Skip to content

Equifax CEO Still Not Sure if the Company is Encrypting Your Data

Nov. 13, 2017
3 min read
Equifax CEO Still Not Sure if the Company is Encrypting Your Data
This post contains references to products from one or more of our advertisers. We may receive compensation when you click on links to those products. Terms apply to the offers listed on this page. For an explanation of our Advertising Policy, visit this page.

In case you missed the news, it's more likely than not that Equifax lost your data to unknown hackers between May and July of this year. As of the last count, over 145 million Americans had their most sensitive financial data compromised. As confirmed by the company, this was in part to this information not being encrypted on the Equifax servers.

With the extensive data breach, banks and credit card companies are now looking into how else they can verify identities. With so many social security numbers, dates of birth and addresses compromised, your next credit card application could require a selfie to verify your identity.

Within weeks of the public revealing, long-time Equifax CEO Richard Smith — the CEO at the helm of the credit bureau at the time of the hack — suddenly retired. Now, both he and the interim CEO Paulino do Rego Barros Jr. are facing congressional hearings about the massive breach.

At a session last week, Mr. Barros tried to reassure the Senate Commerce Committee that the company is doing all that it can to make sure that a breach doesn't happen again. Equifax has "quadrupled spending on security, updated its security tools and changed its corporate structure since the breach" according to the report by the Wall Street Journal on the session.

But, on the key question of whether or not our sensitive personal data is encrypted, Mr. Barros could only respond "I don’t know at this stage."

Considering the importance of encrypting data as a basic step to preventing further breaches, there are two likely possibilities behind this statement. Either the interim CEO isn't aware of the critical need for encryption. Or, more likely, the CEO doesn't want to admit that Equifax still hasn't taken this basic security step to protect our data more than two months after the breach was revealed.

Sign up for our daily newsletter

Equifax has gone into public relations damage control mode since. In an emailed statement to the Wall Street Journal, an Equifax spokesperson said that the company is in the process of "either encrypting or deleting" data stored on its systems and that "Equifax has deployed multiple methodologies to strengthen security and protect data."

Here's the interaction from the Senate Commerce Committee related to encryption:

https://youtu.be/LunazYJGNXU?t=1h52m

For more about the Equifax breach, see the posts below:

Featured image by Getty Images

Top offers from our partners

How we chose these cards

Our points-obsessed staff uses a plethora of credit cards on a daily basis. If anyone on our team wouldn’t recommend it to a friend or a family member, we wouldn’t recommend it on The Points Guy either. Our opinions are our own, and have not been reviewed, approved, or endorsed by our advertising partners.
See all best card offers