Equifax spent over $1 million last year on lobbying efforts, according to data compiled by the Center for Responsive Politics. Mike Stewart/AP hide caption
toggle caption
Mike Stewart/AP
Equifax spent over $1 million last year on lobbying efforts, according to data compiled by the Center for Responsive Politics.
Mike Stewart/AP
Updated at 11:55 p.m. ET
The Equifax data breach exposed the personal information of an estimated 143 million Americans. It has led to a lawsuit against the company by the state of Massachusetts, an investigation by the Federal Trade Commission and the promise of congressional hearings. The episode, though, has revealed that up until now, the big three credit reporting companies have had a lot of clout in Washington, D.C., analysts say.
The credit reporting companies have to comply with rules set by the Federal Trade Commission and the Consumer Financial Protection Bureau, which regulate how the companies can sell your financial data to other companies.
After Equifax Hack, Consumers Are On Their Own. Here Are 6 Tips To Protect Your Data
But protecting that data is a kind of regulatory black hole. There is very little oversight — compared to banks, for example, says Rohit Chopra, a former assistant director of the CFPB. "To maintain a national bank license, banks have to prove that their standards are up to snuff," he says, "but credit reporting agencies don't face that same level of oversight, even though they hold data on the majority of American adults."
Chopra says what he calls the "meltdown at Equifax should be a wake-up call" to consumers about the outsized role credit reporting companies play "without our consent."
Chopra is now a senior fellow at the Consumer Federation of America, where he wrote up advice for those affected by the breach. Chopra says there are few rules protecting consumers' data or that require credit bureaus to immediately notify consumers in the event of a breach. It took Equifax some six weeks to reveal the hack, and the company left it up to consumers to try to find out if their data had been stolen.
The Two-Way
Equifax Confirms Another 'Security Incident'
Chopra says people have little control over their information, and that with credit bureaus, "in some ways you're not the customer, you're the product."
And Ed Mierzwinski of U.S. PIRG (Public Interest Research Group) says when it comes to choosing a credit bureau, consumers have no choice. "If you don't like AT&T or Verizon, you can go to T-Mobile, you can take your business elsewhere, you vote with your feet. You can't vote with your feet with a credit bureau," he says. "You're stuck with them."
Mierzwinski says the credit bureaus have fought attempts to make them more transparent. The three companies, Equifax, Experian and TransUnion, spent nearly $3 million to lobby lawmakers last year, according to figures compiled by the Center for Responsive Politics. In fact, he says, House lawmakers were considering legislation the industry favored on Sept. 7: "On the day of the Equifax breach announcement, the House held hearings on not one, but two bills to weaken consumer protections over the credit bureaus'."
The Two-Way
3 Equifax Executives Sold Stock Days After Hack That Wasn't Disclosed For A Month
One of the measures would cap the amount of damages that consumers could be awarded in a lawsuit against the companies. Its sponsor, Rep. Barry Loudermilk, R-Ga., defended the bill at that hearing, saying it had been presented "that this is a credit bureau protection act. This is false. This is to protect consumers and all Americans."
Since the breach was revealed, Loudermilk issued a statement saying that "given the unfounded attacks on me and the rampant misinformation circulating about this legislation, the Financial Services Committee has not scheduled further action on any bill at this time."
He also said that Equifax must be "held accountable" for the breach. A member of the Financial Services Committee, Loudermilk said he would be part of an investigation into the breach and that work had begun on legislation to require credit bureaus and other companies to promptly notify consumers if their data is breached.
Several Democratic senators, led by Elizabeth Warren of Massachusetts, have sponsored a measure that would forbid credit bureaus from charging consumers to freeze or unfreeze access to their accounts. It would also require the companies to refund any fees they have charged for credit freezes after the Equifax breach.
Equifax says it will waive fees for removing and placing security freezes through Nov. 21.
FAQs
Equifax spent over $1 million last year on lobbying efforts, according to data compiled by the Center for Responsive Politics. The Equifax data breach exposed the personal information of an estimated 143 million Americans.
Who has oversight of the credit bureaus? ›
The Consumer Financial Protection Bureau (CFPB) helps consumers by providing educational materials and accepting complaints. It supervises banks, lenders, and large non-bank entities, such as credit reporting agencies and debt collection companies.
