Tag Archives: 2017 Equifax data breach

Equifax $425M data-breach settlement: How to file a claim

Equifax is a consumer credit reporting firm, the oldest of the three largest U.S. credit agencies (the other two are Experian and TransUnion). Founded in 1899, Equifax gathers and maintains information on over 800 million consumers and more than 88 million businesses worldwide. Based in 1550 Peachtree St. NW, Atlanta, Georgia, Equifax is a global service provider with $2.7 billion in annual revenue and more than 9,000 employees in 14 countries. Equifax is listed on the New York Stock Exchange (NYSE).

On July 29, 2017, Equifax discovered that some time in May, someone(s) hacked into its online databases and stole the names, birth dates, Social Security numbers, addresses and driver’s license numbers of 147 million consumers in the United States — data that security experts have described as the crown jewels for identity thieves.

But Equifax kept this discovery quiet for 39 days before finally informing the public about it on September 7, 2017, admitting that 209,000 U.S. credit card numbers are also breached, as well as “certain dispute documents with personal identifying information for approximately 182,000 U.S. consumers.”

Equifax blamed the hacking on a flaw in the STRUTS open-source software used to run its online databases.

On July 26, 2019, Equifax announced its settlement with the Federal Trade Commission (FTC), Consumer Financial Protection Bureau, and 50 US states and territories. The settlement includes up to $425 million to help people affected by the data breach.

If you information was exposed by the Equifax data breach, you can file a claim for reimbursement of time and expenses incurred dealing with the breach and any resulting identity theft, fraud or losses.

The FTC has a website on helping you file a claim, beginning with a link to see if your information had been exposed by the data breach. Use this look-up tool to see.

I clicked on the “look-up tool” link and was asked to enter my last name and the last 6 digits of my Social Security number. I was surprised that the result said my personal information had been exposed by the Equifax data breach. In all likelihood, yours had been exposed as well.

Once you’ve determined you are eligible for a settlement from Equifax, just follow the instructions on the FTC website to file a claim.

For the FTC website, click here or go to: https://www.ftc.gov/enforcement/cases-proceedings/refunds/equifax-data-breach-settlement

See also:

~Eowyn

Drudge Report has gone to the dark side. Check out Whatfinger News, the Internet’s conservative frontpage founded by ex-military!

Please follow and like us:
error0
 

Insane: IRS awards $7.25M fraud-prevention contract to Equifax despite massive data breach

Equifax is a consumer credit reporting firm based in Atlanta, Georgia, the oldest of the three largest U.S. credit agencies (the other two are Experian and TransUnion). Founded in 1899, Equifax gathers and maintains information on over 800 million consumers and more than 88 million businesses worldwide.

On July 29, 2017, Equifax discovered that some time in May, someone(s) hacked into its online databases and stole the names, birth dates, Social Security numbers, addresses and driver’s license numbers of 143 million consumers in the United States — data that security experts have described as the crown jewels for identity thieves.

But Equifax kept this discovery quiet for 39 days before finally informing the public about it on September 7, 2017, admitting that 209,000 U.S. credit card numbers are also breached, as well as “certain dispute documents with personal identifying information for approximately 182,000 U.S. consumers.”

After the company made known the breach, Equifax issued confusing instructions to consumers, which contained language that appeared aimed at limiting customers’ ability to sue. The company also tweeted out a link to a fake website instead of its own security site.

The Justice Department has also opened a criminal investigation into three Equifax executives — John Gamble, Rodolfo Ploder and Joseph Loughran — who sold almost $1.8 million of their company stock before the breach was publicly disclosed. See “Equifax executives sold $2M of their company shares 37 days before informing public of data breach“.

And yet, the IRS has seen fit to award Equifax a $7.25 million fraud-prevention contract — $7.25 million of taxpayers’ money!

Steven Overly and Nancy Scola report for Politico, Oct. 3, 2017, that a contract award for Equifax’s data services was posted to the Federal Business Opportunities database Sept. 30 — the final day of the fiscal year.

According to the no-bid contract, the IRS will pay Equifax $7.25 million to help prevent fraud at the IRS by assisting in verifying taxpayer identity even as Congress is investigating Equifax for its massive security breach that exposed the personal information of as many as 145.5 million Americans.

A no-bid contract means that the IRS deems Equifax to be a “sole source order” — the only company capable of providing the service. The contract award was issued to prevent a lapse in identity checks while IRS officials resolve a dispute over a separate contract.

The IRS, which has suffered its own embarrassing data breaches as well as a tidal wave of tax-identity fraud, has taken steps to improve its outdated information technology with the help of $106.4 million that Congress earmarked for cybersecurity upgrades and identity theft prevention efforts. In a letter to IRS Commissioner John Koskinen, Senate Finance Chairman Orrin Hatch (R-Utah) questioned the agency’s security systems and said he was concerned that the IRS lacked the technology necessary “to safeguard the integrity of our tax administration system.”

Lawmakers on both sides of the aisle blasted the IRS decision:

  • Senate Finance Chairman Orrin Hatch (R-Utah) said in a statement: “In the wake of one of the most massive data breaches in a decade, it’s irresponsible for the IRS to turn over millions in taxpayer dollars to a company that has yet to offer a succinct answer on how at least 145 million Americans had personally identifiable information exposed,”
  • Senate Finance Comittee ranking member Ron Wyden (D-Ore.) said: “The Finance Committee will be looking into why Equifax was the only company to apply for and be rewarded with this. I will continue to take every measure possible to prevent taxpayer data from being compromised as this arrangement moves forward.”

The IRS defended its decision in a statement:

“Following an internal review and an on-site visit with Equifax, the IRS believes the service Equifax provided does not pose a risk to IRS data or systems. At this time, we have seen no indications of tax fraud related to the Equifax breach, but we will continue to closely monitor the situation.”

~Eowyn

Please follow and like us:
error0