You probably don’t have a contract with Equifax. Your creditors do.
When you apply for a loan, you give creditors permission to:
Obtain your credit file.
Update your credit file.
You expect that creditors vet their vendors, don’t you? You assume banks and credit card companies test their vendors’ security.
And you expect financial services companies like Equifax to be on the up and up.
But they’re not. None of them. The banks. The credit cards. The credit bureaus. They’re not on the up and up. They’re on the cheap and dirty. They cut corners. They pocket the money and skip the quality checks.
They don’t do their due diligence.
None of them.
Today we learned that Equifax knew its security was garbage long before they originally admitted. In other words, Equifax’s statements of last week were lies.
As a reminder:
Equifax lost sensitive financial and personal data on 143 MILLION Americans
Equifax admits your data was compromised in May and June and July
Equifax admits it concealed its breach until September
Equifax admits its chief financial officer and other high-ranking managers sold their Equifax shares after the breach was discovered but before the breach was disclosed (insider trading)
Equifax denies that its executives knew of the breach before they sold their stock (laughable)
It turns out Equifax (and its executives) knew of the breach long before July.
Via Zero Hedge:
Meanwhile, far from keeping the original hack a secret, “in early MarchEquifax began notifying a small number of outsiders and banking customers that it had suffered a breach and was bringing in a security firm to help investigate. The company’s outside counsel, Atlanta-based law firm King & Spalding, first engaged Mandiant at about that time. While it’s not clear how long the Mandiant and Equifax security teams conducted that probe, one person said there are indications it began to wrap up in May.”
The revelation of an earlier breach – and one which comes from the press instead of the company itself – will likely raise questions for the company’s executives over whether that investigation was sufficiently thorough or if it was closed too soon, and also why it wasn’t disclosed as part of the Sept. 7 press release.
In early MARCH! Equifax knew they’d lost your data in March!
So, now how dishonest does Equifax look?
In my prior report on Equifax, I introduced you to John Gamble “with your money,” the Equifax CFO. I speculated that Mr. Gamble traded Equifax shares after learning of the breach. (Mr. Gamble has not personally denied it, but Equifax’s PR agency has.)
Now, under the new timeline, the insider sales come several months after the March breach but before the public had any knowledge of major security issues at one of the country’s three big credit-reporting agencies. The new timeline is also likely to focus scrutiny on an earlier sale by Gamble of 14,000 shares on May 23. According to a regulatory filing, which didn’t indicate that the sale was part of a scheduled trading plan, the value of that transaction was $1.91 million, more than twice the size of his Aug. 1 disposal of 6,500 shares for $946,374.
CAUTION: This report comes from very fake news blog CNN and may fall apart over the next 24 to 48 hours (like most of CNN’s fake reports fall apart).
CNN is reporting that Special Investigator Robert Mueller leaked secret documents to the press indicating the Obama White House “wiretapped” Paul Manafort before and after last year’s election.
CNN previously mocked and scorned President Trump for suggesting Obama wiretapped Trump’s campaign. CNN says Mueller’s office cautioned that conclusions about Russian connection were “inconclusive.” Meaning “non-existent.”
Either Trump was right or Robert Mueller is lying to CNN. A third possibility: CNN is full of crap.
A secret order authorized by the court that handles the Foreign Intelligence Surveillance Act (FISA) began after Manafort became the subject of an FBI investigation that began in 2014. It centered on work done by a group of Washington consulting firms for Ukraine’s former ruling party, the sources told CNN.
Ironically, CNN notes the “surveillance was discontinued at some point last year for lack of evidence” but was then restarted with a “new FISA warrant that extended at least into early this year”…all of which sounds an awful lot like the Obama administration using FISA courts to spy on a political opponent.
This story makes the MSM, late-night comedians, Robert Mueller, and Barack Obama look like iditos, criminals, or both.
You can almost see it in your mind if you try. The cartons of Chinese takeout. The torn blisters of soy sauce. Nancy Pelosi, former swimsuit model, laughing at The Donald’s off-color jokes. About Mitch McConnell. Or Paul Ryan. While Chuck fills color of his own, about deals he helped The Donald put together back in New York. Stuff that didn’t make it into The Art of the Deal or The Art of the Comeback.
