Equifax CEO Pens Open Letter Apologizing for Data Breach

Equifax’s new CEO is taking some big steps to ensure that people trust the credit reporting agency again. Paulino Rego Barros Jr. has been appointed as interim CEO in the wake of Richard Smith stepping down.  Or did he retire?  I joke.  Two other top executives “retired” in the wake of the scandal that left 143 million Americans vulnerable to hacks.  Barros started off his new position by writing a letter that was published by the Wall Street Journal.  Essentially, apologizing for what happened.  Good for Equifax for doing this, but why does the new CEO have to take the hit for something that happened under the old CEO’s watch?  I mean, I get it, but shouldn’t Barros be able to walk in and “start fresh” so to speak?

Or do we automatically get to blame whoever is in the driver seat?  The apology letter essentially states that the company is sorry they weren’t able to live up to people’s expectations.  He clarifies by saying that the website did not function like it should have, and the call center couldn’t handle the volume of calls that it was receiving.  But is that what lead to the security breach?If you refer to any of my previous posts on this topic, I believe we were told that it was a security flaw related to an update and an API not working correctly.  Which sounds internal, rather than an external issue.  Which is kind of what Barros seems to be saying.  Doesn’t it?

Ultimately, something happened so the website was no longer working – yes.  But it wasn’t working because of an internal error.  Someone in the organization didn’t do all the security updates like they were supposed to.  Plain and simple.  Right?  I am over-simplifying this, I know.  But that’s because I don’t think it’s fair to place blame on people. Which is what is Barros is saying.  I should clarify – someone needs to take the fall for this, absolutely.  But to say that your call center couldn’t manage the number of calls it was receiving sounds like a staffing issue to me.  Not necessarily a security issue.  Were people calling into the call center to say that Equifax had been or was going to be hacked?

The call center issue is related to after the hack.  People weren’t able to get through to find out what’s going on or if their data was exposed.  But what does that have to do with the breach itself?  If I’m a customer who used Equifax, I want to know what they’re doing to make this right.  Not hearing apologies for what is going wrong now.  I might be a bit too hard on Barros, but I feel like they’re not doing enough to figure this situation out.  In the open letter that Barros penned, he states:

“I was appointed Equifax’s interim chief executive officer on Tuesday. I won’t pretend to have figured out all the answers in two days. But I have been listening carefully to consumers and critics. I have heard the frustration and fear. I know we have to do a better job of helping you.

Although we have made mistakes, we have successfully managed a tremendous volume of calls and clicks. And we’re getting better each day. But it’s not enough. I’ve told our team we have to do whatever it takes to upgrade the website and improve the call centers.

We have started work on our website, and I see significant signs of progress. I won’t accept anything less than a superior process for consumers. We will make this site right or we will build another one from scratch. You have my word.”

One thought on “Equifax CEO Pens Open Letter Apologizing for Data Breach

Comments are closed.