If you haven't heard by now, Equifax was hacked and it is creating widespread fear among many Americans.
The private information of over 143 million people appears to be affected.
Data such as names, social security numbers, driver's license numbers, and credit card numbers appear to have been compromised.
The hack is stated to be the largest of it's kind in United States history.
In fact, an analyst from Reuters went on to say that on a scale of 1 - 10 (10 being the worst), this event is a 10.
Yikes.
Things get even more interesting...
The hacks appear to have taken place mostly between May and June.
Equifax apparently found out within the last week or so, which is all the more interesting considering Equifax executives sold shares worth roughly $18 million dollars just several days after finding out about the hack and before the hack was made public.
Interesting indeed.
At this point it is not clear whether those sales were planned or something else.
The hackers have made a demand.
At first it wasn't clear exactly how much the hackers wanted for their troubles.
Now, on a Darkweb site, the hackers have stated their demands.
They say they will delete the data they stole for a fee of 600 BTC, which is roughly $2.5 million dollars at current prices.
Their demand stated that if they do not receive the funds by September 15th, the data will be made public.
The hackers were even kind enough to share their reasons for their theft:
"We are just two people trying to solve our lives and those of our families. We did not expect to get as much information as we did, nor do we want to affect any citizen. But we need to monetize the information as soon as possible."
Also, the hackers added that if they are forced to publicize the data, they will be holding on to the credit card numbers, which would imply that they might plan on utilizing those for additional profit.
This represents an interesting situation for Equifax.
It is not clear when Equifax was made aware of the hacker's demands or even if they were made aware of demands before the public posting on the Darkweb site in the first place, but if they were it presents an interesting question...
In this particular situation, should Equifax have paid the ransom before it was made public?
The price the hackers are asking for is extremely small relative to the scope of their theft and relative to the size of Equifax.
In normal circumstances most companies would not negotiate with hackers.
However, since the price of Equifax stock dropped by roughly $2.5 billion when the news broke, and the hackers were only asking for roughly $2.5 million, it makes one wonder if in this case paying the ransom might have been the smarter thing to do?
Even if there is no guarantee that paying it would have solved the problem...
What say you Steemit community? What was the correct play here for Equifax?
Let me know in the comments section below.
Stay informed my friends.
Sources:
https://cointelegraph.com/news/equifax-hack-3-investors-sold-18-mln-shares-in-unclear-transaction
https://cointelegraph.com/news/equifax-hackers-demanding-26-mln-in-bitcoin-or-else
Image Sources:
http://time.com/money/4933204/equifax-hack-credit-report-identity-theft/
http://www.villaggioilgirasole.it/villaggi-in-toscana-news-ed-offerte/
Follow me: @jrcornel
Correction: Equifax executives sold roughly $2 million, not $18 million. Great article btw.
This hack is a very, very good example of why KYC/AML rules are a bad idea. When you have these centralized storehouses of sensitive personal info on millions of people, it's only a matter of time before a skilled attacker gains access.
Decentralized exchanges and free access for everyone - absent selfies that require customers to hold up their passports next to their faces, colonoscopy reports and credit checks - is the only way to go.
You can thank terrorists for that, since banks were relatively free with servicing customers until 9/11. After that, the governments all over really started to reign down on where the money is going and how its being spent. A lot of developed countries these days have their own kyc/aml regulations for their banking system.
And it doesnt help that a lot of companies invest very little money into their IT Security either.
It doesn't really matter how much money they invest in IT security anyways. With that much valuable info in one place, even inside jobs become profitable and likely.
Centralized data storage systems can't really be secured in this day and age.
Whoa ! Whoa!
it was yahoo and now it is equifax.
tomorrow it will be ...
Sad news.
very interesting I really like your posts I always follow your post there are many interesting things that I find. and I share your submissions to other friends. visit my post
Follow an fot me @imranroza
https://steemit.com/art/@imranroza/anugrah-terindah-2017910t05839323z
The fact that so many executives sold shares before the hack was revealed is incredibly fishy. They obviously knew, and should be punished for insider trading.
Not unless they grease the right palms. That's how it works in America.
A lot of people's ssn has been affected. In fact, I think that's most American citizens. See what happened to "Phrama Bro", they'll find something to stick them with.
I guess we are all EQUI-F&CKED !!
This is very interesting and I had not heard about it yet. If those numbers they are estimating are correct it could affect over half of all Americans! That truly is startling. I think that, in hindsight, they definitely should have just paid the ransom if they could keep it out of the news all together. If the news that they paid a ransom like that were to get out though, the number of people trying to exploit them would be huge.
This is done on A LOT of darknet markets as well. Bug hunters will search for valnerabilities and when they find 1, they provide proof and are paid based on the magnitude of the find. This is a bit different as its a ransom but nonetheless, sometimes it's worth the money on the off chance the info is true, even if the reasoning is solely to protect the stock price of the company from the reaction to FUD. Great, thought provoking piece as always!
Block chain technology can help play a role in cyber security... steemit and others stand to benefit as early adopters!
Equifax most likely purchased a lot of that info without anyone's consent. Let them burn.
Maybe I should be worried than I am, but am just unphased by this all.
This post recieved an upvote from OPENBULL. If you would like to recieve upvotes from OPENBULL on all your posts, simply FOLLOW @openbull Please consider up-voting this comment as this project is supported only by your up-votes!