If you can imagine that White House scene, you can imagine another scene. In a dark, oak-paneled Washington bar. Old Ebbitt Grill. In a back room, away from prying eyes sit Mitch and Paul. Scowling. Wondering. Plotting. Plotting how to get back at The Donald. Get back at The Donald for cutting deals with the Democrats. With those Democrats. The worst Democrats. “The very Democrats who want our jobs!” croaks Mitch.
Paul examines is shrimp and steak, mixing some food around with his gigantic fork, the kind of fork you expect to get in a dark, old, oak-paneled bar in Washington, DC. “You were right, Mitch,” Paul says without looking up. “He just doesn’t understand how Washington works.”
Back in 2015 while I was still trying to understand why my otherwise reasonable friends were falling in love with Trump, I asked a lot of questions. Actually, I ask only one question. But I asked a lot of people. And I asked some of them more than once. “Why Trump?”
The most common answer: “he doesn’t need the job.”
The second most common: “he knows how to make a deal.”
That was before his dinner with Chuck and Nancy. The dinner about DACA. I predicted that the Harvey deal was only the first. I had no idea the second would come so soon. But soon it did.
I attended an acting workshop at Washington University in 1981. One of the classes was about timing. The instructor used as an example a duel in the old west.
He asked for a student volunteer to play one of the duelers. The student was not to shoot first. He played the scene three ways.
First, he waited about 10 seconds, then he shot the student with his finger, yelling “bang.” This was drama.
Next, he waited about 30 seconds. He never shot, actually. Everybody laughed at the ridiculousness of the duelers staring at each other for so long. This was comedy.
In the third treatment, as the student was about to count his last pace, the instructor spun around yelled “bang.” Everyone was shocked. A few people gasped. This was terror.
By moving so quickly to strike a second deal with Democrats, Trump terrorized the GOP establishment (GOPe). Terrorized. And for good reason: the GOP establishment is replaceable. Replaceable, not with Tea Party or Freedom Caucus types, but with Democrats.
The whole GOP establishment in Congress knows it’s expendable. And Mitch and Paul are coming to realize their threat will not come from the far right or the far left. Their threat will come from their base: the middle.
Power Is Perception
The Freedom Caucus lacks the numbers to take down the Speaker. And the small number of ideological conservatives in the Senate have no power to influence the majority leader. As long as Paul and Mitch have the GOPe on their sides, they’re safe.
The GOPe in Congress has a single, unifying mission: to raise enough money to win re-election. Or to move up to higher office. That’s it.
Normally, a president of your party makes your re-election safer. The president will help you raise money. The president will help you look good. The president will encourage the right votes for you to show your constituents “I’m one of you, and I keep my promises.”
But what happens when the president makes deals with the other party? What happens when he ignores your Congressional leaders and works with the opposition’s leaders?
If you’re a rank-and-file “happy to be here” Republican go-along-to-get-along type, you panic. You panic because you realize the leaders you elected have no power. No power to influence the president. No power to help your re-election. No power to reward your donors.
And what happens when go-along-to-get-along (GATGA) Congressmen see their re-election threatened? They move to where the power is.
Deals Are Powerful
Right now, the power in Washington resides in three people: Donald, Chuck, and Nancy. The GATGA in the GOP are poring over polls this weekend. Polls that tell them whether Trump’s base is okay with The Donald’s deals. Polls that will determine the GATGA’s next move.
If the polls show Trump’s base abandoning him, GATGA will double-down on Mitch and Paul.
But if those polls show Trump’s base holding firm, GATGA will rush to join the Donald, Chuck, and Nancy show.
You’ll know which way things are going by last this week.
GATGA types won’t overthrow their leadership. Not unless it’s an extreme case. More likely, they’ll call a caucus meeting. A meeting of GOPe and GATGAs. No conservatives.
At that caucus meeting, the GATGAs will give Paul and Mitch sobering news: “do whatever it takes, but we want to have Chinese food with the president. And Chuck and Nancy.”
I said I’d be okay with Trump switching parties. I’d still support him. I think he’s smarter and more determined that all the GOPe and GATGA combined.
Trump is okay with looking like a fool. In the short term. While you’re mocking his stupid tweet, though, he’s onto his next move. Trump is always a step ahead.
Trump is onto his next move now. I don’t know what it is, and neither do you. Nor does Ann Coulter. But Trump’s already on it. Just waiting for the GATGA to join him. As soon as they see those polls.
If you’re wondering what those polls will show, think about the reasons my friends supported Trump. He doesn’t need the job. He knows how to make a deal. And he tells it like it is.
Which is why Trump said in 2015 that he could shoot somebody on Fifth Avenue and none of his supporters would leave him. Love him, in fact.
Eight months into the Trump Administration, one cabinet appointment stands out as a flop: Attorney General Jeff Sessions.
We all had a lot of hope. Back in January. Hope.
Hope for the Trump administration. Hope for American greatness. And hope for justice. If you’re a Tea Partier, you had a lot of hope.
Jeff Sessions looked like the ultimate pick for Attorney General. Conservatives berated Mitch McConnell to accelerate Sessions’ confirmation by the Senate. Conservatives threatened to break with Trump when the president attacked Sessions on Twitter.
And yet . . .
And yet, Attorney General Sessions has done almost nothing since taking office. Not only has Sessions failed to advance the Trump agenda, he has confirmed two of the Obama administration’s greatest injustices:
Sessions refused to investigate the criminal IRS manager Lois Lerner, the woman at the center of the IRS’s attack on conservative and Tea Party groups
Sessions allowed the FBI and DOJ to withhold evidence of wrongdoing by James Comey in the Hillary email investigation
Plus, Sessions recused himself from the Russian witch without good cause. Sessions just wanted to appease the press. Like a typical, weak Republican Congressman.
Maybe Trump was right and we were wrong. Sure, Jeff Sessions’ heart and head are in the right place. But after decades in Washington, Sessions appears to be another establishment guy. A cheap, empty Republican suit who recites Cato the Younger but behaves like an Army private with battle fatigue.
Americans elected Trump hoping for justice. We thought Sessions was the perfect leader for the Department of Justice. But Sessions looks more and more like another Republican establishment swamp swimmer.
Perhaps Sessions will man up and do his job. But eight months in, I’ve lost most of my respect for Jeff Sessions. And most of my hope for justice in the Trump administration.
The worst problem of modernity lies in the malignant transfer of fragility and antifragility from one party to the other, with one getting the benefits, the other one (unwittingly) getting the harm, with such transfer facilitated by the growing wedge between the ethical and the legal. This state of affairs has existed before, but is acute today— modernity hides it especially well.
Literally over one third of the entire US population is at risk of identity theft now thanks to Equifax’s bungling.
Bear in mind this is the THIRD TIME in 16 months that Equifax has been hacked– there was another breach earlier this year, and another in May 2016.
Even worse– this wasn’t an overnight attack. Hackers spent MONTHS probing the Equifax network, burrowing deeper into the system and gaining access to more and more data with each attempt.
Yet Equifax’s defenses failed to detect anything.
You feel for the people who work at Equifax. Not the executives and decision makers. The workers. The people who took a good job with good pay and benefits. The people who thought they were working for a solid company that provides a vital service.
You feel worse for the 143 million Americans who will suffer because Equifax executives put “shareholder value” ahead of responsibility, accountability, quality, and honesty. You pity 143 million who will suffer because Equifax executives wanted to pad their pockets.
Nobody likes credit bureaus. The term “credit bureau” raises blood pressure. Credit bureau means stress. Credit bureau means financial risk. Just hearing the name Equifax triggers a sick, “here we go” sensation.
And “here we go” means you will suffer, maybe lose your house or car, while Equifax executives enjoy their millions. Simon Black explains:
Finally on July 29, a whopping TEN WEEKS after the attacks started, Equifax realized that something was wrong.
Senior executive responded to the data breach by… selling their stock.
If Simon Black’s blog is too sensational for you, here’s how Bloomberg put it:
Three Equifax Inc. senior executives sold shares worth almost $1.8 million in the days after the company discovered a security breach that may have compromised information on about 143 million U.S. consumers.
Change All Your Credit Cards
At a minimum, all your credit cards and debit cards will probably be replaced with new ones in the next 30 days. Have autopay connected to those cards? You’ll have to update your card number.
You’ll also have to watch your credit reports. All three. Someone probably has your SSN, your DOB, and your driver’s license number. They have all the data they need to take out loans in your name, change your bank account, redirect your 401k. Whatever they want.
You’ll have to change it all. And the one you forget will bite you. Trust me. Expect to be hit with overdrafts, late payment penalties, and a crashing credit score when your autopay is declined because you forgot to update your debit card number.
Some of us will discover we own a house in Orange County. Maybe it’ll be used by a drug lord. Wouldn’t that be nice?
