Written Assignment Unit 1 PHIL 1404
docx
keyboard_arrow_up
School
University of the People *
*We aren’t endorsed by this school
Course
1404
Subject
Philosophy
Date
Feb 20, 2024
Type
docx
Pages
4
Uploaded by CaptainCloverAlpaca22
Written Assignment Unit
University of the People
PHIL 1404 - Ethics and Social
Responsibility
Instructor - Cynthia Donnelly
September 5, 2022
Equifax Data Breach
Introduction
Under the Fair Credit Reporting Act and the Federal Trade Commission's enforcement of the law, consumer reporting firms are required to adhere to severe data storage secrecy rules. Consumer reporting organizations must preserve the security and privacy of consumer data in accordance with these standards. The 2017 Equifax Data Breach highlights the very need for these policies in addition to highlighting the importance of stringent ethical values and behaviors on the part of key corporate executives and businesses. Equifax is one of the three largest credit reporting companies in the United States The company evaluates the financial position of numerous people in the US (Fruhlinger, 2020). In 2017, hackers managed to access Equifax servers without authorization and obtained the confidential data and personal information of a large number of people. This information applied to roughly 50% of the US populace. Private details,
credit card information, and data from driver's licenses were all stolen, making it a very significant data breach (Floyd, 2019). The organization was put in a difficult situation as a result of this tragedy, numerous operational, legal, and ethical difficulties surfaced. Regarding legal compliance as well as whether decisions made by the corporation's top figures in the wake of the data leak are aligned with moral and ethical organizational norms, there are various concerns expressed by the 2017 Equifax data breach.
Examples of case factors that raised legal compliance concerns were the company's failure to protect customers' and consumers' personal information (Floyd, 2019). It is obvious that in this situation, the strict measures required by the FCRA and FTC regulations to protect consumers' privacy were not made, which gave rise to the possibility of the data breach. It raises concerns of legal compliance that hackers were able to access Equifax data servers without authorization and obtain personal identification and credit information for nearly half the country's citizens. Besides this, executives at Equifax made an effort to conceal the data breach from the public, as well as from customers whose private information was included in the stolen documents. This was obviously an attempt to conceal the problem from the public in an endeavor to cover up the disaster that the breach caused as well as their carelessness. Another factor was dishonest and unethical business tactics, as when the breach was found, the executives profited personally by selling their shares before releasing information about the occurrence.
The gap of time between the data breach and when it was disclosed to the public and the affected customers shows Equifax was irresponsible and out of adherence with these regulatory requirements, and the sale of nearly $2 million in stock prior to alerting the public raises questions about whether they were in conformance with laws regarding insider trading since they were conscious of the problem and decided
to sell the stock to make money before its value diminished greatly. Three weeks after the stock was sold,
Equifax's chief information officer and chief of security abruptly announced their retirements, and the chief executive officer resigned. These developments raised ethical concerns as these people profited from the breach that damaged many consumers and the whole Equifax Company, and they made sure to protect their gains by retiring and resigning as soon as the sale was completed. The executives' announcement of the data breach event two months after it had occurred is only one example of a corporation behaving lawful yet unethical. Despite being in compliance with the law, Equifax should have alerted its customers to the data breach as soon as it was identified and attempted to resolve it. The executives sold their shares before informing the public of the data breach, making nearly US$ 2 million, even though it is lawful to do so, when viewed from the perspective of the complete sequence of events, these behaviors hint at legal compliance violations as well as being blatantly unethical and disregarding the harm done to others (Byars & Stanberry, 2018).
Equifax would need to first come forward and acknowledge that there was a breach of data and private information by hackers in order to be acting morally with integrity. The company need to have then accepted total accountability and assured customers and other stakeholders that they are acting right away
to fix the problem. Additionally, they had to have said that they would fully participate in any inquiries by
authorities or regulators if necessary. Lastly, the organization could have made an offer to make amends to impacted clients and consumers in some form (I'm glad that they at least tried to do this).
When compared to its rivals, Equifax's reputation will suffer as a result of this breach and how it was handled. Company image is crucial, and because of this occurrence and the way the company handled it, many clients lost faith in them. Following the disclosure of the hack, company shares dropped 14%. (Byars & Stanberry, 2018). Cleaning up the mess alone cost the corporation nearly US$ 1.4 billion, and the impacted parties are still suing till this day (Schwarz & Ross, 2019). In my opinion, it'll take some time for Equifax to reestablish the faith and trust of its partners and clients.
It was thoughtful of Equifax to give internet security to anyone whose personal information had been compromised. They were making efforts to correct the situation and win back their clients' trust. But in my perspective, it fell short, particularly in terms of how it was carried out. For instance according to Floyd, the business claimed that the services were complimentary, but charges for placing a credit file were still made (2019). However, later following various concerns, they declared that all fees will be waived. The problem should have been addressed more effectively from the start, and the executives should have set up a crisis management division and invested in cyber security to deal with such situations in a systematic and organized way.
Conclusion
Being ethical is harder than it sounds, yet it may be the only viable course of action. The development of trust in a relationship, whether it be personal or professional, is also aided by this. The results of one's actions should not be avoided. Companies should uphold moral standards as well as the laws and ordinances set forth by the government when conducting business.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
References
Byars, S. M., & Stanberry, K. (2018). Business Ethics
. OpenStax. https://openstax.org/details/books/business-ethics
Floyd, D. (2017). Was I hacked? Find out if the Equifax breach affects you
. Investopedia. https://www.investopedia.com/news/was-i-hacked-find-out-if-equifax-breach-affects-you/
Fruhlinger, J. (2020). Equifax data breach FAQ: What happened, who was affected, what was the impact?
CSO Online. https://www.csoonline.com/article/3444488/equifax-data-breach-faq-
what-happened-who-was-affected-what-was-the-impact.html
Schwartz, M., & Ross, R. (2019). Equifax's data breach costs hit $1.4 billion
. https://www.bankinfosecurity.com/equifaxs-data-breach-costs-hit-14-billion-a-12473