See you in court?
After disclosing last week that 143 million U.S. consumers may have had their personal information compromised during a cyberattack by criminal hackers, credit-reporting agency Equifax is already facing at least 23 proposed class-action lawsuits.
The company said the attacks took place from mid-May to July 2017, and the breach involved names, addresses, birthdays, and Social Security numbers, as well as some driver's license numbers. Equifax said it found out about the breach on July 29, and the Senate Finance Committee sent a letter to the company on Monday asking for a detailed timeline of what happened, how the company is working to figure out how many people have been affected, and what information was compromised.
The federal lawsuits have been filed in 14 states and the District of Columbia, covering everything from alleged security negligence to the delay in notifying customers, USA Today reports. One case, filed in California, takes aim at Equifax's offer to give customers a free year of credit monitoring from TrustedID, because the company "failed to disclose to consumers that it owned TrustedID, and its long-term business model turns on baiting consumers into signing up for its services. In other words, Equifax sought to turn its failure to protect consumers' sensitive data into a clandestine money-making opportunity."