Equifax Hit With 'Dozens' of Lawsuits from Shareholders and Consumers -- Plus a Possible Class Action (chicagotribune.com) 62
An anonymous reader quotes the Washington Post:
Since it announced a massive data breach earlier this month, Equifax has been hit with dozens of lawsuits from shareholders, consumers and now one filed by a small Wisconsin credit union that represents what could be the first by a financial institution attempting to preemptively recoup losses caused by alleged fraud the hack could cause... In the lawsuit, which seeks class action status, Madison-based Summit Credit Union says that financial institutions will have to bear the cost of canceling and reissuing credit cards as well as absorbing the cost of any fraudulent charges. They will also lose "profits because their members or customers were unwilling or unable to use their credit cards following the breach," according to the lawsuit...
"For financial institutions it is important: They bear the financial responsibility for identity theft," said Summit's attorney Stacey Slaughter of the law firm Robins Kaplan. "All of the components that would allow someone to create a new identity" were exposed in the Equifax hack.
Equifax responded that they can't comment on pending litigation, according to the article, though "Equifax has said it did its best to respond to the breach and alerted consumers as quickly as it could..."
"The company's stock price has fallen 27 percent since it announced the hack September 7."
"For financial institutions it is important: They bear the financial responsibility for identity theft," said Summit's attorney Stacey Slaughter of the law firm Robins Kaplan. "All of the components that would allow someone to create a new identity" were exposed in the Equifax hack.
Equifax responded that they can't comment on pending litigation, according to the article, though "Equifax has said it did its best to respond to the breach and alerted consumers as quickly as it could..."
"The company's stock price has fallen 27 percent since it announced the hack September 7."
Let me be the one to say it (Score:5, Insightful)
Good.
Criminal Charges Needed (Score:5, Insightful)
Re: Criminal Charges Needed (Score:4, Insightful)
Re: (Score:2)
I'm not sure it's perfectly just for the banks and lawyers to get the whole reward, but we can't bail out shareholders when their companies fail.
We shouldn't bail out banks, either. We should nationalize them. Shareholders already get a bailout, of sorts; corporations engage in all kinds of morally ambiguous (or outright outrageous) behavior, and often many kinds of illegal behavior as well, and shareholders are not held accountable for any of it, but they share in the profits when nobody gets caught and it all goes well.
Re: (Score:3)
The share holders are investors who have volunteered to take a risk with their money.
I agree that to some extent the shareholders should suffer. However, if we want to stop this sort of thing happening again those directly responsible for the actions that lead to it must be held accountable and not allowed to hide behind the company and shareholders. In addition, there is very little shareholders can do to stop things like this. They can't stop executives insider trading nor can they easily find out about the appalling lack of security - effectively they are also victims albeit ones who di
Re: (Score:2)
They can sue the executives for their decisions. Probably easier than the people affected by the breach.
So round one should be a class action to bankrupt the company, round two should be shareholders against executives.
Re: (Score:1)
Shareholders can manage their companies. They are responsible for hiring & firing top executives. They would be smart to create blacklists of people who messed up when running companies - so these don't get hired into top level positions again.
Re: (Score:2)
The shareholders put their money up as an investment, and there are no guarantees on stock investments. There are no guarantees on returns, at all.
If they like the stock going up, they must tolerate the stock going down. Those are the rules. And if the company is mismanaged and fails, the shareholders are the ones that installed the governance and executive management with their annual shareholder meeting voting, even if by proxy. The corporation is 100% owned by the shareholders, the shareholders get a
Re: (Score:2)
Re: (Score:1)
See, this is the problem tho.
You *CAN"T PROTECT YOUR DATA".
How many of these have to occur.
"Oh but they weren't patched"
Doesn't matter, there will be new weaknesses discovered.
Windows, Linux, and probably cloud computing are simply fundamentally insecure at this time.
Only small custom systems are reasonably secure because so few people are trying to break into them. Anything that becomes financially viable becomes a target.
You can't automate this stuff- you have to keep humans in the loop. And even then h
Re: (Score:3)
First, the shareholders should suffer. Equifax, like all of th
Re: (Score:2)
Most executives are largely paid with stock options, which are likely now worthless if they were not fully vested. Trust me, their attention has been captured.
Specific laws about data protection that could be applied in the case of gross negligence (which this was) would be icing on the cake though. In the wake of Enron, every publicly traded company takes Sarbanes Oxley quite seriously - something along the same lines for data security may be necessary before this all gets better.
I'm not so sure (Score:3)
btw, if you're reading this and have been one of the ones railing against 'job killing regulations' (their words, not mine) this is the consequences of the relentless drive to stop government oversight in the na
Re: (Score:1)
You don't have to join a class action suit. You're perfectly welcome to go dig up your own proof of harm, lawyer up, initiate a suit, and sue them in the court of your choice.
They are in no way indemnified against all future damages except by those who agree to be part of the class action. Problem is, lawsuits are hard, which is why class actions exist. They put fear into corporations too big for individuals to sue.
