• 70°

Time to protect Americans

Another month in America passes, and another new cache of private information about Americans has been compromised.

It seems that every new data breach is worse than the one that dominated the headlines before it. If that trend proves valid, the worst thing about the Equifax credit bureau breach — which company officials say might have affected as many as 143 million consumers — is that the next such breach could be even more widespread.

Equifax exposed 143 million consumers; Yahoo exposed a billion accounts (presumably many of its users had more than one account with the service); TJ Maxx exposed 94 million; Anthem exposed 80 million; and even the National Archives and Records Administration exposed 76 million records relating to U.S. military veterans, when a defective hard drive was sent off for repair without the data it contained having been erased. An inside job at AOL (yes, it’s still a company, and its reach in 2004, when the breach happened, was much greater than today) was perpetrated by an ex-employee, who exposed 92 million records.

Each of those breaches, along with dozens of others in the modern era of computerized identity theft, resulted in some combination of names, email addresses, physical addresses, Social Security numbers, telephone numbers, health records, passwords and other information that comprises one’s personal and financial identity being exposed. Every breach chipped away — and in the Equifax case, potentially destroyed — the privacy and security that are necessary to the protection of American consumers.

Is there anyone left in this nation whose data has not been exposed?

There was a time when experts advised that the best way to avoid having one’s identity compromised was to avoid online banking and shopping on the Internet, while taking care to protect oneself from credit card fraud and the like by not letting those cards out of one’s sight.

But the Equifax data breach has reached right into the pockets of even the most careful consumers. It affects people who do not even know what Equifax does. And since the customers of Equifax are not consumers, but banks, retailers and others with reason to check credit scores of the individual consumers, the victims have been victimized in a way that is even more execrable than any of the previous breaches. These victims had never even explicitly agreed to give their personal information to the company that lost it.

Last week, U.S. Sen. Mark R. Warner (D-VA), a member of the Banking, Budget and Finance committees and cofounder of the bipartisan Senate Cybersecurity Caucus, asked the Federal Trade Commission to begin a probe into the Equifax breach.

“The volume and sensitivity of the data potentially involved in this breach raises serious questions about whether firms like Equifax adequately protect the enormous amounts of sensitive data they gather and commercialize,” he wrote in the letter demanding the probe.

The very fact that dark-web trolling criminals may now have access to all the information they need to steal tens of millions of consumer identities would seem to make the questions Warner says were raised moot points.

Still, we appreciate the fact that our senator is demanding answers. We sincerely hope this breach will light a fire under government efforts to protect America from this digital scourge.