Equifax Tells Investors They Could Be Breached Again - And That They're Still Profitable (nypost.com) 90
"Equifax executives will forgo their 2017 bonuses," reports CNBC. But according to the New York Post, the company "hasn't lost any significant business customers... Equifax largely does business with banks and other financial institutions -- not with the people they collect information on."
Even though it's facing more than 240 class-action lawsuits, Equifax's revenue actually increased 3.8% from July to September, to a whopping $834.8 million, while their net income for that period was $96.3 million -- which is still more than the $87.5 million that the breach cost them, according to a new article shared by chicksdaddy: The disclosure, made as part of the company's quarterly filing with the US Securities and Exchange Commission, is the first public disclosure of the direct costs of the incident, which saw the company's stock price plunge by more than 30% and wiped out billions of dollars in value to shareholders. Around $55.5m of the $87.5m in breach-related costs stems from product costs â" mostly credit monitoring services that it is offering to affected individuals. Professional fees added up to another $17.1m for Equifax and consumer support costs totaled $14.9m, the company said. Equifax also said it has spent $27.3 million of pretax expenses stemming from the cost of investigating and remediating the hack to Equifax's internal network as well as legal and other professional expenses.
But the costs are likely to continue. Equifax is estimating costs of $56 million to $110 million in "contingent liability" in the form of free credit monitoring and identity theft protection to all U.S. consumers as a good will gesture. The costs provided by Equifax are an estimate of the expenses necessary to provide this service to those who have signed up or will sign up by the January 31, 2018 deadline. So far, however, the company has only incurred $4.7 million through the end of September. So, while the upper bound of those contingent liability costs is high, there's good reason to believe that they will never be reached.
The Post reports that some business customers "have delayed new contracts until Equifax proves that they've done enough to shore up their cybersecurity."
But in their regulatory filing Thursday, Equifax admitted that "We cannot assure that all potential causes of the incident have been identified and remediated and will not occur again."
Even though it's facing more than 240 class-action lawsuits, Equifax's revenue actually increased 3.8% from July to September, to a whopping $834.8 million, while their net income for that period was $96.3 million -- which is still more than the $87.5 million that the breach cost them, according to a new article shared by chicksdaddy: The disclosure, made as part of the company's quarterly filing with the US Securities and Exchange Commission, is the first public disclosure of the direct costs of the incident, which saw the company's stock price plunge by more than 30% and wiped out billions of dollars in value to shareholders. Around $55.5m of the $87.5m in breach-related costs stems from product costs â" mostly credit monitoring services that it is offering to affected individuals. Professional fees added up to another $17.1m for Equifax and consumer support costs totaled $14.9m, the company said. Equifax also said it has spent $27.3 million of pretax expenses stemming from the cost of investigating and remediating the hack to Equifax's internal network as well as legal and other professional expenses.
But the costs are likely to continue. Equifax is estimating costs of $56 million to $110 million in "contingent liability" in the form of free credit monitoring and identity theft protection to all U.S. consumers as a good will gesture. The costs provided by Equifax are an estimate of the expenses necessary to provide this service to those who have signed up or will sign up by the January 31, 2018 deadline. So far, however, the company has only incurred $4.7 million through the end of September. So, while the upper bound of those contingent liability costs is high, there's good reason to believe that they will never be reached.
The Post reports that some business customers "have delayed new contracts until Equifax proves that they've done enough to shore up their cybersecurity."
But in their regulatory filing Thursday, Equifax admitted that "We cannot assure that all potential causes of the incident have been identified and remediated and will not occur again."
Equifax should be shutdown (Score:5, Insightful)
The fact it still exists shows how corrupt things are.
Re:Equifax should be shutdown (Score:5, Insightful)
This. How is it even possible that they are still operating? Anyone else doing a fraction of what happened there would be in prison forever and his assets gone to compensate the victims. How are they not only still doing business but actually having to think whether to pay their C-Levels a bonus? I.e. how are they even still able to pay a bonus?
