Two Lawmakers Urge FTC, CFPB To Keep Pressure On Equifax (techcrunch.com) 48
An anonymous reader quotes a report from TechCrunch about the little fallout Equifax has faced for one of the worst data breaches in U.S. history: The credit rating giant, one of the largest in the world, was trusted with some of the most sensitive data used by banks and financiers to determine who can be lent money. But the company failed to patch a web server it knew was vulnerable for months, which let hackers crash the servers and steal data on 147 million consumers. Names, addresses, Social Security numbers and more -- and millions more driver license and credit card numbers were stolen in the breach. Millions of British and Canadian nationals were also affected, sparking a global response to the breach. Yet, a year on from following the devastating hack that left the company reeling from a breach of almost every American adult, the company has faced little to no action or repercussions.
"There was a failure of the company, but also of lawmakers," said Mark Warner, a Democratic senator, in a call with TechCrunch. Warner, who serves Virginia, was one of the first lawmakers to file new legislation after the breach. Alongside his Democratic colleague, Sen. Elizabeth Warren, the two senators said their bill, if passed, would hold credit agencies accountable for data breaches. "With Equifax, they knew for months before they reported, so at what point is that violating securities laws by not having that notice?," said Warner. "The message sent to the market is 'if you can endure some media blowback, you can get through this without serious long-term ramifications', and that's totally unacceptable," he said. Earlier this year, the company asked a federal judge to reject claims from dozens of banks and credit unions for costs taken to prevent fraud following the data breach. The claims, if accepted, could force Equifax to shell out tens of millions of dollars -- perhaps more. The hundreds of class action suits filed to date have yet to hit the courts, but historically even the largest class action cases have resulted in single dollar amounts for the individuals affected. And when the credit agent giant isn't fighting the courts, federal regulators have shown little interest in pursuit of legal action. Sen. Elizabeth Warren wrote a letter Thursday to the heads of the Federal Trade Commission (FTC) and Consumer Financial Protection Bureau (CFPB) complaining about their lack of action. "Companies like Equifax do not ask the American people before they collect their most sensitive information," said Warren. "This information can determine their ability to access credit, obtain a job, secure a home loan, purchase a car, and make dozens of other transactions that are critical to their personal financial security. The American people deserve an update on your investigations."
"[O]nly the Securities and Exchange Commission has brought charges -- not for the breach itself, but against three former staffers for allegedly insider trading," TechCrunch points out.
"There was a failure of the company, but also of lawmakers," said Mark Warner, a Democratic senator, in a call with TechCrunch. Warner, who serves Virginia, was one of the first lawmakers to file new legislation after the breach. Alongside his Democratic colleague, Sen. Elizabeth Warren, the two senators said their bill, if passed, would hold credit agencies accountable for data breaches. "With Equifax, they knew for months before they reported, so at what point is that violating securities laws by not having that notice?," said Warner. "The message sent to the market is 'if you can endure some media blowback, you can get through this without serious long-term ramifications', and that's totally unacceptable," he said. Earlier this year, the company asked a federal judge to reject claims from dozens of banks and credit unions for costs taken to prevent fraud following the data breach. The claims, if accepted, could force Equifax to shell out tens of millions of dollars -- perhaps more. The hundreds of class action suits filed to date have yet to hit the courts, but historically even the largest class action cases have resulted in single dollar amounts for the individuals affected. And when the credit agent giant isn't fighting the courts, federal regulators have shown little interest in pursuit of legal action. Sen. Elizabeth Warren wrote a letter Thursday to the heads of the Federal Trade Commission (FTC) and Consumer Financial Protection Bureau (CFPB) complaining about their lack of action. "Companies like Equifax do not ask the American people before they collect their most sensitive information," said Warren. "This information can determine their ability to access credit, obtain a job, secure a home loan, purchase a car, and make dozens of other transactions that are critical to their personal financial security. The American people deserve an update on your investigations."
"[O]nly the Securities and Exchange Commission has brought charges -- not for the breach itself, but against three former staffers for allegedly insider trading," TechCrunch points out.
Re: (Score:1)
Agreed. I stopped using Equifax years ago and haven't missed them since.
Really? How?? (Score:2, Informative)
I got news for you guys, you ARE using them and there's not a goddamn thing you can do about it.
We are NOT the customers. The banks, credit card companies and everyone else who reports our credit and check people's credit are the customers and they pay Equifax and the other credit reporting companies.
And that what sucks. And as far as the CFPB is concerned, the Trump Administration and the Republicans in Congress neutered it. The most wonderful thing our government has done in 80 years.
