[schemescape]

> Malicious actors had been exfiltrating data for several months and had already collected personal information from 163 million customers.

I don't think "customers" is the right term, considering I never wanted them collecting data about me.

[RachelF]

Yes, this is what most people don't understand with data breaches: it's not the company's data, it's data on others. That's why they don't really care about protecting it.

[dwd]

That is not correct for a data brokerage as the data is the business. Lose your monopoly on that data and you have no business.

If it is information collected as part of doing business, then yes; they don't care. A good reason to question any Gov attempt to implement centralisation of data like identity or medical records.

[forkerenok]

> Lose your monopoly on that data and you have no business.

But do these breaches affect their monopoly? My thinking is:

1. B2B customers won't go on darknet to source illegal data dumps.

2. This data, even if it doesn't quickly become effectively stale, would be considered stale by businesses very quickly if it's not connected to the continuous data ingestion pipeline.

[dwd]

1) Customers, probably not. Competitors I would not be so sure they wouldn't have look.

2) This is not specific to the data that underlines consumer credit scoring; a broker could be selling products derived from data on historical house prices or car sales for example. A competitor might use it to compare and validate their own dataset or simply have a look. Third party investigators, journalists, etc though could have a field day fact-checking it.

[dataflow]

> Lose your monopoly on that data and you have no business.

Could you elaborate on how Equifax would have gone out of business if all their data had been stolen?

[yomlica8]

Doesn't track to me. There is no loss to Equifax really from losing all the data besides a fine. I doubt many of their customers are willing or able to purchase their data from dark markets at a discount, and the data would age unless the hack remained in place.

[stef25]

Come on man ... no company wants their DB leaked regardless of what's inside. There's probably zero Western companies in 2023 that "don't care" about PPI leaking from their systems.

[simonswords82]

People care about events when the outcomes of those events have consequences either for the company or better still those in charge of the company.

The reality is that despite Equifax showing a blatant disregard for the security of the data they have on people, the repercussions of this breach were trivial to them and their senior people.

So yes, I do agree that there is at least one company out there, Equifax, who does not care about PPI leaking from their systems.

[HeckFeck]

HMRC calls its pillaged subjects 'customers' - which gives me no end of amusement. I can't ever remember asking for their 'custom', nor do I remember them ever going out of their way to win it from me.

[baz00]

I did some contract work for another credit agency many moons ago and they pretty much brainwashed all full time staff into referring to data subjects as customers. A fellow contractor made a very snide analogy of suggesting that the Nazis could have called Jews customers to legitimise their actions. None of us renewed. Horrible place.