Could Ransomware Attacks Ultimately Benefit Consumers?
Harvard Business Review
In early 2017, a data breach at the credit reporting agency Equifax resulted in the exposure of the private records of more than 40% of the American public. The breach occurred after Equifax neglected to patch a known vulnerability in their system, and it allowed hackers to access Social Security numbers, drivers’ licenses, addresses, dates of birth, financial records, and more. Equifax eventually reached a settlement with the United States Federal Trade Commission in 2019, but — as is so often the case with big data breaches — the settlement inflicted little real pain on the company. Individual consumers, meanwhile, paid a big price for the company’s inadequate security: their personal information was irreversibly exposed and disseminated.
In economics, this kind of situation is known as externality, wherein an action by one party hurts another party, but that second party has no recourse. Regulators have often attempted to...