The ethical IT issue Equifax has faced was the data breach that happened in July 2017. Equifax is a consumer credit reporting agency that collects and aggregates information on over 800 million consumers and more than 88 million businesses worldwide. In September of 2017, Equifax announced that over 143 million consumer’s in the U.S, U.K, and Canada’s personal information i.e First Names, Last Names, Addresses, Phone Numbers, Social Security Numbers, Driver’s License Numbers, Date of Births, and also Credit Card Information had been stolen. Equifax knew there was a breach in their data in July but did not make an announcement till September letting people know about what was going on with the company which left people wondering why it took …show more content…
First of all, the company waited 40 days after the breach to let their customers know about what was going on. Then, they created an identity protection website called “Trusted ID Premier” which offered one year free access to the clients, and lets clients see if their identity and personal information had been part of the millions of people whose information had been stolen. According to The Economist, Equifax tried to manipulate its clients that upon enrollment of the Premier ID account, they would not be able to file a law suit against them which did not go well with the …show more content…
First, Equifax could have responded to the breach by letting its millions of customers know about the breach the moment they realized it had happened, instead of waiting 40 days to let their customers know what was going on with their identity’s that they had entrusted Equifax to protect and secure for them. By letting the customers know early, they (customers) could have taken steps in ensuring that they are not at risk of fraud by setting up a fraud alert that will inform them if anyone was trying to use their names, date of births, Social Security Numbers, etc by calling other credit bureaus like Experian, or TransUnion. Agreed that repairing a software at large businesses like Equifax with numerous technologies does take a lot of time because they must first detect the vulnerability, then implement and test the repair that was done to make sure it doesn't break anything before making it public, but they could have done it quickly because it was high value data that was at stake of damaging the company. Another alternative Equifax could have taken to respond to the breach is by acting faster on taking steps to stop the breach if it was still going on when the company noticed it. According to CNN, Equifax discovered that there had been a breach in their data in July 29th and they took 24hrs before deciding to take the web application that was affected offline because they wanted to see