I want to commend the U.S. Department of Justice and BJay Pak, Georgia’s own United States Attorney for the Northern District, for pursuing the criminals responsible for the Equifax data breach. We learned last week that DOJ is charging four members of the Chinese People’s Liberation Army with hacking into the computer systems of the credit reporting agency and stealing the personal data of nearly 145 million Americans as well as Equifax’s valuable trade secrets. It was one of the largest data breaches in history, affecting nearly five million Georgians, and the actions of DOJ and U.S. Attorney Pak send a strong message to those willing to do Georgians — and all Americans — harm.

To protect against future threats, it is critically important to have a full, coordinated analysis of what happened. In Verizon’s 2019 Data Breach Investigations Report, it is noted that 71 percent of breaches were financially motivated and 25 percent were motivated by espionage. Of those, 52 percent featured hacking attempts, 33 percent included social attacks and 28 percent involved malware.

We must remember that when cyber incidents like this occur, a crime has often been committed, a crime against individuals who have had their personal information compromised through no fault of their own and a crime against targets — companies, nonprofits, government agencies and houses of worship. The Verizon report also confirms this — 16 percent of targets were public sector entities, 15 percent were healthcare organizations, 10 percent were financial firms and 43 percent were small businesses.

Knowing who the victims and targets are, it is important to identify the criminals — state sponsored actors, hacktivists, loose confederations of hackers and lone wolves. We must go after them, stop them and learn as much as we can about how they operate. Otherwise, this will continue again and again, more lives will be disrupted and the cost will continue to rise. This is why the charges that U.S. Attorney Pak and DOJ brought are so important.

As your state attorney general, it is also my job to protect the interests of Georgians. Part of that mission may mean engaging with and investigating the target’s role in the breach. I am pleased that our office played a significant role in the Equifax investigation, obtaining a fair and appropriate settlement and ensuring substantial consumer relief. I am also proud that our efforts led to the company’s implementation of robust security measures to protect against future exposure of consumers’ private data — a model for others to follow.

I realize that in the litigious society that we live in it can be hard to come together when breaches occur, but we must enter these conversations — understanding the difference between the individuals who have had their information compromised, the targets and the criminals behind these attacks. I believe that if companies, in good faith, coordinate with our office and other appropriate law enforcement entities in the wake of a breach, we all can better protect Georgia families and businesses and hold accountable those who do harm.

Christopher M. Carr is the Attorney General of Georgia.


Recommended for you


We have changed our commenting system. If you do not have an mdjonline.com account, you will need to create one in order to comment.

(0) comments

Welcome to the discussion.

Keep it Clean. Please avoid obscene, vulgar, lewd, racist or sexually-oriented language.
Don't Threaten. Threats of harming another person will not be tolerated.
Be Truthful. Don't knowingly lie about anyone or anything.
Be Nice. No racism, sexism or any sort of -ism that is degrading to another person.
Be Proactive. Use the 'Report' link on each comment to let us know of abusive posts.
Share with Us. We'd love to hear eyewitness accounts, the history behind an article.

Thank you for reading!

Please purchase a subscription to read our premium content. If you have a subscription, please log in or sign up for an account on our website to continue.