The Federal Trade Commission said it is investigating the data breach at Equifax that exposed the personal information of 143 million Americans, including Social Security numbers. The U.S. consumer protection…

FTC Investigates Massive, Troubling Equifax Data Breach

FTC Investigates Massive, Troubling Equifax Data Breach

The Federal Trade Commission said it is investigating the data breach at Equifax that exposed the personal information of 143 million Americans, including Social Security numbers.

The U.S. consumer protection agency is not alone in seeking official answers to the massive hack. Senate Minority Leader Chuck Schumer, D-New York, said Thursday that Equifax executives should testify before the Senate. He also said the the credit reporting agency should extend free credit monitoring and credit freezes to consumers for 10 years and remove mandatory arbitration clauses from its terms of use.

The redit bureau is offering all consumers a free one-year subscription to TrustedID Premier — its credit-monitoring service. That offer initially came with a so-called “mandatory arbitration clause” — meaning that consumers agree to settle any dispute outside of court.

“The FTC (Federal Trade Commission) typically does not comment on ongoing investigations,” spokesman Peter Kaplan said in a brief email statement. “However, in light of the intense public interest and the potential impact of this matter, I can confirm that FTC staff is investigating the Equifax data breach.”

Equifax responded Wednesday to the arbitration clause issue, asserting that mandatory arbitration “will not apply to the free products offered in response to the cybersecurity incident or for claims related to the cybersecurity incident itself.” This action essentially opens a path for consumers to file lawsuits against Equifax.

The U.s. Consumer Financial Protection Bureau recently issued a rule that would make it more difficult for credit reporting agencies — Equifax, Experian and TransUnion — and financial firms to make arbitration mandatory.

Equifax says on its website that the breach, which it discovered internally in late-July and announced to the public last week, was the result of hackers exploiting a vulnerability in a website application called Apache Struts.

Consumers are being urged to place a security “freeze” on their credit reports to protect them from cyber thieves. But consumers have complained of problems initiating freezes with the credit reporting companies when they tried to do so by phone and online.

“We are experiencing a high volume of requests for security freezes and have been experiencing some technical issues,” a company spokesman, Wyatt Jefferies, said, in an emailed statement to the New York Times. “We are working diligently to resolve those technical issues.”

The U.S. Consumer Protection Bureau provides a webpage on identity theft protection following the Equifax data breach.

 

 

Leave a Reply