This is still unconfirmed but Brian Krebs is reporting that some people are gaining access Experian's credit freeze PINs without authorization.
https://twitter.com/briankrebs/status/1048247264152621061
(screenshot because link eventually goes to FB)
@0x56 f*.. π£
@jordicusmaximus - yeah - Experian really needs to go away.
@0x56 Really.. credit should be a government managed/regulated affair, imo. These companies clearly lack the will to properly protect their data, and receive little in the way of punishment when they fail.. π
@jordicusmaximus - I'm not sure if govt. should be in charge of managing it, but yes, regulated, and issues like this should be punished with more than a slap on the wrist - laws written so that there's not wiggle room.
@0x56 Right, more regulation, less actually directly managing.
Companies that experience a breach such as this should be investigated, and if found to be negligent, real jail time. How quickly would they clean up their act if that were the case?
@0x56 real jail time for those directly responsible for the negligence, I mean. (For the most serious cases where peoples financial well-being is directly put in jeopardy.. equifax execs, for example)
@jordicusmaximus @0x56 lock up the top execs
@jordicusmaximus @Bemet_Or - yes, but isn't that considered insider trading and has special laws already?
@Bemet_Or @jordicusmaximus - fines. Hefty fines, say 1% gross profit per day, retroactive to when flaws like this it were introduced, or in the case of the server breach, when a patch was available.
@0x56 @jordicusmaximus if government is in charge there'd be no more bankruptcy claims, just like student loans and taxes.