Re:Equifax should be shutdown (Score:5, Insightful)
Easy. There are no laws to prevent companies like EquiFax from sucking up your information and selling it to the highest bidder or having it pilfered by the lowest scum.
The Republicans are big believers in "business", they won't rein in companies like this. The Libretards believe information wants to be free. The Democrats will write new legislation each year for the next 10 years and still not solve the problem.
And the problem is: you want a loan or credit, who vouches for your background? There is a market there and it is going to be filled. The only issue is how secure is that information. Hanging the company officials won't stop the information getting pissed away. They'll simply get better lawyers.
Re: (Score:1)
If it's a necessity of business, shouldn't it be something done by a government or heavily regulated non-profit rather than incompetent profit-making entities?
Re: (Score:1, Interesting)
The Republicans are big believers in "business", they won't rein in companies like this. The Libretards believe information wants to be free. The Democrats will write new legislation each year for the next 10 years and still not solve the problem.
I wanted to go on record as a libertarian, offering my opinion on this issue
I believe that the current concept of "identity theft" needs to change. The banks should be liable for loans issued to the wrong person. The victim should not be responsible for the mista
Re: (Score:2)
Not to mention, as the last 20 years has shown -- the entire Western economy is based upon *credit*. Lending. Borrowing. *Debit*.
If you decided tomorrow that Equifax couldn't share info. Or, something immediate and drastic was done?
You'd see massive unemployment, economic crash, you name it.
No new mortgages. No loans. No new credit cards. Even ongoing credit monitoring would be a concern.
Equifax and its ilk are in a unique position that every bank, mortgage company, you name it -- relies upon them re
Re: A Special Class (Score:2)
To stop doing business with Equifax by proxy, you have to stop doing business with the proxy. Be that your local auto dealer, or furniture store, or business offering an in store discount credit card, etc.
Microsoft is in a somewhat similar, but not quite so similar position. Most businesses depend on Microsoft software. Most employees then buy Microsoft because they
Re: (Score:2)
This is not about credit check. They have other services such as providing your salary history, big purchase history (which has nothing to do with credit check), proof of identity (your exact last 3 addresses and other info), employer history, etc.
each of those are a different service. If you call them to freeze your credit, the only thing that will happen is that all those services selling your data will contain yet another line "froze credit checks on this day at some hour via telephone numer 555-555-555,
Re: Equifax should be shutdown (Score:3, Insightful)
The fact that it still exists merely illustrates how badly nerds misunderstand what matters in business survival. As for why Equifax still has any customers, the reason is not corruption and is very simple - the average person is dumb as a brick.
Re: (Score:3, Insightful)
As for why Equifax still has any customers
That's because their customers weren't affected by the breach. In fact Equifax is shielding their customers from these kind of breaches by being the ones that deal with the data and acting as a scape goat.
Re: Equifax should be shutdown (Score:5, Insightful)
Re: (Score:2)
Those are cooked (non-GAAP) numbers (Score:5, Interesting)
Re: (Score:2, Funny)
Plus of course, look at all the money they saved on IT security!
Re: (Score:1)
class action lawsuit goals (Score:3, Funny)
Re: (Score:3)
Does it matter? There was no evidence the data has been tampered with and that would be easily spotted by comparing another source of data, but even so, any data collected since is what's important for the Equifax customers.
Equifax collects information on individuals and makes timelines for businesses, whether or not a portion of that information at some point in time was made public does not make one iota of difference to their customers.
If they use Equifax data and it ends up being bad, they won't pay for
Re: (Score:2)
It does matter, the reason is you can no longer with any level of certainty guarantee that the person applying for the credit is the actual person they say they are, so your data is corrupted, in fact it doesn't matter who you get your credit info from, if it was in the compromised data you cannot be sure it is them.
every body should now be issued with new social security numbers, names and birthdays. and Equifax should pay.
Re: (Score:2)
What I said is that to Equifax and the Equifax customers it doesn't matter. In any model you propose, there must be an economic loss in order for these companies to change, however in this situation they lose no money.
