Will Equifax Make Money From Its Massive Security Breach? The company that lost your most sensitive information will, for a fee, protect you from the people who stole it.
By Howard S. Dvorkin Edited by Jessica Thomas
Our biggest sale — Get unlimited access to Entrepreneur.com at an unbeatable price. Use code SAVE50 at checkout.*
Claim Offer*Offer only available to new subscribers
Opinions expressed by Entrepreneur contributors are their own.
Ever since Equifax exposed the personal information of 145.5 million Americans, the news coverage and expert analysis have attempted to answer this question: Is the credit bureau unscrupulous or just inept?
Related: Equifax Breach Potentially Impacts 143 Million in US
How can a corporation be held responsible for this type of breach?
Forbes reported that Equifax's free offer to confirm if your personal information is safe came with a catch: "You have to give up your right to sue." After the inevitable public backlash, Equifax waived that requirement -- just in time for another story to break.
"It seems the credit-monitoring firm has also been lax on how it links customers with support," Forbes reported, noting that it tweeted the wrong address to its "secure" website -- four times.
There's another choice of words besides "unscrupulous" and "inept." It's "evil and devious."
I believe these adjectives might be the most accurate words to describe Equifax these days. Here's why. Equifax is offering a year of "complimentary identity theft protection and credit file monitoring." Ironically, it's their own service, called TrustedID Premier.
Related: Fraud News & Topics
We carelessly let hackers steal all your information. We'll protect you -- for free -- for a year before we start charging you again. Hackers probably won't steal your financials again...
It's not a new observation that the company that exposed your personal data is now offering to protect your personal data. However, there's a potential windfall behind this benevolence.
...unless we need another trillion.
Let's do the math: If two-thirds of the 145.5 million potential victims sign up for a free year, if Equifax was any other company they should be out $240 per person. That's because TrustedID Premier costs $20 a month. Yet the company's actual cost is negligible, since it's an automated system.
As well, the data and software costs are tie together and are all owned by Equifax. Yet one year later, what will likely happen is 20 percent of people will stay on using the credit monitoring because you know -- better to be safe than sorry.
Related: 15 Tools to Create Automation in Your Small Business
Equifax will have earned nearly five billion by then. That's assuming that only 20 percent of people sign-up for the service and only stay with it for one year. There will always be customers who stay on it for multiple years, and if this is an auto-renew service, then the likelihood of canceling it may slip consumers' minds.
The relativly miniscule legal costs.
Now let's subtract the legal costs from this massive data breach. One study shows the average total cost of a data breach is $7.35 million," but this one is anything but average.
Related: Who's Gonna Pay Your Legal Fees?
Let's be generous and assume Equifax will shell out a record-setting $350 million. Equifax still stands to gain a half-billion dollars in year one, assuming these conservative numbers are true.
In year two, and beyond, it would be pure profit dropping to the bottom line. It is likely that three out of every five "free TrustedID Premier" customers won't renew, but what if they're charged without knowing it?
If you find any answers, let the 143 million people know.
Understand that most of the 143 million Americans who had all of their personal and financial information stolen don't even know that it was taken. They didn't even know that Equifax had this material in their data base.
Most persons will not even recognize the name of this company. There were not personal notices sent to these people to warn them their confidencial reports were kept in this system -- then ripped off and misappropriated. The consequences could be astonomical to each of these 143 million unsuspecting U.S. citizens.
My researchers can't find out if Equifax will "opt-in" these free customers automatically to a paid service after the free year is over which will force them instead to "opt out." Most likely they will take the more fiscally beneficial road.
I called the toll-free number on the Equifax security page and spoke to a nice woman named Marya. I asked her if I'd be opted in after my free year. "That's a good question," she replied. "I don't have that information, sir."
Call all you want, the number is busy.
She gave me another number, but I've called three times, and it's always busy. I'm not a conspiracy theorist, but those who are will surely wonder: Did Equifax plot its own data breach so it could drum up new customers and new revenue source with little to no cost?
Related: 4 Ways to Protect Yourself From Identity Fraud
Like all great conspiracy theories, we may never know. Stay tuned...