Open letter Equifax
I’m certain that I am not alone in applauding your recent mea culpa in The Wall Street Journal. You are only two days in and have already publicly taken ownership of the situation and have charted a course forward. You clearly have much work to do and are starting on the right foot towards getting this earnest work done. For all that you said and all that you’ve committed to do, however, I’m frankly astonished you did not call out the most critical reason Equifax fell into the mire of perhaps the worst public relations crisis of the year – your company failed to be open, honest and forthcoming from the first day the breach occurred.
Consumers are outraged, standing unified in revolt, smashing media and social networks with virtual pitchforks and torches. Consumers are rightfully upset about the data breach, but their ire is about the lack of customer service and communication. This is a matter of trust. A question of transparency. Do we really need to rehash the fact that Equifax executives sold almost $2 million worth of company stock days after the July 29 data breach? And that Equifax knew about that data breach for over a full month before announcing it? And that there was another breach in March that they never announced and that Bloomberg had to tell us about? I’m afraid that I feel compelled to do so. Because as I read your well-penned statement to your customers and to the 143 million people affected by this data breach, I’m not seeing anything about executive accountability.
You have rightfully said that “you didn’t live up to expectations” and you outlined a cognitive course for ensuring a breach like this won’t happen again. You’ve even gone into detail about how you are going to handle the myriad of customer service issues, calling for change on “delayed calls” and the need for “training.” That’s all very good. I also applaud your new free service that allows consumers to control access to their personal data (though I wondered why this wasn’t already in place). But where is the accountability? As you say, “there is no magic for data breaches.” I don’t think anyone is arguing that. There may be experts that have opinions on that matter, but for the rest of us—for me in particular, I am less concerned about the breach than I am about the behavior and actions of your leadership. As the interim CEO on the heels of a public crisis, you have a critical job. You must restore the trust in your institution and in the entire industry.
Transparency and accountability are not just buzzwords, they are the new standard and consumers will not expect anything less. The letter I want to read is about how you are going to protect consumers from you and from the rest of the leadership. Equifax executives had the keys to the identity of millions of people and then drove that car into a ditch, immediately fleeing the scene of the accident afterward, counting all of their cash in hand. Then they covered it up and robbed consumers of the time they needed to protect themselves from these hackers. May I specifically suggest that you also not try to sell repair products for the problem, and acknowledge that you need the help of competitors, like us.
Every citizen in the United States of America, indeed everywhere, needs monitoring to alert people of problems, professional consultation and restoration from licensed private investigators if identify theft occurs. Everything else is a half-measure. Indeed, telling people to freeze their credit is reckless. As you continue to take actions to address concerns, don’t forget about the biggest concern of all. You have the opportunity to right this wrong and bring some accountability to the leadership of Equifax. If you fail to do so, then not only are you missing the point, you will never earn the most significant honor a consumer can bestow upon you: their trust. -Jeff Bell, CEO LegalShield