On July 22, 2019, Equifax, one of the nation’s three large credit reporting agencies, settled a lawsuit brought by the Federal Trade Commission (“FTC”), the Consumer Financial Protection Bureau (“CFPB”), and 50 U.S. states and territories. The lawsuit alleged that Equifax’s failure to take reasonable steps to secure its network—which contained sensitive personal financial information (including social security numbers)—led to a 2017 data breach that impacted 147 million people. Notably, Equifax failed to encrypt its data, instead storing sensitive consumer information in plain text, while misleadingly assuring customers that it had physical, technical, and procedural safeguards to protect this data. The lawsuit specifically alleged that, as a result of these acts, Equifax violated the FTC Act’s prohibition against deceptive and unfair practices and the Gramm-Leach-Bliley Act’s Safeguards Rule. The $575 million settlement (which could potentially reach $700 million) required the company to pay $300 million to a fund that will provide consumers with free credit monitoring services for at least 10 years or a $125 cash payment, and to pay civil penalties of $175 million to the U.S. States and territories and $100 million to the CFPB.
Update: The FTC recently updated class members, explaining that “[t]he public response to the settlement has been overwhelming” and therefore, “each person who takes the money option is likely to get a very small amount. Nowhere near the $125 they could have gotten if there hadn’t been such an enormous number of claims filed.” Accordingly, the FTC is encouraging class members to take free credit monitoring services.
Nevertheless, in an ironic twist, class members should be aware that the claim form offers additional years of credit monitoring from Equifax. While class members can decline the credit monitoring offered by Equifax and instead choose a different credit monitoring service, according to the FTC, “[w]hether or not [investors] choose to get free credit monitoring from Equifax, the company will continue to collect information about you.” This tension demonstrates the difficulty with the oligopolistic structure of the American credit reporting industry and why it is critically important for credit reporting agencies to implement effective cybersecurity mechanisms that protect consumer’s private financial information.
About Faruqi & Faruqi, LLP
Faruqi & Faruqi, LLP focuses on complex civil litigation, including securities, antitrust, wage and hour and consumer class actions as well as shareholder derivative and merger and transactional litigation. The firm is headquartered in New York, and maintains offices in California, Georgia and Pennsylvania.
Since its founding in 1995, Faruqi & Faruqi, LLP has served as lead or co-lead counsel in numerous high-profile cases which ultimately provided significant recoveries to investors, direct purchasers, consumers and employees.
To schedule a free consultation with our attorneys and to learn more about your legal rights, call our offices today at (877) 247-4292 or (212) 983-9330.
Faruqi & Faruqi
New York office
Tel: (212) 983-9330
Fax: (212) 983-9331