Equifax Faces Multibillion-Dollar Lawsuit Over Hack
A proposed class-action lawsuit was filed against Equifax Inc. late Thursday evening, shortly after the company reported that an unprecedented hack had compromised the private information of about 143 million people.
In the complaint filed in Portland, Ore., federal court, users alleged Equifax was negligent in failing to protect consumer data, choosing to save money instead of spending on technical safeguards that could have stopped the attack. Data revealed included Social Security numbers, addresses, driver’s license data, and birth dates. Some credit card information was also put at risk.
Equifax first discovered the vulnerability in late July, though it chose not to announce it publicly until more than a month later. The company was widely criticized for its customer service approach in the aftermath of the hack, as users struggled to understand whether their information had been affected. Others expressed frustration that three senior executives sold about $1.8 million in stock in the days following the discovery of the hack. A spokeswoman for Equifax said the men “had no knowledge that an intrusion had occurred at the time.”
The plaintiffs in the lawsuit are Mary McHill and Brook Reinhard. Both reside in Oregon and had their personal information stored by Equifax.
“In an attempt to increase profits, Equifax negligently failed to maintain adequate technological safeguards to protect Ms. McHill and Mr. Reinhard’s information from unauthorized access by hackers,” the complaint stated. “Equifax knew and should have known that failure to maintain adequate technological safeguards would eventually result in a massive data breach. Equifax could have and should have substantially increased the amount of money it spent to protect against cyber-attacks but chose not to.”
The case was filed by the firm Olsen Daines PC along with Geragos & Geragos, a celebrity law firm known for blockbuster class actions. Ben Meiselas, an attorney for Geragos, said the class will seek as much as $70 billion in damages nationally.
Equifax didn’t respond to request for comment on the matter.
For more on cybersecurity, check out the Decrypted podcast: