Over 145 million Americans were impacted by the Equifax data breach this past summer. The stolen information included names, birth dates, addresses, credit card numbers, and full Social Security numbers, putting millions at risk of identity theft. Read more about the Equifax breach here .
The breach was officially announced September 7. It was widely scrutinized as one of the worst data breaches in American history, prompting investigations into the efficacy of our existing system.
In this post, we describe the latest updates in the wake of the Equifax breach.
New Major National Class-Action Suit has been Filed Against Equifax
Since the breach, Equifax has been facing hundreds of class action lawsuits, including a new major national class-action suit which charges that the company “failed spectacularly” in its legal responsibilities to protect consumers’ confidential data. The new suit, Allen et al v. Equifax Inc., aims to create a unified national class action against Equifax. The potential size of the class represented by the suit is huge: “all residents of the United States whose personal information was compromised as a result of the data breach announced by Equifax.”
It’s rare to see a suit this large, which includes all 50 states. The document pulls together complaints from individual consumers from each of the 50 states (plus the District of Columbia) who claim to have been injured to varying degrees by the security breach.
In particular, the suit argues that the breach has caused considerable harm and violates multiple federal and state laws. The document is over 300 pages, including allegations that sigificant damage is occurring now that criminals have access to stolen information for which they can apply for mortgages, credit cards and student loans, tapping into bank debit accounts, filing insurance claims and racking up substantial debts. Additionally, the suit highlights Equifax’s negligence in protecing customer data by failing to take the proper steps to upgrade critical security protocols, leaving itself vulnerable.
To date, more than 240 class actions have been filed by consumers against us in federal, state and Canadian courts relating to the [Equifax] cybersecurity incident. The plaintiffs in these cases, who purport to represent various classes of consumers, generally claim to have been harmed by alleged actions and/or omissions by Equifax in connection with the cybersecurity incident and assert a variety of common law and statutory claims seeking monetary damages, injunctive relief and other related relief.
Through Equifax’s negligence, according to the suit, cybercriminals gained access to data that now “permits thieves to create fake identities, fraudulently obtain loans, swipe tax refunds and destroy” consumers’ creditworthiness. Among the most vulnerable potential and actual victims: home buyers and mortgage applicants, who “tend to have significant information on file with credit bureaus” and as a result are “especially at risk” for ID theft after the Equifax data breach.
Have you frozen your credit?
If you’re an American with an active credit history, chances are your data was vulnerable during the hack. Equifax published a website where you could check if you were impacted. With so much PII exposed, it’s more important than ever to take the proper actions to protect yourself.
The first step is freezing your credit.
Freezes keep new creditors from seeing your credit file, which makes it tough for hackers to open new accounts in your name. If a bad actor applies for credit in your name with your Social Security number and address, the lender will try to access your credit report. If your credit file is frozen, this then prevents them from moving forward.
Equifax extended the deadline for consumers to sign up for free credit freezes to Jan. 31, 2018. In addition, the company is offering refunds to consumers who paid to freeze their files after the data breach was announced Sept. 7.
Financial Institutions Proactively Move Forward
Last Friday, Umpqua Bank took action to protect their employees and customers by encouraging people to freeze their credit files at the 3 credit bureaus: Equifax, Experian and Transunion. With over 300 operating branches and 4000 employees, Umpqua has issued what they called a “Freeze Day” for their employees, encouraging everyone to take a few minutes to freeze their credit files. They also offered a small reimbursement for fees that employees may run into.
The New York Times shares some commentary from the bank’s chief executive, Cort O’Haver: “If it takes an extra step, so be it. Everyone embraced it, and it would be tough not to agree with it because it’s the right thing to do to protect customers.”