Pixel Envy

Written by Nick Heer.

Equifax Sent a Fake Security Advisory Site to Some Customers Inquiring via Twitter

Dell Cameron, Gizmodo:

Equifax’s response to its data breach has been a total shitshow, something the company seems determined to remind us of each and every day.

For nearly two weeks, the company’s official Twitter account has been directing users to a fake lookalike website, the sole purpose of which is to expose Equifax’s reckless response to the breach.

Much as Apple’s comeback from near-bankruptcy is studied in business schools as an incredible success story, Equifax’s response to this breach will surely be used in public relations and computer science classes as an example of everything you are not supposed to do in response to a crisis.

Given the inadequacy of Equifax’s response so far, I’m not sure what justice would look like for the victims of their incompetence. Perhaps Equifax would waive the cost of locking credit scores, or maybe they would offer five or even ten years of credit report monitoring. Maybe those in charge of ensuring the security and safety of such a large repository of private data would be fired. Instead of anything like those suggestions, Equifax reported on Friday that two executives — their Chief Information Officer and Chief Security Officer — would be “retiring”. Equifax didn’t say how much their retirement packages are worth.