Equifax agreed to pay 600 million, but still saw profits up 20% for the year... Sure they could have made 600 million MORE in profit, but that's still just 15% of their profits for the year.. sure they'll spend a few million in the area they need to shore up one time and wait for the next incident... It's just good for business... Invest enough to keep these incidents down to one every 5 years, pay fine, repeat.

Scanning is pretty inexpensive. Maintaining a complex system that passes the scans? That's something different altogether.

If I take a clunker to a mechanic, how much will it cost me to hear everything that needs fixing? About $150. But actually performing the fixes? One order of magnitude greater - and that's if I'm very, very lucky!