After major breaches of consumer data at Target, Yahoo and others, it would be easy to size up the hack into Equifax as just another giant data breach. But the dust will not settle so easily in this case because the Equifax breach is much, much bigger and demands a big response from regulators and the other credit-rating agencies.

Sometime in May, hackers breached Equifax’s system and stole the data of 143 million Americans. This apparently happened after the company did not apply security software updates for months. Equifax’s response to the hack has been inadequate. The company did not alert consumers until July and has stumbled in several attempts to offer protection in the form of credit freezes and credit protection. On Tuesday, its CEO stepped down.

The other two major credit-rating agencies, TransUnion and Experian, must shore up their security. Then the federal government must punish Equifax for negligence and create regulations to prevent future breaches.

The credit-rating agencies are special cases. They compile sensitive financial and personal information. Credit-seeking consumers whose information they handle are not their customers; the banks and other credit-issuers are. Consumers must get better answers and better assistance from Equifax. And they must get better backup from regulators.