bureaucracybusters

MORE DATA SECURITY BREACHES: “WE DON’T CARE–WE DON’T HAVE TO”

In Bureaucracy, Business, History, Law, Politics, Self-Help, Social commentary on September 12, 2017 at 12:01 am

Comedian Lily Tomlin rose to fame on the 1960s comedy hit, Rowan & Martin’s Laugh-In, as Ernestine, the rude, sarcastic switchboard operator for Ma Bell.

She would tap into customers’ calls, interrupt them, make snide remarks about their personal lives. And her victims included celebrities as much as run-of-the-mill customers.

Lily Tomlin as Ernestine

She introduced herself as working for “the phone company, serving everyone from presidents and kings to the scum of the earth.”

But perhaps the line for which her character is best remembered was: “We don’t care. We don’t have to. We’re the phone company.”

Clearly, too many companies take the same attitude as Ernestine: “We don’t care. We don’t have to.”

This is especially true for companies that are supposed to safeguard their customers’ most sensitive information.  

Companies like:

  • Kmart
  • Staples
  • Dairy Queen
  • Target Home Depot
  • JPMorgan/Chase
  • Anthem Insurance 

All these corporations suffered data breeches that exposed tens of millions of individuals’ private information–such as:

  • Names
  • Birthdates
  • Credit card numbers
  • Social Security numbers
  • Member ID numbers
  • Addresses
  • Email addresses
  • Employment Information
  • Phone numbers

And now hackers have compromised Equifax, the consumer credit reporting agency. 

Image result for Equifax

One out of every two Americans stands to be a victim. Some 143 million consumers’ sensitive data is potentially compromised.

From mid-May to July, 2017, there was a flaw in Equifax’s website software. This allowed hackers to access 143 million Americans’ supposedly private information. Only after this massive robbery had occurred did the company discover the breach and close the loophole.

On September 8, PBS Newshour correspondent William Brangham outlined the dimensions of this catastrophe:

“It’s everything that would be in your credit report. So, it’s Social Security number. It’s your name, it’s your address, it’s your driver’s license information, it’s your employers, it’s your payment history, it’s what bank accounts you have….

“The thing that a thief could do with this information is, one, they could hack into your existing accounts once they have all that information. They could also set up new ones pretending to be John Yang or William Brangham and set up new accounts and then rack up big charges on those.

“So, the great irony here is that Equifax is a company that actually sells identity theft protection, and here it is they have theoretically allowed a huge breach that could trigger a ton of identity theft.

According to Brangham, the two most outrageous aspects of this catastrophe are: 

“[Equifax] found out about this on July 29, and we only found out about this breach on—this week. So, you’re supposed to, in these kinds of cases, immediately jump to do something about it. And it seems like they didn’t give consumers much time.

“And, secondly, several executives at the company, after they found out about the breach, sold about $18.8 million worth of stock in their company before this news got out, the implication being they didn’t want their stock to tank and their stock to lose value.”

Asked, “What are we supposed to do?” Brangham replied:

  • Freeze your credit account—thus blocking anyone from setting up a new bank account, loan or mortgage in your name without you being alerted to it.
  • Alert credit reporting companies Equifax, Transunion and Experian.
  • Monitor your bank and credit cards for suspicious activity.

An October 22, 2014 “commentary” published in Forbes magazine raised the highly disturbing question: “Cybersecurity: Does Corporate America Really Care?”

And the answer is clearly: No.

Its author is John Hering, co-founder and executive director of Lookout, which bills itself as “the world leader in mobile security for consumers and enterprises alike.”

Click here: Cybersecurity: Does corporate America really care? 

“One thing is clear,” writes Hering. “CEOs need to put security on their strategic agendas alongside revenue growth and other issues given priority in boardrooms.”

Hering warns that “CEOs don’t seem to be making security a priority.” And he offers several reasons for this:

  • The sheer number of data compromises;
  • Relatively little consumer outcry;
  • Almost no impact on the companies’ standing on Wall Street;
  • Executives may consider such breaches part of the cost of doing business.

“There’s a short-term mindset and denial of convenience in board rooms,” writes Hering. “Top executives don’t realize their systems are vulnerable and don’t understand the risks. Sales figures and new products are top of mind; shoring up IT systems aren’t.”

There are three ways corporations can be forced to start behaving responsibly on this issue.

  • Smart attorneys need to start filing class-action lawsuits against companies that refuse to take steps to protect their customers’ private information. There is a name for such behavior: Criminal negligence. And there are laws carrying serious penalties for it.
  • There must be Federal legislation to ensure that multi-million-dollar fines are levied against such companies—and especially their CEOs—when such data breaches occur.
  • Congress should enact legislation allowing for the prosecution of CEOs whose companies’ negligence leads to such massive data breaches. They should be considered as accessories to crime, and, if convicted, sentenced to lengthy prison terms.

Only then will the CEO mindset of “We don’t care, we don’t have to” be replaced with: “We care, because we’ll lose our money and/or freedom if we don’t.”

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: