The industry is still responding to the news of a massive data breach involving more than 143 million Americans who may have had their personal information compromised. The breach, announced by Equifax on Sept. 7, lasted from mid-May through July and exposed the consumers to identify theft. The information accessed primarily includes names, Social Security numbers, birth dates, addresses, and driver’s license numbers. In addition, credit card numbers for approximately 209,000 U.S. consumers, and certain dispute documents with personal identifying information for approximately 182,000 U.S. consumers, were accessed. Equifax discovered the unauthorized access on July 29, 2017, and engaged an independent cybersecurity firm that has been conducting a comprehensive forensic review to determine the scope of the intrusion, including the specific data impacted (see Banking and Finance Law Daily, Sept. 8, 2017).
The Consumer Financial Protection Bureau published an informational blog post highlighting identity theft protection and listed signs consumers can look for as well as steps to take if they are the victim of identity theft. These steps include putting a security freeze on your credit report, and instituting a fraud alert. In addition, the post describes how identity and credit monitoring services work.
Competitive Enterprise Institute Vice President Jim Harper commented on the Equifax data breach, declaring that Equifax’s response to the breach "fell short to begin with," and demanded that Equifax "get rid of the arbitration clause from this agreement." Harper pointed out that its "unclear in the agreement whether or not Equifax also intends to bar victims of the data breach from joining class action lawsuits."
Public Citizen president Robert Weissman, together with Americans for Financial Reform, called it "one of the most brazen corporate wrongdoer maneuvers in memory" and "shameless" to require consumers to waive any claims against Equifax in order to take advantage of their credit monitoring services. Public Citizen also sent a letter to Equifax demanding that it remove these clauses from its terms of service. The letter calls on Equifax to "immediately disavow any attempt to trick customers into giving up their rights." Allied Progress warned that had the CFPB’s new rule on forced arbitration been in place before the breach, "Equifax customers would be free to join together and go to court." Instead, the House, "along an almost entirely party line vote," approved a resolution to repeal the CFPB’s rule on forced arbitration.
Independent Community Bankers of America president and CEO Camden R. Fine also released a statement directing consumers to be "aware of ways to protect themselves and their personal financial information against identity theft and cybersecurity-related crimes."
State AGs react. New York Attorney General Eric T. Schneiderman issued a consumer alert about the Equifax data breach and sent a letter to Equifax seeking additional information about the breach. "The Equifax breach has potentially exposed sensitive personal information of nearly everyone with a credit report, and my office intends to get to the bottom of how and why this massive hack occurred," stated Schneiderman.
California Attorney General Xavier Becerra released a statement noting that his office will be in touch with Equifax "until we get to the bottom of this massive data breach. We will do what's necessary to hold Equifax accountable. In the meantime, I urge all consumers to heed this alert to protect themselves."
Massachusetts Attorney General Maura Healey also announced an investigation into the data breach, which she said "has the potential to be the worst we’ve ever seen." She urged consumers to take steps to protect their personal information against identity theft. While New Mexico Attorney General Hector Balderas released a fraud alert reminding consumers to check their credit report periodically and dispute any information that is not accurate. Balderas stressed that any suspicious activity should be reported to the consumer’s bank or credit card company right away because any delay in reporting the fraudulent activity could make it harder to get money back.
Pennsylvania Attorney General Attorney General Josh Shapiro opened an investigation into the "massive data breach," along with Attorneys General of Connecticut and Illinois. Shapiro encouraged his residents to sign up for credit file monitoring and identity theft protection and to be proactive in monitoring their credit reports and financial account statements and reporting suspicious activity.
Companies: Allied Progress; Americans for Financial Reform; Competitive Enterprise Institute; Equifax Inc.; Independent Community Bankers of America; Public Citizen; U.S. PIRG
MainStory: TopStory CaliforniaNews CFPB ConnecticutNews ConsumerCredit CyberPrivacyFeed IdentityTheft IllinoisNews MassachusettsNews NewMexicoNews NewYorkNews PennsylvaniaNews Privacy StateBankingLaws
Interested in submitting an article?
Submit your information to us today!Learn More