Twitter Facebook LinkedIn Share this page RSS

Blogs

Financial Services Law BlogLegal updates, news, and commentary from the attorneys of Baker Sterchi Cowden & Rice LLC

Swift Litigation Ensues Following Equifax Data Hack

September 29, 2017 | Megan Stumph-Turner

Almost immediately upon announcement of the Equifax data breach, the plaintiff’s bar speedily initiated class litigation on behalf of consumers for purported failures by Equifax to protect its customer data. For instance, just one day after the breach became public knowledge, a multi-billion dollar class action suit was filed in Portland, Oregon.

We can undoubtedly expect to see more class action litigation crop up, as it has consistently on a daily basis since announcement of the breach.  Nevertheless, the threat to Equifax does not stop at private litigation.  Several state attorneys general have already announced plans to investigate the breach.

While the timeframe permitted to disclose a data breach varies from state to state, most states do have a requirement that the data breach be disclosed by the soonest reasonable date possible.  The delay by Equifax in announcing the breach will certainly serve as the basis for many state-level investigations and penalties.  It is reported that the breach occurred as early as May 2017, was discovered by Equifax in July 2017, but was not reported until September 7.

Several state attorneys general, including:  Tom Miller, Iowa; Derek Schmidt, Kansas; Joshua Hawley, Missouri; and Douglas Peterson, Nebraska, have joined in a letter to Equifax expressing their concerns with the manner in which Equifax has handled the breach, thus far.  Those concerns include many having to do with customer service and accessibility to information.

In particular, though, the state attorneys general have taken issue with Equifax reportedly requiring consumers to enter into mandatory arbitration agreements or pay fees for credit monitoring services that are otherwise available for free to the public.  The letter states, “The fact that Equifax’s own conduct created the need for these services demands that they be offered to consumers without tying the offer to complicated terms of service that may require them to forego certain rights,” and “We remain concerned that Equifax continues to market its fee-based services to consumers affected by its data breach.”

The letter in its entirety is available here.

In excess of 143 million consumers’ personal information may have been compromised, and a software flaw is reported to be the cause.  The compromised information includes names, dates of birth, addresses, social security numbers, credit card numbers, and even driver’s license numbers.  Experts report that the number of affected consumers will likely increase as time passes.

Subscribe
About Financial Services Law Blog

The BSCR Financial Services Law Blog explores current events, litigation trends, regulations, and hot topics in the financial services industry.  This blog will inform readers of issues affecting a wide range of financial services, including mortgage lending, auto finance, and credit card/retail transactions. Learn more about the editor, Megan Stumph,  and our Financial Services practice.

DISCLAIMER

The Financial Services Law Blog is made available by Baker Sterchi Cowden & Rice LLC for educational purposes only as well as to give you general information and a general understanding of the law, not to provide specific legal advice. Your use of this blog site alone creates no attorney client relationship between you and the firm.

CONFIDENTIAL INFORMATION

Do not include confidential information in comments or other feedback or messages related to the Financial Services Law Blog, as these are neither confidential nor secure methods of communicating with attorneys. The Financial Services Law Blog should not be used as a substitute for competent legal advice from a licensed professional attorney in your state.