there is no negative consequences to losing all your customers information to hackers due to cheap security. They get some bad publicity and then life goes on. Target, Home Depot, Yahoo, Chase etc. etc. no one can sue them for any real money. Their stock recovers.
I worked at a place that had a million active hacks a day. Every day. Not a single one ever made it through. I and a **** ton of people can secure anything. But, it's not going to be cheap.
Only when we demand they secure our information or pay a heavier price up to and including the death penalty will the system change.
It wouldn't be that hard (for someone with the requisite technical ability) to give the credit bureaus a real incentive to start taking consumer data security seriously. Think about it: 145 million identities are now in the hands of some hacker or group of hackers. That's probably close to Equifax's entire product inventory. The hackers will likely sell it in the criminal underground, but what if they decided to offer it on the surface web, easily accessable, for cheaper than any of the major credit bureaus? Or what if someone with different intentions got hold of this database and uploaded it to the pirate bay or put it on a website for free or something?
This would be bad for consumers in the short term obv, but if the bureaus started losing customers because their product was available for free, they'd wake the **** up amirite? Someone make that happen plz.