Common Sense Living

Equifax Breach: Should BANKS Be Liable?

Strange how when bad stuff happens and millions of people get harmed, accountability completely disappears.  We saw this happen during the financial crisis, where the government (i.e. YOU the taxpayer) bailed out big banking and insurance businesses to the tune of nearly $2 TRILLION.

Now we see Equifax display complete incompetence by exposing the personal information of 143 million individuals, putting all our financial lives at risk.  While the executive “leaders” of Equifax are deeply sorry for the breach, they so far deny all financial responsibility.

Those leaders may have a point.  After all, you as an individual have no contract or agreement with Equifax.  Equifax owes you as an individual absolutely nothing!  They can sell, give, lose, destroy, or publish your data and you can do nothing about it, as they have so far clearly demonstrated.  You are NOT their customer.

Our biggest banks ARE customers of Equifax, and if anyone should be suing Equifax, it should be the banks.  Banks provide Equifax your data, in exchange for credit assessment services.  If you were a bank, perhaps JPMorgan Chase for instance, and handed confidential information to a 3rd party such as Equifax, your agreements with that 3rd party should demand proper security for sensitive information.  And I am certain those agreements have such provisions.

Similarly, when you trust a bank to handle your financial matters, you trust that your information is secure.  After all, banks DO make those security promises to you and I!

In this case, YOUR bank passed your secure personal data to Equifax, who was operating with complete negligence.  So it’s not Equifax that was irresponsible with your data, but rather, YOUR BANK WAS IRRESPONSIBLE with your data!  THEY didn’t keep their security commitments to you!  If they trust a 3rd party to handle your data, at a bare minimum, they should be auditing that 3rd party for proper security compliance.  That didn’t happen!  Chase didn’t do it.  Citibank didn’t do it.  Wells Fargo didn’t do it……probably because Wells Fargo was too busy fraudulently opening accounts they didn’t have authority to open.

I think there is a MASSIVE class action lawsuit waiting to happen against this nation’s biggest banks.  The banks absolutely have an obligation to protect your data, and THEY dropped the ball by failing to audit a vendor.  But just as they skirted the financial crisis free of liability, the taxpayer will probably end up paying the price for this failure too!



Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.