While America waits to see what use the criminals believed to have hacked Equifax will make of the names, Social Security numbers, addresses and birth dates stolen from up to 143 million people, some consumers are wasting little time in their efforts to drag the disgraced credit-reporting firm into court.
To some two dozen lawsuits filed and seeking class-action status, add a local one, filed Sept. 12 by East Bay resident Andrew Galpern.
“Equifax maintained an insufficient and inadequate system to protect the personal information of plaintiff and class members,” said Galpern’s lawsuit, filed in U.S. District Court in San Jose.
“Personal data such as that hacked in the data breach represents a major score for cybercriminals.
“Personal information is ‘as good as gold’ to identity thieves because they can use victims’ personal data to open new financial accounts and take out loans in another person’s name, incur charges on existing accounts, or clone ATM, debit or credit cards.”
Get tech news in your inbox weekday mornings. Sign up for the free Good Morning Silicon Valley newsletter.
Equifax announced Sept. 7 that criminal hackers had accessed highly personal identifying information for up to 143 million people in the U.S. The hackers also gained access to credit card numbers for about 209,000 U.S. consumers, along with credit-report dispute documents that identify about 182,000 more people in the country, Equifax said at the time.
Anyone who ever applied for a credit or debit card, taken out any kind of loan or debt, or even applied for an apartment rental that requires a credit report is likely in Equifax’s database, if the actions were taken in the U.S., experts said.
Galpern’s suit seeks class-action certification for all U.S. consumers whose data was stored by Equifax and/or accessed in the breach, and another class composed of California consumers whose data was stored by Equifax and/or exposed in the breach.
The hackers had access to Equifax databases from mid-May through July, according to the company. Equifax said it discovered the breach July 29 “and acted immediately to stop the intrusion.”
In the the six-week delay between discovery of the breach and notification of the public about it, Equifax executives sold $1.8 million worth of stock, the lawsuit said. That information likely came from a Bloomberg report, which said the company claimed the execs didn’t know about the breach when they sold the stock.
The suit filed by Galpern, of Albany, accuses Equifax of negligence and violation of state and federal law. It seeks unspecified damages.
It’s likely that lawsuits seeking class action against Equifax over the security breach will be consolidated.
Equifax declined to discuss the lawsuit.
“We cannot comment on pending litigation, but want to reassure consumers that we are remaining focused on helping them to navigate this situation and providing the best customer support possible,” the company said in a statement Sept. 12.
“We are listening to issues consumers have experienced and their suggestions, which are helping to further inform our actions as we continue to improve this process.”
Image: Internet hacking (Creative Commons/Max Pixel)
Tags: data breach, Equifax, hack, hacking, lawsuit