Ethical hackers should be better, as long as companies think they are safe, and wont spent money for security.. it will be an expensive lesson at the end!
The information contained in that data breach is worth substantially more than 2.5 million to many different groups lurking in the underbelly of the internet (and in real life). There is no guarantee that these hackers haven't already made arrangements to sell the data anyways after collecting the for sure 2.5 million in bitcoins. Just a sad, sad situation.
The American citizen again gets punished because companies didn't go the extra mile to secure all security flaws. It was really only a matter of time for this to happen given how much data companies collect and the type of data this company, Equifax, collected. Hot target.
The internet and complicated digital security is still in its infancy. One can only hope that the future has a much better outlook and not too many people get devastatingly harmed from this.
People will always be the weakest link in security. You can patch the vast majority of the flaws and vulnerabilities, but at the end of the day, you still have a vulnerable human at many different points of the organization's processes.
I'm sure I'll get screwed right before trying to close on a new home in AZ. I know the bubble is going to burst in real estate, but....
Is there a lawyer out there that thinks there could be legal ramifications for Equifax? Wells Fargoish?
hackers are ruining the online world as politician destroy the real world.
they should be stopped
how on earth do you think they can be stopped ?
its almost impossible to easy detect a hacker as most of them are anonymous
by dragging them to the jail. There is no rule and laws for them.
Extremely intriguing, I had not found out about it yet. In the event that those numbers they are assessing are right it could influence over portion of all Americans! That genuinely is startling. I feel that, looking back, they unquestionably ought to have quite recently paid the payment on the off chance that they could keep it out of the news all together. On the off chance that the news that they paid a payoff like that were to get out however, the quantity of individuals endeavoring to abuse them would be enormous.
The way that such a large number of administrators sold offers previously the hack was uncovered is staggeringly fishy. They clearly knew, and ought to be rebuffed for insider exchanging.
just seeing this for the first time
Hakers is very creative poeple....
Hackers are breaking the systems for profit. Before, it was about intellectual curiosity and pursuit of knowledge and thrill, and now hacking is big business.
sir, you share very interesting and fearing news. you always share valuable posts and about your question. my opinion is that they should fullfill demands of hackers at that time. and after sometime they should take actio for this blackmailing. i always waited and supported your post. thnxcx
If I were the hackers, I think I would prefer payment in something like Zcash...
Why Zcash? Is it more anonymous? Or do you think there is potential for a bigger payout?
the idea is that it's more anonymous
I was shocked when the price was only 2.5 million. Also, Equifax not paying the amount, and executives cashing out 18 million sounds fishy.
The hackers themselves say that they dont want to release the information, but are in a tough situation financially so that they said that they have to do it. I think its messed up. No matter how bad your situation is, you cant hold over half of American's personal information hostage.
Not to mention the subtle adverse affects on the American and world economy.
It is sufficient motivation for them. The repercussions of this will be interesting.
It sure will be. So almost half of American's info has been compromised. But not everyone has a credit file, etc.
Add to that other security breaches, I wonder if everyone who has a credit history in American has already been compromised anyways.
I am Cornholio! You will co-operate with my bunghole!
It would seem Equifax has estimated $400 million of cash (at least as of June 30) to pay this ransom.
https://www.sec.gov/Archives/edgar/data/33185/000003318517000023/efx10q20170630.htm (page 7)
I think they should bite the bullet and pay, then hire the hackers as consultants to help the company solidify their IT so this doesn't happen again.
But what guarantees does Equifax have that the people posting on the darkweb site are actually the hackers? Or that they'll actually delete the data?
Even Somali pirate have a reputation to uphold that when people do pay ransom they will be released. The folks posting on this darkweb site don't have any whatsoever.
I'd like to see Equifax pay just in the off chance that it's real and we can all sleep easier. Not my money. But I doubt they will. Not sure I would.
Great Post brother
Don't executives have to notify of sales of stock? Why wasn't anyone watching that? Large selloffs by multiple execs usually gets noticed.
greetings and blessings for you, here I give my support and my upvote, hoping to follow that great work on your blog, and I really hope your support, visit my blog your support is very important for me ,,, many thanks and success, ,,
Good Article @jrcornel - I'll repost in my other blogs (linking back to you)
Nice job !!
With Scumbags Like This,.....
excellent work dear friend @jrcornel, very good information, which really surprises me the naturalness of the hakers, "we are only two, we want 2.5 million for our family, when honest people will never have so much money.
Thank you for sharing this post.
I wish you an excellent weekend
Let me resteem it
To inform to the others steemians in the world
I will be your loyal follower
I am waiting for the next post
At current prices 600 BTC is worth $2.5 million USD as you say in the article - but when was the demand made? What would have been the USD value of the ransom at the time the hackers made their demand?
got to http://ethlend.io or find ETHLend here on steemit. We now have made all three agencies obsolete. Its already being done now. You will soon see the utility of LEND coin .. I know this project at ETHLend & have read the whitepaper and I am participating :-) peace.
Correct play for Equifax Ethics Committee, is investigate and fire all executives within the next week, that are found to have engaged in insider trading.
Yikes! It does pose something of a dilemma for all involved. I suppose they could pay and pretend they didn't to the world at large.
Also, it really is a curious coincidence that that stock was sold when it was sold.
you wanna earn 0.005 bitcoin easy??
https://steemit.com/bitcoin/@enrrique20/you-wanna-earn-0-005-bitcoin-easy
follow me!