The Equifax Data Breach Settlement

n a previous post, I took readers on a tour of some of the worst commerce data breaches of the last decade. Before the commerce data breaches, the Equifax data breach was mentioned due to the fact that it occurred around the same time as the Facebook/Cambridge Analytica scandal and helped to put data breaches back in focus. New developments in each of these data breach stories could be used as motivation for other companies to put more effort and resources into improving security for their databases and providing privacy to their customers. Why? Well, because Facebook’s recent privacy issues and Equifax’s data breach are going to end up costing both of those companies way more money than it would have cost for them to improve their own systems and technology in a way that would have prevented these problems from happening in the first place. Just how much is the Equifax data breach settlement?

It seems most people figured that the Equifax data breach would end up costing the company a lot of money as there were over 147 million victims of the breach (or almost half of all Americans). However, I doubt many people thought it would cost the company as much as it is actually going to cost. The breach, which occurred in 2017 and included Social Security numbers, credit card details, and other personal information, is just now getting a total price tag, and the number is staggering. It’s estimated that Equifax will pay up to $700 million to settle with State and Federal regulators over allegations that the company failed to take proper cybersecurity steps to prevent the breach, according to the Federal Trade Commission. A large portion of that money will go to compensating victims of the breach. Even for a large consumer reporting agency like Equifax, $700 million dollars is not a small number. However, the money that each individual victim will receive as compensation from the data breach settlement is unlikely to truly equal the value of the time they lost dealing with the fallout from the breach.

Even after the data breach settlement has been finalized, the event itself will not be easily forgotten by the millions of people who were affected by it, and for a long time afterward Equifax will likely find it difficult to regain the trust of its customers, even after the data breach settlement, especially considering that almost half of the U.S. population was impacted by it.

The Facebook Privacy Violation And Data Breach Settlement

If you thought Equifax was going to have to pay a lot of money for its mistakes, wait until you hear how much Facebook will pay in its privacy violation and data breach settlement. The Federal Trade Commission (FTC) approved a $5 billion settlement in response to the Facebook/Cambridge Analytica scandal, but many people feel that the punishment is not harsh enough. Senator Richard Blumenthal from Connecticut called it “barely a tap on the wrist, not even a slap.” However, for the final three months of 2018 which followed the privacy scandal, Facebook posted a record $6.9 billion profit. In addition to increased yearly revenue, which totaled 55.838 billion dollars in 2018, the social networking giant also increased daily active users to 1.52 billion people and 2.32 billion monthly active users, an increase of 9% from the previous year for both measurements. According to Facebook’s estimates, 2.7 billion people now use Instagram, Whatsapp, Messenger or Facebook each month and 2 billion use at least one of them every day.

So, it appears that despite the scandals, Facebook has increased its influence and its profits in a year when everyone thought the company might struggle. Even though the $5 billion beat the record for most expensive FTC settlement, with the revenue and profit numbers Facebook is earning and the seriousness of the company’s privacy offenses, the FTC could have fined them much more than they did. Kara Swisher, a popular technology business journalist, wrote that the $5 billion fine that Facebook received was the equivalent of “a parking ticket” for the company, considering that they have $23 billion in cash on hand, and that the fine would have needed to be closer to 10 times what it was for it to really impact Facebook and force the company to make lasting positive changes.

Still, it’s likely that Facebook will try to avoid this type of negative media attention in the future, which is perhaps one of the motivators for entering the blockchain/crypto space. First of all, a new development of this magnitude will take the attention away from their recent history of data breach settlements and privacy violations and put the focus of the media and the world on their decision to begin using a technology that is known for providing better security and a decentralized information storage system. By associating with blockchain technology, the company can promote that it is taking the appropriate measures to focus more on privacy while adding another potential money-making business venture to their already extensive list of brands. I am sure that these benefits were discussed by the Facebook team and contributed to the company’s decision to announce its entry into the blockchain/crypto space when and how they did.

The Decisions That Cause A Data Breach Settlement

Equifax’s Mistakes

The Equifax team found themselves as one of the largest data breaches in history, and now owe up to $700 million in a data breach settlement because of two reasons. The first mistake and the second mistake combined to create the problem and the resulting situation that they now find themselves in. That being said, the first mistake was that they stored hundreds of millions of people’s credit card details and Social Security numbers in a centralized database. This meant that if the database was breached, hackers would have access to hundreds of millions of people’s personal data since it was all there in one place.

However, even with centralized databases, it is possible to pay for extra security measures designed to make hacking much more difficult and protect customer’s data. Essentially the company failed to use security best practices and lacked internal controls and regular security reviews. The company did not spend money where it needed to be spent, the breach occurred, and senior executives were forced to leave the company earlier than expected. Take care of your customers first with company money before putting it toward executive compensation. So by storing everything in a centralized database and not taking proper security measures, the breach was bound to happen.

Facebook’s Mistakes

Cambridge Analytica, a political data-analysis firm that worked on Trump’s 2016 Presidential campaign and was led by former Trump senior advisor Stephen Bannon, used data points on Americans to build personality profiles that the company’s clients could use for psychographic targeting of ads. However, Cambridge Analytica obtained the massive amount of data they used for this project through access to data obtained on millions of Facebook users without their permission. They gained access to the data through “thisisyourdigitallife,” a third-party app developed by a researcher at Cambridge University’s Psychometrics Centre. When people downloaded the app, they provided the researcher and Cambridge Analytica access to their data and their friends’ data, which is how it ended up impacting so many people. Essentially they gained access to the Facebook data of Facebook’s users through a third-party app that those users downloaded, but the users had not given permission for Cambridge Analytica to use the data, thus it was illegally obtained.

Facebook failed to properly regulate the access to Facebook users’ data that they provided to third-party apps. They also failed to take proper precautions in regards to the possibility that their third party apps would share the data with other groups (like Cambridge Analytica) that Facebook had no agreement with specifically. So basically, Facebook was not careful enough about privacy issues and did not provide adequate enough security for its users’ data.

What AllForCrypto Is Doing To Prevent A Similar Situation

These two data breaches and the data breach settlements that followed them could have been avoided if the companies paid more attention to security and privacy. At AllForCrypto, we are eliminating the possibility of credit card information being stolen from our customers by developing a marketplace that does not even use credit cards as a method of payment.

Now ask yourself this question: If you were trying to hide a large amount of something, would it be safer if you hid it all in one place or encrypted and in many different places all over the world? Data is lost if it is stored in one centralized location that is hacked. In a decentralized system, attacking one point of storage would not result in loss of data since the data is shared in places all over the world. Also, the information stored on a blockchain is certain to be true because there are multiple copies that require a complex consensus process in order to be edited.

By creating a marketplace that is decentralized we are offering more security to people who shop there, and our use of blockchain technology ensures that financial transactions and exchanges of goods and services are conducted truthfully and without fraud.

Developing a marketplace where you can go to find whatever products or services you need all in one place, and then pay for them in a way that is more secure will allow AllForCrypto to better protect you and your assets from harm while ensuring we maintain the trust of all of our customers and the continued success of our company into the future.