Finch, John
Experian data breach Chief Information Officer (CIO), Sep 2011
– Aug 2013. Bank of England CIO, Sep 2013 – Feb
2016. Thomson Reuters Chief Technology Officer (CTO), Feb
2016 – Oct 2018. Refinitiv CIO, CTO, and Chief
Information Security Officer (CISO), Oct 2018 – Dec
2019. Private "advisor", Dec 2019 –
present.
No IT education. Only a BS in business economics (from
the low-ranked British University of Hull). See
The
Most Important IT Credential: An IT Education in
Principles of IT
Incompetence.
Foreigner: British.
From
HealthCare.gov
Hacked:
In early March 2020, I made the shocking discovery, reported
nowhere else, that HealthCare.gov, via Experian, had been
hacked from its launch in October 2013 until September 2015,
i.e. for 2 years. ...
HealthCare.gov used Experian for the required identity
verification ... Experian is
one of the major credit reporting agencies, like
Equifax. ...
Experian admitted on 1 October 2015 to a data breach lasting
over two years — from 1 September 2013 to 16 September
2015 — that exposed to hackers the private information
of anyone who used its services, including its identity
verification service. HealthCare.gov, which as described used
Experian for identity verification, was launched in October
2013, after Experian had been hacked. So HealthCare.gov
was hacked too, and for two years (at least).
Experian admits at least 15 million people were victims, but
this may not include the far greater millions who used
HealthCare.gov. ...
All
data breaches are caused by IT incompetence and the
most important IT credential is a good IT
education.
John Finch was Experian's Global CIO, "Leader of Experian's
Global Cyber Security Operation", from September 2011 to
August 2013. Experian said, over two years later, that the
data breach began 1 September 2013 (it might have been earlier
given that first of the month date, which also might have been
chosen to fall between Finch's and his successor's tenures, to
avoid anyone having to take responsibility). While Finch's
successor took over in September 2013, the IT incompetent
insecure conditions that let in the hacker(s) were in place
before September 2013, and were thus Finch's
fault.
John Finch has no IT education, only a BS in business
economics (from the low-ranked University of Hull; Finch is
British). He is a complete IT incompetent. After his
disastrous stint at Experian, Finch became the CIO for the
Bank of England. He spent only another couple of years there
before fleeing again to Thomson Reuters, the giant media conglomerate and owner of
the news organization Reuters. Finch seemed to run from job to
job quickly so they would not have time to discover he was IT
incompetent, much like Alex Stamos; see Yahoo-Then-Facebook
CISO Alex Stamos Allows Yet Another Massive Data Breach.
Finch is now a private "advisor".