Equifax Hit With Largest Class Action Suit in History
Luckily, Mark Geragos has already filed a $70 billion class action lawsuit against these Equifax crooks. You find out more about the lawsuit here. The lawsuit alleges:
“In an attempt to increase profits, Equifax negligently failed to maintain adequate technological safeguards to protect Ms. McHill and Mr. Reinhard’s information from unauthorized access by hackers,” the complaint stated. “Equifax knew and should have known that failure to maintain adequate technological safeguards would eventually result in a massive data breach. Equifax could have and should have substantially increased the amount of money it spent to protect against cyber-attacks but chose not to.”
The money that Equifax didn’t spend on security it spent on something else. It spent it on executives and shareholders, as we shall see.
Expect more suits. Suits against the three scumbag executives who sold their stock between the breach’s discovery and its belated disclosure.
John Gamble “With Your Money”: The New Kenneth Lay
Expect the names of those executives become synonymous with criminal disregard for the public’s well-being. But one name will stand out: John Gamble.
As in “Gamble with other people’s money.”
As in “Gamble with other people’s identity.”
As in “Gamble with other people’s lives.”
Equifax CFO John Gamble (with your money)
John Gamble is Equifax’s Chief Financial Officer. The CFO is typically the second most powerful person in the corporate management structure, second only to the CEO. The CFO knows more about the goings on in a business than anyone. Everyone who knows business knows the CFO knows.
Yet, Equifax claims John Gamble knew nothing about the breach when he conveniently sold 13 percent of his stock in the company. The stock he sold AFTER Equifax learned of the breach but BEFORE Equifax disclosed the breach.
Do you believe the second-ranking officer of Equifax did not learn about the breach before it was disclosed to the public? Is Equifax that poorly managed? Or is Equifax another criminal corporation?
As Corporate Vice President and Chief Financial Officer at EQUIFAX INC, John W. Gamble Jr. made $2,652,107 in total compensation. Of this total $632,243 was received as a salary, $758,692 was received as a bonus, $0 was received in stock options, $1,244,532 was awarded as stock and $16,640 came from other types of compensation. —Salary.com
While Equifax maintains its CFO did not know about the breach, Gamble’s $1 million trade was NOT part of a 10b5-1 trading plan.
A 10b5-1 trading plan allows corporate executives to trade company stock on a predetermined plan. The plans protect executives from accusations of insider trading by forcing the executives to schedule trades far in advance.
But Gamble’s million-dollar move wasn’t scheduled in advance. It was apparently ad hoc. On the spur of the moment. On a whim. Because CFOs make a lot big financial moves on a whim, don’t they?
So, do you still believe the Chief Financial Officer knew nothing about a massive data breach at his company? A breach that was sure to hurt Equifax’s stock price? A breach that was sure to require financial losses to victims? A breach that was sure to require huge investments in data security?
Why Did Equifax Wait a Month to Disclose the Breach?
The company, which in delightful irony offers credit-monitoring and identity-theft protection products to “guard consumers’ personal information”, said that it had learned of the incident on July 29, 2017, at which point it reported the intrusion to law enforcement and contracted a cybersecurity firm to conduct a forensic review: based on the company’s investigation, the unauthorized access occurred from mid-May through July 2017. Oddly enough, it took shareholders and over a third of America, more than a month longer to learn that all their personal data may have been compromised.
Do you really believe that CFO John Gamble (with your money) was kept in the dark about the largest breach of sensitive information in the company’s history? For a full month?
Or is Equifax lying?
Equifax’s Stock Buy-Back Scam
Equifax likes stock buybacks. A stock buyback is a tool for companies to drive up their stock price without increasing the value of the company. Usually, companies borrow money and use the loans to buy their own stock. The buying activity drives up the price of the stock. Executives then sell their inflated shares (including those received as part of their executive compensation), removing value from the company.
And it probably did. You can bet John Gamble’s personal network is safe and secure. Gamble gambles with other people’s money, not his own.
Why Is Equifax Scamming Victims Out of Their Right to Sue?
Equifax, which waited a month to disclose its breach to consumers, inserted a neat little scam into its announcement. Enron would be proud.
Equifax posted an online page where consumers to check to see if Equifax lost their data to criminals. After you get the message, “Yeah, you’re probably screwed,” Equifax offers free, premium identity protection. (Like, really?)
I won’t link to Equifax’s scam page. It’s a scam.
