The reason you can’t buy a car is the same reason that your health insurer let hackers dox you

🌈 Abstract

The article discusses the data breaches and systemic failures at major companies like Equifax, Boeing, Change Healthcare, Ticketmaster, and CDK Global. It argues that these failures are not isolated incidents, but rather the result of a broader trend of companies accumulating monopolistic power and technical debt, leading to crumbling IT infrastructure that is vulnerable to hacks and breaches. The article traces this pattern back to key legal decisions like Verizon v. Trinko, which enabled the rise of these monopolistic behemoths. It suggests that overturning these precedents may be necessary to address the underlying issues.

🙋 Q&A

[01] Equifax and Data Breaches

1. What were the key details of the Equifax data breach in 2017?

• In 2017, Equifax suffered the worst data breach in history, leaking personal information of 148 million Americans, 15 million Britons, and 19,000 Canadians.
• Equifax executives were aware of the impending breach but ignored warnings from IT staff about security issues.
• The 2017 breach was the start of a series of breaches, as Equifax's systems were found to be composed of multiple vulnerable and interconnected components.

2. How does the Equifax case relate to the issues at Boeing?

• The article draws a parallel between the Equifax breaches and the Boeing 737 Max disasters, both of which were not isolated incidents but rather the tipping point of long-standing systemic problems.
• In both cases, the companies had accumulated technical debt and complexity through mergers and acquisitions, leading to crumbling and vulnerable infrastructure.

[02] Monopolistic Consolidation and Technical Debt

1. How did Equifax's acquisition strategy contribute to its security issues?

• Equifax deliberately acquired dozens of other companies, duct-taping their failing IT systems to its own, creating a complex web of interconnected and insecure components.
• The more mergers Equifax undertook, the more seams and points of failure were introduced into its overall system.

2. What role did antitrust regulations play in enabling these monopolistic consolidations?

• Lax antitrust enforcement allowed companies like Equifax, Boeing, and others to acquire competitors and grow into monopolistic positions.
• This made them "too big to fail" and "too big to care," reducing the incentive to invest in maintaining secure and reliable IT infrastructure.

[03] The Broader Trend of "Too Big to Care"

1. What is the pattern observed across various industries?

• Companies in diverse sectors, such as healthcare, automotive, and ticketing, have followed a similar trajectory of accumulating monopolistic power through mergers and acquisitions.
• This has led to the creation of critical infrastructure systems built on fragile, interconnected, and vulnerable IT systems.

2. How does the Supreme Court's Verizon v. Trinko decision contribute to this trend?

• The Trinko decision, written by Justice Antonin Scalia, established that monopolistic behavior is not unlawful, as it can incentivize investment and innovation.
• This ruling paved the way for the rise of tech monopolies and the "too big to care" mentality, where companies prioritize growth and market dominance over maintaining secure and reliable systems.

[04] The Consequences and Potential Solutions

1. What are the consequences of this trend of "too big to care" companies?

• The failures of these critical infrastructure systems have led to widespread disruptions, data breaches, and the creation of vast troves of personal information that can be exploited by cybercriminals.
• The article suggests that the entire economy is now composed of companies with crumbling IT systems, making them vulnerable to hacks and ransomware attacks.

2. What are the potential solutions proposed in the article?

• The article suggests that overturning the Trinko precedent and strengthening antitrust enforcement may be necessary to address the underlying issues.
• It also highlights the need to shift away from the belief that monopolies are benevolent and that corporate power should be prioritized over the well-being of the public.