Let's say you are right and the information is all corrupt and the banks write bad loans because of it. The Feds have guaranteed the loans so the banks lose nothing, at best they have now saddled a bunch of people with payments that will continue to haunt them for the next decade, if they do e
It's true (Score:5, Insightful)
They won't have to factor in the costs of lawyers until later.
People should ignore the class action suits, and file millions of personal suits, assuming there are sufficient ambulance chasers available to work knowing they'll only be paid if they win.
Re: (Score:3)
That's why class action suits were invented. Individual cases would net maybe $2000 for the victim, which would go 100% to a lawyer and the lawyer would actually lose out between running the paperwork and being in court. Additionally it would clog the justice system even more, resulting in more delays and even higher costs for everyone, including the victim (which pays for it through taxes)
Class-actions, as shitty as they are, improve the system as a whole, the lawyer gets his pay-day and the victim sees so
Re: (Score:2)
There is no shame (Score:3)
If these corporations were actually people, they would be feed to the dogs. They prey on people coming and going. They sell and trade information to manipulate people, while gaming the system in their favor. There are plenty of ways to do business without completely disregarding any semblance of privacy.
--
"Use the force Luke" - O. W. Kenobi
Re:There is no shame (Score:5, Informative)
If these corporations were actually people, they would be feed to the dogs.
If they do have another event on a similar scale once the GDPR has come into effect in Europe next year, being fed to the dogs might be the least of their problems. The penalties for a major compliance failure can be up to 4% of annual global turnover. Going by the figures mentioned in TFS, it looks like that would wipe out Equifax's entire net income for between one and two quarters. That's just the financial penalty from the regulators in the EU, and doesn't take into account any additional criminal sanctions that member states might choose to impose.
Re: (Score:2)
That is not enough, if you potentially ruined 325 million peoples lives you wouldn't loose a years income, you would go to jailed for the rest of your life, with no income.
Re: (Score:2)
That's just the fine that can be imposed by regulators. It doesn't preclude individuals suing for damages in their own rights (and remember that in somewhere like the UK, there's no direct equivalent to class action suits, and typically the loser is going to pay costs for both sides in a civil suit like this). It also doesn't preclude being charged with any criminal offences that member states may wish to create in addition to the regulatory penalties.
Re: (Score:2)
"and remember that in somewhere like the UK, there's no direct equivalent to class action suits, and typically the loser is going to pay costs for both sides in a civil suit like this"
That's no longer true, the legal framework for them went into law this year.
Re: (Score:2)
Interesting... Given that the UK legal systems don't seem to have the fundamental problem that class actions try to solve in the US, would you mind elaborating a little on what is actually happening here and why?
Re: (Score:2)
Sorry for the slow reply, here:
http://www.bbc.co.uk/news/uk-3... [bbc.co.uk]
Actually came in in 2015, thought it was more recent than that, how time flies!
Re: (Score:2)
Interesting, thanks. I'd missed that one.
When Your CISO Was a Music Major (Score:2)
You can play the feds like a violin.
The Stocks - in a public square. (Score:2)
Corporations are going to treat people like shit until a few CEOs and board members are punished, and not just financially. We've got Guantanamo Bay and it hasn't been at all useful to fight terrorists, so why not start putting these monsters there?
There is a saying, that "The only way to stop a bad guy with a corporation is a good guy with a gun." I know it sounds a little bit harsh, but it's just not going to stop until something drastic happens.
I'll te
Re: (Score:2)
I'll tell you the last thing these corporate jackoffs need is a fat tax cut.
The last thing they need? As in they'll get the tax cut for dessert at the end of the meal?
Re: (Score:2)
If it was up to me it would be more like their last meal.
Re: (Score:2)
Federal, much less, State courts cannot banish some one to Gitmo. And Gitmo isn't large enough even if you could get the legislation through Congress and said legislation is probably unconstitutional.
Now go back and eat your Cherrios, so you'll grow big and strong and get a law degree.