We need regulati
Re: (Score:2)
I suppose you could put a credit freeze on your records through Equifax. But leave them available through Experian and TransUnion. If your bank or landlord uses Equifax, they'd just turn you down for credit or a lease. But then that rejection would go on your record and be available through the other agencies. Pretty soon your credit score would go in the shitter and you'd have to pay cash for everything.
Re: (Score:2)
If they encounter a freeze, lenders don't automatically reject you. Plus, you can unfreeze for a window when you know when you're going to be applying.
A little research would let you (at least have the illusion of...) take control of your life.
Re: (Score:2)
Plus, you can unfreeze for a window
The idea is to block Equifax at all times. To encourage lenders to use the alternate services.
Re: (Score:2)
So that leaves a 'choice' of zero banks and zero credit cards.
That's how market failure works.
Re: Really? How?? (Score:2)
Companies have gone on records as stating that they would gladly give up the top 10% of their most "demanding" customers. We've even seen some companies, like Sprint, dump customers for calling the service lines X% of average.
You see, in reality, the minority is forced to accept what the majority will tolerate. If you were to break out a curve, and plot it out, you'd see that the free market favors the unexceptional and mediocre, and thus can be quite frustrating to those w
Re: (Score:1)
The CFPB was created in the wake of the 2008 financial crisis. It was defanged right from the start and the Obama administration did nothing to push it along. In case you've forgotten, the Obama presidency actively prevented the prosecution of the massive mortgage fraud that led up to the financial crisis. William Black (one of the key regulators in the Savings and Loan Crisis that resulted in thousands of executives being sent to prison) offered to work for free to help prosecute the criminals but no one t
Re: (Score:1)
Re:Don't like them? Don't use them (Score:5, Insightful)
Re: (Score:2)
Occam's razor suggests otherwise.
Re: (Score:2)
Don't use them - YOU ARE NOT EQUIFAX'S CUSTOMER! (Score:2)
So if you want
"keep the pressure on"? (Score:1)
I don't see any evidence of pressure on these guys, n'mind keeping it on.
no fallout? (Score:2, Informative)
Uh-huh.
Equifax is already facing the largest class-action lawsuit in US history
https://bgr.com/2017/09/08/equifax-hack-lawsuit-class-action-how-to-join/ [bgr.com]
Equifax's Massive Data Breach Has Cost the Company $4 Billion So Far
http://time.com/money/4936732/equifaxs-massive-data-breach-has-cost-the-company-4-billion-so-far/ [time.com]
How to Get In on a Class-Action Lawsuit Against Equifax
https://www.kiplinger.com/article/credit/T017-C000-S002-get-in-on-a-class-action-lawsuit-against-equifax.html [kiplinger.com]
I won $8,000 from Equifax in Sm
Re: (Score:3)
And yet, Equifax steams on.
Re: (Score:2)
In other words, I'll believe it when I see it. Remember all those people in banking who were in so much 'deep trouble' after they busted the whole world's economy? Other than a few in Iceland, they're doing just fine today, and richer than ever.
Re: (Score:2)
That just means it's hard to know if any particular incident is linked to a particular data breech.
Re: (Score:1)
She is a raging hypocrite
You should have stopped typing right there. No further qualifiers are necessary. (nor would they improve the accuracy)
Two Democrats, you mean (Score:1)
...or in other words, nobody with any power right now.
Maybe after the next election we can care what Democrats do, but right now it's irrelevant. And yes, that is a failure of our government, but it's still true.
Re: (Score:1)
It is amazing this article and summary spends so much time talking about what two Democrats said, as opposed to what's happened and what the Republicans have done, which is more than Warner or Warren ever did. It's almost like to Techcrunch, Republicans don't exist except as targets to attack.
Funny how this very topically relevant information didn't make the "article", but the current Congress passed and Trump signed a bill taking effect 9/21 which according to the FTC includes [ftc.gov] provides for:
Re: (Score:3)
It is amazing this article and summary spends so much time talking about what two Democrats said, as opposed to what's happened and what the Republicans have done,
...which is fuck-all. The Equifax credit freeze website doesn't work. It just sits and spins forever, like we're expected to do.
Oh look it finally worked (Score:2)
...which is fuck-all. The Equifax credit freeze website doesn't work. It just sits and spins forever, like we're expected to do.
After retrying literally about 20 times, I finally got the site to work and placed a freeze. Shouldn't these pricks have to maintain a reasonable level of availability of a site which fulfills a legal requirement?
Moral Hazzard (Score:4, Interesting)
What we need are regulations that shift the cost of security breaches onto the entities best able to prevent them. We also need to make stored data toxic so that most companies won't even keep your information.
one of the worst data breaches in U.S. history (Score:1)
With a US population of 325.7 million...
146m names, DOBs, and SSNs were stolen.
99m addresses.
27m genders
20m phone numbers
18m drivers license numbers.
It really doesn't get much worse than that.