If you click the link for the free premium identity protection from the company that lost 143 million SSNs, driver’s license data, and credit card numbers, you forever waive your right to sue Equifax.
In other words, Equifax is scamming the consumers they’ve already robbed. Scamming them out of their right to sue.
Crafty. Evil, but crafty.
Equifax’s identity-protection scam fits with the company’s lobbying efforts, too. Equifax wants the government to prohibit law suits against credit reporting bureaus. Via BoingBoing:
Before Equifax doxed 143 million Americans (but after it had suffered repeated smaller breaches that should have alerted the company to deficiencies in its security), it directed its lobbying body, the Consumer Data Industry Association, to pressure the Consumer Financial Protection Bureau to exempt credit-reporting bureaux from a soon-to-begin rule banning binding arbitration clauses in user agreements.
Free markets can’t work when government regulators get involved. Shouldn’t free marketers demand draconian punishment for people who give free markets a bad name?
Equifax Gives Free Markets a Bad Name
If you’re a free-marketer like me, you must really hate Equifax right now.
Every time a scumbag company like Equifax or Enron puts shareholder value first, a lot of people assume all business is evil and corrupt.
It’s not true. Most businesses and most corporate executives strive to build good companies that serve customers well.
But the crooks like those at Equifax get all the press. When Equifax borrows money to buy back its stock to line the pockets of its executives who delay disclosure of a data breach while they sell off 13 percent of their Equifax stock before the plunge, people get cynical. About business.
Solution to Evil Executive Syndrome
Punishment for corporate malfeasance can go draconian for a time. By draconian, I mean something like this:
Freeze all assets of executives, board members, and major shareholders pending the results of litigation and prosecution. By “all assets,” I mean everything: homes, bank accounts, credit cards, investments, passports. Freeze all income in excess of $25,000. Everything. They’ll get it back if they’re innocent. We do this to kids who get caught with an ounce of pot; we can do it to millionaire executives and investors.
If found guilty of negligence, the minimum punishment for executives is 25 years in prison, forfeiture of all assets and income, and permanent loss of the right to own stock in any publicly traded company.
The goals of these draconian punishments are simple:
Encourage investors to hold management accountable for good business and great products first, not shareholder value.
Make the punishment for a white-collar crime so severe that no one would think about trying it.
In short, the solution begins to transfer the downside risks to the people with upside potential. It makes men like John Gamble have skin in the game. And it threatens to fry that skin if they cheat.
Put another way, my draconian punishments for white collar crimes would encourage “heroism” among business executives and investors. As Taleb explains in Antifragile:
In traditional societies, a person is only as respectable and as worthy as the downside he (or, more, a lot more, than expected, she) is willing to face for the sake of others. The most courageous, or valorous, occupy the highest rank in their society: knights, generals, commanders. Even mafia dons accept that such rank in the hierarchy makes them the most exposed to be whacked by competitors and the most penalized by the authorities. The same applies to saints, those who abdicate, devote their lives to serve others— to help the weak, the deprived, and the dispossessed.
Following the 2007-2008 financial crash, no one went to jail. No executive lost money. Taxpayers made them all whole. It was like a government-run stock buyback where you and your grandkids got stuck paying off the debt. In Taleb’s model, gains were involuntarily transferred to the rich and risks (and losses) to the poor. And the government oversaw that transfer.
In the case of Equifax, I’d go one step further. I’d allow consumers to sue Equifax’s customers. Visa, MasterCard, Discover, all the banks. Anyone who pays Equifax for data and credit scores, anyone who reports to Equifax. Sue them all.
Because of the unique relationship between credit companies and credit bureaus, a credit bureau’s customers owe their customers fiduciary duty in scrutinizing vendors. Any bank that does business with Equifax is culpable for what Equifax does.
Strategically, if Discover and Bank of America face huge losses because of Equifax’s negligence and malfeasance, Discover and Band of America will beat the living hell out of Equifax.
In the end, the immediate goal is to drive Equifax’s stock to zero. It’s a shame that many retail investors will lose money. It’s a shame thousands of decent, innocent Equifax employees will lose their jobs. Just as Enron’s employees did. Most recovered.
But the free market is more important than any company, any job, within that market. To survive—to deserve to survive—free markets must be self-regulating. Rather than writing a flurry of laws will be penned by lobbyists, let’s allow Equifax’s victims to divide up whatever assets Equifax and its crooked executives might have. And let Equifax’s corporate customers put skin the game, too.