Re: (Score:2)
It was probably from some other even more scammy scammer that was just using the Equifax letterhead and hoping to prey on suckers.
Just put them out of their misery (Score:2)
Someone please shoot those wankers already, they're just torturing themselves anymore.
And even more important, us.
Re: (Score:2)
I see. So if someone, say you (to pick and individual at random), gets his tail caught in crack, someone should blow you into the next universe? How civilized of you.
Re: (Score:2)
If my gross negligence and utter ignorance caused thousands if not millions of people suffering?
If someone, to pick an individual at random, me, was to handle poisonous gas unsafely and causing a whole city to be evacuated, causing people to suffer and destroying their existence because their homes are now uninhabitable, would you say "oh c'mon, mistakes happen, that's what erasers are for"?
Re: (Score:2)
depends which city(s), Silicon Valley? You'll even get desert with your steak.
Re: (Score:2)
add an "s" into there for me, thanks O.o
Re: (Score:2)
To make that desert a dessert?
Re: (Score:2)
Someone please shoot those wankers already, they're just torturing themselves anymore.
And even more important, us.
And in their absence, if you're a lender and want to know if your potential customer is a deadbeat you do ... what, exactly?
Re: (Score:2)
What? Don't you trust the free market, the invisible hand and the intangible foot in the mouth to create a service if there is a market for it?
How to kill Equifax (Score:1)
If enough people freeze their credit with Equifax - but not with Experian and Transunion, Equifax will lose customers. I just got a new credit card and my credit is frozen with them. Just had to talk with the card people over the phone.
Re: (Score:2)
If enough people freeze their credit with Equifax - but not with Experian and Transunion, Equifax will lose customers. I just got a new credit card and my credit is frozen with them. Just had to talk with the card people over the phone.
That would defeat the purpose of the freeze, which is to protect you. Equifax's breach exposed your data, and if a scammer can just use it to open a credit line with a firm that uses Transunion to check your credit, you've still got a problem. Freeze with EVERYONE.
Shorter version (Score:2)
"But in their regulatory filing Thursday, Equifax admitted that "We cannot assure that all potential causes of the incident have been identified and remediated and will not occur again."
WE SUCK!
the company's stock price plunge by more than 30% (Score:2)
Re: (Score:2)
Didn't you hear, the company hired the Three Wise Monkeys (other wise known as their own corporate layers) to do an investigation. They went "La, la, la, I can't see or hear you" and exonerated the executives of any wrongdoing.
Do you really expect the SEC under Trump to actually do anything?
Equifax (Score:2)
Re: Equifax (Score:2)
$27.3 million (Score:2)
Re: Fuck Equifax and their mystery numbers. (Score:2)
https://www.equifax.com/busine... [equifax.com]
br How many of these scores are there?
Don't monitor - Freeze (Score:2)
Of course they're hackable, start mitigating... (Score:2)
...the risk/damage.
Encrypt each user's information with an individual AES256 key. Then perimeter penetration, while still bad, is limited in scope, and while keys like that can be broken, it's expensive at a per-user basis (rather than free for millions of users.)
This requires a key management system, but they exist today. How do you avoid all the keys being stolen? That's actually vastly simpler and easier than securing the rest of the network. How to keep the thieves from cracking the interfaces/APIs to t
Not knowing how this business works... (Score:1)
Re: (Score:2)
Yes, the dweebs are the product not customers. (Score:2)
"Equifax executives will forgo their 2017 bonuses," reports CNBC. But according to the New York Post, the company "hasn't lost any significant business customers... Equifax largely does business with banks and other financial institutions -- not with the people they collect information on."
"The dope about the dopes is our product, the banks that buy it are our customers. These idiots might be pissed off at at us, but who cares, we don't need their love, just their info." All absolute truths.
There is some minor hiccups due to law suits. The first line of defense it has is binding arbitration. Since we the public are not really the customers, we have not really agreed to any binding arbitration clause. It is possible the fine pint in our credit application might have some line about binding a