The Equifax Hack Didn’t Have to Be This Bad

Outdated technology.

Photo: Social Security Administration

If your personal information is ever compromised in a data breach, the hacked company might send you an apology letter with an offer of free identity theft protection from a credit-reporting agency. But what happens when the reporting agency is the one that gets breached?

This week, Equifax said that its systems had been accessed by intruders, potentially affecting 143 million U.S. consumers. Equifax Chief Executive Richard Smith called the event "disappointing," which seems like an understatement for a company whose core business is collecting people's credit information. The stolen information includes names, Social Security numbers, birth dates, addresses and driver’s license numbers. Get ready to see a lot of credit card fraud.

Once Social Security numbers are exposed, they can be circulated and misused with ease. A company called LifeLock demonstrated this back in the 2000s, when it advertised its CEO's Social Security number to display confidence in its identity protection services. His identity was reportedly misappropriated 13 times. Here's that ad: