Ben DiPietro, The Wall Street Journal’s Risk & Compliance Journal, September 19, 2017

The hack of personal information of around 143 million people has put credit-monitoring service Equifax Inc. in the crisis bullseye. Hackers swiped Social Security numbers, birth dates, addresses and driver’s license numbers, leaving consumers trying to figure out their next moves—and unhappy with how Equifax was handling the situation. 

Equifax issued a statement on Sept. 7 notifying the public about the breach—weeks after it said it first learned of the incursion. It issued ‘updates’ on Sept. 8, Sept. 11, Sept. 13, Sept. 14 and Sept. 15, the last one announcing the retirements of its chief information officer and chief security officer. Bloomberg reported three executives sold stock days after the company learned of the breach but NPR reported Equifax said in a statement not posted on its website the executives “had no knowledge that an intrusion had occurred at the time they sold their shares.” The company’s chief executive, Robert F. Smith, said the incident is “the most humbling moment in our 118-year history” and promised changes.

The experts evaluate how well Equifax has handled its crisis communications.

“Equifax’s public response to its breach affecting 143 million Americans remains one of the worst yet, serving only to exacerbate the crisis–and the company took over a month to plan it,” said Davia Temin. “It made pretty much every crisis communications gaffe in the book, systematically destroying public trust with every move.” […read more]