The credit reporting company Equifax is facing more than 30 lawsuits after hackers stole the personal information of about 143 million Americans. The lawsuits that have been filed in federal court include one case accusing Equifax of securities fraud. Legal experts say that lawsuits raising similar claims against Equifax may be consolidated in a single nationwide case.
According to Equifax, the data breach lasted from mid-May through July 2017. During that period, hackers were able to access the personal data of tens of millions of Equifax customers, including names, Social Security numbers, birth dates, addresses, and driver’s license numbers. Hackers were able to steal the credit card information of about 209,000 customers, as well as documents containing sensitive personal information for about 182,000 customers.
Equifax says that it learned on July 29 about the data breach, which allowed hackers to steal the personal and financial information of tens of millions of Americans. However, the company only informed customers that their information had been stolen on September 7, ten weeks after the data breach occurred.
Equifax has offered customers who were affected by the data breach one year of free credit reporting through its TrustedID product. Critics say that the offer doesn’t do enough to compensate the millions of Americans whose information was stolen by hackers.
Others have raised concerns about whether accepting the free credit monitoring offer from Equifax would affect their ability to file a lawsuit over the data breach. In order to address these concerns, Equifax says that it has removed confusing language from its website. The company also stated that “enrolling in the free credit file monitoring and identity theft protection that we are offering as part of this cybersecurity incident does not waive any rights to take legal action.”
How to Protect Your Personal Information
If you fear that your personal information may have been exposed during the Equifax data breach, the first step is finding out whether your personal information was exposed to hackers. Equifax has set up a website, http://www.equifaxsecurity2017.com/, which allows customers to search using their Social Security number to find out whether they were affected by the data breach. Customers can also find out if they were affected by calling the information hotline set up by Equifax at 1-866-447-7559.
The Federal Trade Commission (FTC) has suggested several additional steps that can be taken by customers whose account information may have been compromised. These steps include:
- Checking your credit reports for free from Equifax, Experian, and TransUnion;
- Placing a credit freeze on your files;
- Monitoring your credit cards and bank accounts for transactions you don’t recognize;
- Placing a fraud alert on your files;
- Filing your taxes early to prevent hackers from using your data to obtain a refund or get a job.
Lawsuits Filed Against Equifax Over Consumer Data Breach
According to one lawsuit filed in California, Equifax may use the one year of free credit reporting offered to customers affected by the data breach as a “foundation” to pitch costlier services also sold by the credit reporting company. The lawsuit cited a February regulatory filing in which Equifax stated that many companies use free or low-cost services credit monitoring “as a means to introduce consumers to premium products and services.”
The securities fraud lawsuit filed against Equifax accuses the company of misleading investors by inflating its financial statements and share prices before the truth about the data breach was known to the public. The lawsuit also accuses Equifax of misleading investors about the company’s ability to protect customer data from being accessed by hackers.
Several Equifax executives have been accused of duping their shares of the company’s stock before news about the data breach was made public. According to a Bloomberg report, three top Equifax executives sold about $1.8 million worth of stock in the company after it learned that hackers had stolen the personal data of millions of customers.