Equifax suffered one of the largest and most severe data breaches in history, as an estimated 143 million customers may have lost their private data to cyber criminals.
Equifax disclosed the situation on September 7, saying the breach had occurred on July 29. As of now, over two dozen lawsuits have been filed in federal court. Equifax has even been accused of securities fraud in one suit.
With more data being stored and shared online than ever before, data thieves have refined their methods in their quest for big payouts. Equifax was a goldmine for hackers, as the credit monitoring company had personal information like credit card numbers, social security numbers, and even home addresses on file.
It is likely that people filing similar lawsuits will see them combined into a single nationwide case. The company has taken steps to help remedy this situation. Among these steps includes a move to provide free monitoring. This move was made to help those affected get the additional security they’ll need to stay safe moving forward.
However, Equifax has also caught backlash for this move. Some people question why people would want a company that suffered such a breach to provide them services at all. One lawsuit even alleges that the company may only be offering these free services in an attempt to pitch costlier and more comprehensive services later on. Equifax bowed to public pressure and dropped the fees it normally charges for credit freezing services for the next thirty days. A freeze is one of the few measures affected individuals can take without putting themselves in greater danger.
Customers aren’t the only ones looking to the company for answers – lawmakers are also demanding specifics about the breach. A letter signed by two-dozen members of Congress states: “Your company profits from collecting highly sensitive personal information from American consumers – it should take seriously its responsibility to keep data safe and to inform consumers when its protections fail.”
The letter raises many questions, including the vulnerability that led to the breach. Equifax has previously stated the hack occurred due in part to a vulnerability in a web application. Lawmakers have also questioned the company’s security practices, and whether or not they have things like reliable monitoring and safety audits in place.
Another concerning fact about the breach deals with the amount of time it took to discover the issue. Lawmakers have referenced previous breaches, and questioned whether Equifax made any adjustments based on these hacks. The forced arbitration practice was also questioned, as was the move by executives to sell their stock just before the breach was announced.
The company’s stocks did take a hit, as expected, when the hack became public knowledge. Equifax is expected to respond to the letter by September 22, and a hearing is being planned for either September or October.
As lawsuits continue to pile up, things aren’t looking good for the company. Sadly, things could be much worse for those individuals who have had their private data fall into the hands of cyber criminals.