On July 29, Equifax, a credit-rating company, first learned that consumers’ trusted data had been breached. Equifax holds highly sensitive personal and financial data for more than 800 million consumers.
Equifax’s statement revealed in part that, “the information accessed primarily includes names, Social Security numbers, birth dates, addresses and, in some instances, driver’s license numbers. In addition, credit card numbers for approximately 209,000 U.S. consumers, and certain dispute documents with personal identifying information for approximately 182,000 U.S. consumers, were accessed.”
However, Equifax failed to disclose the hack to the public until Sept 7, nearly six weeks after the company first discovered the cyber security attack. Matters worsened when the public found out executives sold company stock before disclosing the breach.
Why did Equifax wait more than a month before disclosing the leak?
What can the 143 million U.S. consumers, whose information was exposed, do to protect themselves?
Is there anything they can do?
These are the daunting questions that millions are asking. Questions that Equifax is failing to answer.
According to the Washington Post, Equifax waited before disclosing so they could conduct the proper legal matters. Despite its efforts, the company is still vulnerable to several lawsuits, according to MSN News. Because of the situation, how executives handled it and when they handled it, not only is the company in legal trouble but it is also faced with a flawed reputation among millions of consumers.
My public relations mind can’t help but ask the question, when, if ever, should reputation come before legal concerns? Can Equifax’s reputation be repaired?