigation."
The current administration is not interested in consumer protection.
They are on the side of business, not consumers.
1. Re: No interest in consumer protection. by Anonymous Coward · 2018-09-06 14:10 · Score: 1
  
  The current administration? More like all of the administrations!
Correct - are there any identity thefts? by ripvlan · 2018-09-06 08:05 · Score: 1

My credit is fine. Have there been reports of massive fraud that can be traced back to this? What are they doing with it?
I predicted that this won't be a consumer problem. The credit system now has an issue - all of their previously "Secret" data is floating around. As a consumer I don't know what to do or what is happening out there. But if a rash of fraudulent loans start appearing then the credit market will really have a problem.
Just like I have to press "block caller" due to the high level of scam phone calls --- the credit market may need to start doing the same. Then we all have a problem.
Re: Enforce Laws, then see change by Anonymous Coward · 2018-09-06 10:32 · Score: 1

Imagine robbing a bank.. you take in, say, $1M. Say you get caught and your punishment is a BIG fine of, say, $200k. You net 800K from the deal, and another bit at the apple in a few years. THAT is how US government deals with corp crime. An insult to people's intilligence.