by Daniel Brouse and Sidd Mukherjee for Membrane Domain Security
Equifax is one of the largest credit reporting agencies in the world. Ironically, Equifax provides “identity protection tools with daily monitoring and alerts today!”
From May to July, 2017, Equifax allowed a cybersecurity breach to steal 143 million people’s identity. The stolen information includes social security numbers, birthdays, addresses and driver’s license numbers.
On September 7, Equifax released a statement via Twitter: “We recently discovered a cybersecurity incident involving consumer information. Once discovered, we acted immediately to stop the intrusion. We apologize to our consumers and business customers for the concern and frustration this causes. Learn more: http://www.equifaxsecurity2017.com .”
The data breach compromised about half the population of the United States.
Cyber security specialist Sidd Mukherjee said, “The main issue not addressed is the collection of the data in the first place. There would be no target if there were no centralized database. If the data were maintained in a distributed mechanism, with strict privacy guarantees and guaranteed update (such as blockchain/bittorent/tor allows) we would not be in this situation.
‘But that’s so hard and we need to make money this quarter’
OK, that is actually quite a cruel summary, so let me expand. Back in the day, centralized was the only way to go. The Internet made a lot of things possible and mathematics did as much. Companies like Equifax began in response to a need. They
glommed on to a need twenty years before the Internet and made big databases because they watched ATT and SABRE and railroads, and such. The Internet came along and they lumbered over. And now, they find they are in a strange and terrible land beset with pitfall and with snare.
Equifax makes money through collection and controlled distribution of data. Both those avenues and control are threatened in this brave new world, as Mr. Assange pointed out some time ago.
Don’t get me wrong. I actually think assaults on privacy have done the evolution thing, selected for those schemes which resist assault. And as such, the centralized databases will get selected out of the game. It will take a while, though.”
In other news, until you had many to many communication with latency lower than human attention span, which seems to be about 20 seconds, you can’t really do hive intelligence like the kids are doing with the cell phones. Watch the kids. Demographic is destiny, as someone said.”