For the first time ever, a company has had its ratings outlook downgraded on the basis of cybersecurity concerns. In late May, ratings firm Moody’s surprised Wall Street when it downgraded the ratings outlook for Equifax, which was the target of a massive data breach in 2017 that impacted nearly 150 million people, from “stable” to “negative.” Moody’s cited two major factors in the Equifax downgrade – escalating litigation and regulatory costs related to the 2017 data breach, and the company’s decision to ramp up its future spending on cybersecurity spending over the next two years. Combined, these two factors will continue to hurt both the profitability of Equifax and its free cash flow, thereby dragging down the financial strength of the company.
Reasons for the Equifax downgrade
On the surface, the Equifax downgrade may appear to be unfairly punishing a company for an event that happened nearly two years ago. However, a 2018 U.S> Congressional investigation into the cyber attack found that the data breach was “entirely preventable.” In addition, Equifax appeared to be woefully unprepared for such a cyber attack. The full Congressional…