Because of lax security at Equifax, one of the three major credit reporting companies, the private financial and personal details of as many as 143 million Americans have been exposed to hackers. We still don’t know what the full ramifications will be; the people who took this information — which includes birth dates, Social Security numbers and addresses — could hold on to it for as long as they want and deploy it in years to come.

Many consumers have scrambled to try to protect themselves. To anyone who tried to get through to Equifax customer service, though, it became clear: The company does not care about us. Months before the hack itself, Equifax could easily have patched the hole in its system that hackers exploited, but it simply didn’t.

That’s because we are not the customers of credit reporting companies, but the product. These private institutions hoover up our data, often without our knowledge and consent, and then sell it off to banks, landlords and even prospective employers. The companies rake in some $10 billion in revenue every year. They wield enormous power to ruin our lives — if not through a data breach, then through errors on our credit reports. One in four consumers has an error on his credit report that could affect his scores, yet it can be very difficult to correct the record.

Although they call themselves bureaus, there is nothing governmental about what these private companies do. We let them take on a role that can have outsize consequences. And the free market doesn’t work here, because none of us can refuse to be a part of this system and opt out if we don’t like how we’re being treated. There’s no legal right to ask Equifax to remove your data from its registries or to stop it from getting more in the future.