I got hit recently too, someone tried to buy an antivirus program, of all things, using my card lol. I assumed it was because of Equifax, but apparently Canadians arn't affected by that breach. But there are so many breaches now it was probably just another.
I do agree there needs stricter laws for that, it's ridiculous that companies get away with this gross neglect in security. There should be something like HIPAA but that is generalized for any company that stores personal info and it would have very strict security rules, like not storing the info on an internet facing server (there should be some kind of gateway etc) and having to use certain types of encryption/hashing etc. If there is a breach and they are not in compliance it should be huge fines, like 1mil per record leaked. This needs to cost companies enough money that it will motivate them to avoid it from happening.
In the case of Equifax I think the best bet short term would be to issue every single person in the US a new SSN, and add a couple extra digits to how big a SSN is to make up for it. The logistics involved in doing this would cost a lot of money, and Equifax should have to pay it all. A long term goal would be to get rid of the concept of SSNs and come up with something better. Make Equifax pay for that too.
Facebook
Twitter