Dan Fisher
Dan Fisher

With over 35 years in the financial industry, Dan M. Fisher has proven himself as a leader in the financial industry holding roles as the former director of the Federal Reserve Bank of Minneapolis and former Chairman of the ABA Payment Committee.

Equifax should be your bank’s final wakeup call

It’s not just a warning anymore! It’s much more!

Equifax has added itself to the growing list of companies that have disclosed a data breach of the magnitude that ten years ago we thought impossible…

And for the last ten years many companies like Equifax continued to think that it was not possible!

That is the essence of the problem.

They are coming for you … or worse

Senior executives, managers, and owners in thousands of companies, financial institutions, banks, credit unions, data processors, hospitals, and even fast food restaurants continue to operate under the assumption that they will not be attacked—or that they are not vulnerable.

In July of 2015, our firm produced a second-edition research report titled Data Breach Events. This report summarized the data breach events that had impacted domestic consumers. At that time, we estimated that the impacted number was 280 million individuals, or 81% of the U.S. population. It should be noted that this was a cumulative total over a two-year period.

The Federal Trade Commission published in a Sept. 8 blog a “What to Do” piece and they estimated that 143 million individuals were impacted by the Equifax breach alone.

Shocking numbers from Equifax breach

The Equifax breach in raw numbers is staggering. Almost half of the U.S. population in one event. Statistically, in the context of time and total numbers, the same individuals being impacted more than once. This is not good!

Of course, the standard response from the victim of the breach is to apologize and offer free identity theft insurance for a year, but, quite frankly, that is not enough.

The free monitoring should be for life because this information can lay dormant in the hands of the perpetrator for years before it is used.

Time for industry to be responsible

The common thread to all of this has to do with vigilance!

Those responsible for caring for non-public data have not taken their role seriously. The numbers do not lie!

Hundreds of millions of consumers and businesses have been compromised due to carelessness, and this is not acceptable. Period.

These events are occurring far too frequently, and we need to do something about it. Your customers are depending on you!

What your bank should be doing

The first thing you can do is to make information security a top priority in your organization and not a second thought or collateral function.

  • Commit to re-doubling your efforts in regard to your key vendors and how they store and protect your information. This approach should also be applied internally regarding how you store information within your enterprise.
  • Review the FFIEC IT Handbook on Information Security and re-assess all key vendor relationships over the next 120 days. Raise your standards and choose only those vendors that are open-minded, responsible, and willing to work with you to satisfy your concerns, and that are capable of demonstrating that they are being vigilant.

Don’t let your customer data become part of the growing data breach statistics. The alarming trend should convey to you that it is no longer a warning anymore as much as it is a matter of time!

Be ready for your institution and your customer.

—The Wombat!

get a free EFT review for interchange income
Dan Fisher
Dan Fisher

With over 35 years in the financial industry, Dan M. Fisher has proven himself as a leader in the financial industry holding roles as the former director of the Federal Reserve Bank of Minneapolis and former Chairman of the ABA Payment Committee.

Related posts

Leave a Reply

avatar
  Subscribe  
Notify of

Join The Mailing List

The Copper River Group is a financial consulting firm that believes in the benefits technological advancement has for streamlining business.

  • This field is for validation purposes and should be left unchanged.
cea
cio