Disingenuous (Score:2, Insightful)
"Equifax has said it did its best to respond to the breach and alerted consumers as quickly as it could..." - You mean Equifax alerted consumers as quickly as they could after their executives sold their shares...
Pitiful. Hope they go outta business.
"Quickly as they could"??? BS. (Score:5, Insightful)
> "Equifax has said it did its best to respond to the
> breach and alerted consumers as quickly as it
> could..."
And by "as quickly as it could", Equifax means that they view sitting on the breach and keeping the public in the dark while the C-levels sell off their stock as being legitimate.
Banks and lenders must bear the liability (Score:5, Insightful)
"For financial institutions it is important: They bear the financial responsibility for identity theft," said Summit's attorney Stacey Slaughter of the law firm Robins Kaplan. "All of the components that would allow someone to create a new identity" were exposed in the Equifax hack.
It is not my job to securely guard my name, address and social security number. It is, in fact, impossible to secure it. It is the bank's responsibility to make sure they lend to the right person. Banks can not lend to any one claiming to be A and hold A responsible for default.
If they lend to B and report A is in default, A should be able to sue the banks for libel.
The root cause of this identity theft market is the willingness of the banks to lend without doing full verification of the identity. If banks won't lend so easily, then there is no reason for people to steal identity. Banks want to lend freely, without any verification. They make us prove we did not borrow the money and we were victims of identity theft. It should not be our responsibility.
In fact they won't be able to collect in court if they sue us. The only weapon they have is to report us to be in default. Well, we need to take that weapon away from them. They should not be able to report default without first proving they lent to the person they allege to have defaulted on loans.
Re:Banks and lenders must bear the liability (Score:5, Insightful)
They make us prove we did not borrow the money and we were victims of identity theft. It should not be our responsibility.
Yes, that. I hope the person who made up this misnomer "stolen identity" at least received a big bonus.
No one can steal identity. My identity remains intact. Banks just hand out money in my name, because someone said they are me and banks believed them.
Usually because that someone knows my SSN and my address/phone, which is out there now thanks to Equifax.
What? Just 27%? (Score:4, Insightful)
"The company's stock price has fallen 27 percent since it announced the hack September 7."
Surprised it is still at 73% of old price. I would like it to go bankrupt and take the entire credit reporting industry down with it.
We need to make both the banks, and the credit reporting agencies responsible for any fraudulent information they might publish. Claim A is in default of a loan, without proof that it was A who actually borrowed, bank should be liable for libel. Report the bank's claim, the credit reporting agency should be held accessory after the fact, aider and abettor. That is the only way to clean up the mess.
Re:What? Just 27%? (Score:5, Interesting)
Surprised it is still at 73% of old price. I would like it to go bankrupt and take the entire credit reporting industry down with it.
I also would like Equifax to go bankrupt.
However, I think stock price reflects the betting odds that nothing significant will come of it
My understanding is that
1) We are not even the customers of Equifax because someone else handed over our data to them and
2) People suing would have to show standing. So you probably have to wait until your "identity" is "stolen", then prove that it was due to Equifax breach (nearly impossible, of course), and then maybe you can sue.
Re: (Score:3)
Re: (Score:2)
Most of the investors do not grasp what this is about. Nor do they care for that matter. For them, it's only about money.
Until punishment for this kind of negligence do bankrupt companies, nobody will care. They'll get a fine and they'll walk.
Also, after a mess of this magnitude, all NYSE transactions should be deemed invalid until a month before at least for the board. Those C-level deserves either jail or AT LEAST, all gains nullified. That's whether they were in or not. I don't care. Being that incompete
This should lead to reform (Score:1)
Re: (Score:1)
Oversight is bad and communistic, we need less oversight so they can operate without all this extra burden stopping them from making more money!
What? (Score:2)
Who are the idiots still holding onto Equifax stocks? Seriously, sell that shit and let Equifax burn.
Re: (Score:2)
Who are the idiots still holding onto Equifax stocks?
The idiots who, based on prior evidence, expect this to blow over with no long-term effects.
Is Equifax continuously receiving our data even now?
Is Equifax making money from credit reports right now?
Even if they do go bankrupt would someone rescue/buy them to get a hold of our data?
Also, Equifax will earn extra money from people freezing/unfreezing their credit to try and keep safe(er). (I think they offer freezing for free until November? So they'll earn money after November, might even come out ahe
Re: What? (Score:1)
I don't think I've heard about a single business dropping Equifax, and definitely not a single one dropping the credit reporting bureaus entirely.
Is there any other or better aggregate of data to calculate risks regarding loans or "credit" to individuals? Is a sourc exists, is it competitively priced and affordable?
Re: (Score:2)
Honestly (Score:2)
A possible solution (Score:1)
Normally I don't participate in class actions (Score:3)
But in this case I'd participate just to screw with Equifax.