The great hack: A famous fraudster explains the Equifax data breach

Hackers look for open doors. If your personal data isn't protected, it's that much easier to compromise your identity.

FRANK W. ABAGNALE: First you should always ask when someone asks you joining a gym I need your social security number. For what reason? What's the purpose of asking me for my social security number? They don't need it. Actually, by law when you look up the law involving your social security number it's limited to about as many things as you can count on one hand where you legally have to provide it for income taxes, law enforcement, things of that nature. There's no need for them to have that. They're kind of foolish taking it to begin with because then they're responsible for that information and they have to try to keep that information safe. In the case of Equifax which is a perfect example, here was a multibillion dollar company. They didn't update their software. They didn't fix their patches that Microsoft said to them and said install these security patches. Their chief information security officer had her degree in music. She really didn't know anything about keeping information safe and consequently hackers got in.

Now in my 43-year career I've dealt with every breach back to TJ Maxx 15 years ago to the recent breach of Capital One, Marriott Hotels, and Facebook. What I've realized in every single breach happens because somebody in that company did something they weren't supposed to do, or somebody in that company failed to do something they were supposed to do. Hackers don't cause breaches. People do. All hackers do is look for open doors and every day there are thousands of companies with open doors. I was asked this earlier today and I firmly believe it. If I give you my information whether you be a bank or credit bureau, a hospital, I'm entrusting you with my personal data. If something happens with that data due to your fault or your negligence in keeping it safe I should have the right to a recourse to sue you for getting my information out. Because now that they don't have that as a statute companies get away with it and they tell you I'll buy you one year of credit monitoring service, two years of credit monitoring service. That's worthless.

If I steal your name, your social security number and your date of birth you can't change your name. You can't change your social security number. You can't change your date of birth. So if I'm smart I'm going to hold that data for at least three to four years before I ever go use it. But if I steal credit card numbers and debit card numbers, I have to get rid of them right away. They have a very short shelf life. But when they do a major breach they store that data typically we find from about four to five years. So you giving me one year of credit monitoring, two years of credit monitoring, three years of credit monitoring really is not going to help me at all in the long run. They will eventually get to my data and use my data. I do think that companies need to do a better job of protecting the information that's been entrusted to them. And this is why I was so big on trying to get the ability to freeze your credit. No one in this country ever said to Equifax, you know what. You can store all my personal data and you can make billions of dollars selling it for background checks, employee checks, credit checks. No, I never said that.

What I want to say is, Equifax you can keep my data, but you cannot show it to anyone without my consent. And if for some reason it gets in the wrong hand I have the recourse to come back on you 'cause you put my in jeopardy. And that's how it should be.

  • Legendary con-man-turned-FBI-consultant Frank W. Abagnale breaks down the 2017 Equifax data breach.
  • Hackers were able to access the personal data of millions of Americans through faulty software — and they might wait years before using the stolen social security numbers and dates of birth.
  • Abagnale blames Equifax for this oversight. If a company is entrusted with an individual's personal data they need to do a better job of protecting it. "Hackers don't cause breaches, people do," he says.

How New York's largest hospital system is predicting COVID-19 spikes

Northwell Health is using insights from website traffic to forecast COVID-19 hospitalizations two weeks in the future.

Credit: Getty Images
Sponsored by Northwell Health
  • The machine-learning algorithm works by analyzing the online behavior of visitors to the Northwell Health website and comparing that data to future COVID-19 hospitalizations.
  • The tool, which uses anonymized data, has so far predicted hospitalizations with an accuracy rate of 80 percent.
  • Machine-learning tools are helping health-care professionals worldwide better constrain and treat COVID-19.
Keep reading Show less

Put on a happy face? “Deep acting” associated with improved work life

New research suggests you can't fake your emotional state to improve your work life — you have to feel it.

Credit: Columbia Pictures
Personal Growth
  • Deep acting is the work strategy of regulating your emotions to match a desired state.
  • New research suggests that deep acting reduces fatigue, improves trust, and advances goal progress over other regulation strategies.
  • Further research suggests learning to attune our emotions for deep acting is a beneficial work-life strategy.
  • Keep reading Show less

    World's oldest work of art found in a hidden Indonesian valley

    Archaeologists discover a cave painting of a wild pig that is now the world's oldest dated work of representational art.

    Credit: Maxime Aubert
    Surprising Science
    • Archaeologists find a cave painting of a wild pig that is at least 45,500 years old.
    • The painting is the earliest known work of representational art.
    • The discovery was made in a remote valley on the Indonesian island of Sulawesi.
    Keep reading Show less

    3,000-pound Triceratops skull unearthed in South Dakota

    "You dream about these kinds of moments when you're a kid," said lead paleontologist David Schmidt.

    Credit: David Schmidt / Westminster College
    Surprising Science
    • The triceratops skull was first discovered in 2019, but was excavated over the summer of 2020.
    • It was discovered in the South Dakota Badlands, an area where the Triceratops roamed some 66 million years ago.
    • Studying dinosaurs helps scientists better understand the evolution of all life on Earth.
    Keep reading Show less

    What can Avicenna teach us about the mind-body problem?

    The Persian polymath and philosopher of the Islamic Golden Age teaches us about self-awareness.

    Photo by Andrew Spencer on Unsplash
    Mind & Brain
    Philosophers of the Islamic world enjoyed thought experiments.
    Keep reading Show less
    Quantcast