Stop IT Incompetence masthead.
Stop IT Incompetence motto.

Business ITIHOS Entry tab.

Experian and HealthCare.gov hacked 2013-15 article image, CIO, fake, British flag, John Finch photo.

Finch, John



Experian data breach Chief Information Officer (CIO), Sep 2011 – Aug 2013. Bank of England CIO, Sep 2013 – Feb 2016. Thomson Reuters Chief Technology Officer (CTO), Feb 2016 – Oct 2018. Refinitiv CIO, CTO, and Chief Information Security Officer (CISO), Oct 2018 – Dec 2019. Private "advisor", Dec 2019 – present.

No IT education. Only a BS in business economics (from the low-ranked British University of Hull). See The Most Important IT Credential: An IT Education in Principles of IT Incompetence.

Foreigner: British.

From HealthCare.gov Hacked:
In early March 2020, I made the shocking discovery, reported nowhere else, that HealthCare.gov, via Experian, had been hacked from its launch in October 2013 until September 2015, i.e. for 2 years.   ...

HealthCare.gov used Experian for the required identity verification   ...   Experian is one of the major credit reporting agencies, like Equifax.   ...

Experian admitted on 1 October 2015 to a data breach lasting over two years — from 1 September 2013 to 16 September 2015 — that exposed to hackers the private information of anyone who used its services, including its identity verification service. HealthCare.gov, which as described used Experian for identity verification, was launched in October 2013, after Experian had been hacked. So HealthCare.gov was hacked too, and for two years (at least).

Experian admits at least 15 million people were victims, but this may not include the far greater millions who used HealthCare.gov.   ...

All data breaches are caused by IT incompetence and the most important IT credential is a good IT education.

John Finch was Experian's Global CIO, "Leader of Experian's Global Cyber Security Operation", from September 2011 to August 2013. Experian said, over two years later, that the data breach began 1 September 2013 (it might have been earlier given that first of the month date, which also might have been chosen to fall between Finch's and his successor's tenures, to avoid anyone having to take responsibility). While Finch's successor took over in September 2013, the IT incompetent insecure conditions that let in the hacker(s) were in place before September 2013, and were thus Finch's fault.

John Finch has no IT education, only a BS in business economics (from the low-ranked University of Hull; Finch is British). He is a complete IT incompetent. After his disastrous stint at Experian, Finch became the CIO for the Bank of England. He spent only another couple of years there before fleeing again to Thomson Reuters, the giant media conglomerate and owner of the news organization Reuters. Finch seemed to run from job to job quickly so they would not have time to discover he was IT incompetent, much like Alex Stamos; see Yahoo-Then-Facebook CISO Alex Stamos Allows Yet Another Massive Data Breach. Finch is now a private "advisor".