How much will each person get from Equifax settlement? ›
Supervised by JND Legal Administration — a team of court-appointed lawyers — Equifax made a $700 million settlement, offering affected Americans either a $125 payout or 10 years of free credit monitoring and $1 million in identity theft insurance provided by Equifax.
What were the key impacts of the Equifax breach? ›
The key impacts of the Equifax breach included a heightened awareness of the financial consequences of a breach and the theft of millions of customers' personally identifiable information (PII).
What is the unethical behavior of Equifax? ›
In its complaint, the FTC alleges that Equifax failed to secure the massive amount of personal information stored on its network, leading to a breach that exposed millions of names and dates of birth, Social Security numbers, physical addresses, and other personal information that could lead to identity theft and fraud ...
Who oversees Equifax? ›
Credit bureaus are not government agencies. They are publicly traded companies owned by shareholders. The government does not run these companies, but the Consumer Financial Protection Bureau (CFPB) and the Federal Trade Commission (FTC) oversee them.
How to complain about credit bureaus? ›
First, try to resolve the dispute with the credit reporting agency that issued the credit report. If unsuccessful, contact the Consumer Financial Protection Bureau (CFPB), which handles complaints about credit reports and credit bureaus. Refer to 12 CFR 1022 "Fair Credit Reporting (Regulation V)" for more information.
How much are the Equifax settlement checks? ›
Equifax denied any wrongdoing and no judgment or finding of wrongdoing was made. If you are a Class Member, the deadline to file Initial Claims Period claim(s) for free credit monitoring or up to $125 cash payment and other cash reimbursem*nt passed on January 22, 2020.
Is Equifax giving out settlement checks? ›
Checks or pre-paid cards for valid claims for Out-of-Pocket Losses, Time Spent, and Alternative Reimbursem*nt Compensation will be mailed by the Settlement Administrator to the mailing address that you provide. Settlement benefits for eligible out-of-pocket losses and time spent began issuing in mid-December 2022.
Has anyone gotten their Equifax settlement? ›
The settlement became final in January 2022. Soon after, the settlement administrator began sending emails and letters to people who filed a valid claim and requested free credit monitoring.
Lack of transparency, not only put the company at greater levels of company risk, it also served to unknowingly expose millions of consumers to higher levels of personal risk. This in turn makes the General Public less forgiving of Equifax in how it handled the issue.
Is the Equifax hack the worst ever and why? ›
The Equifax breach is unprecedented in scope and severity. There have been larger security breaches by other companies in the past, but the sensitivity of the personal information held by Equifax and the scale of the problem makes this breach unprecedented.
What laws did Equifax breach break? ›
The complaint alleges that a number of Equifax's actions – and failures to act – led to violations of the FTC Act and the Gramm-Leach-Bliley Safeguards Rule, which requires financial institutions to implement and maintain a comprehensive information security program.
What did Equifax do wrong? ›
How did the Equifax breach happen? Like plane crashes, major infosec disasters are typically the result of multiple failures. The Equifax breach investigation highlighted a number of security lapses that allowed attackers to enter supposedly secure systems and exfiltrate terabytes of data.
What is the Equifax controversy? ›
The Equifax data breach occurred between May and July 2017 at the American credit bureau Equifax. Private records of 147.9 million Americans along with 15.2 million British citizens and about 19,000 Canadian citizens were compromised in the breach, making it one of the largest cybercrimes related to identity theft.
What are four unethical behavior? ›
The ERC reported that employees most often observe the following five unethical behaviors in the workplace: 1) employees misusing company time, 2) supervisors abusing subordinates, 3) employees stealing from their employers, 4) employees lying to their employers, and 5) employees violating company internet policies.
What is an example of a violation of the Fair Credit Reporting Act? ›
Notice violations under the FCRA might occur when: a creditor fails to notify you when it supplies negative credit information to a credit reporting agency. a user of credit information (such as a prospective employer or lender) fails to notify you of a negative decision based on your credit report.
Which federal law regulates the use of credit reports? ›
The Fair Credit Reporting Act (FCRA) is a federal law that helps to ensure the accuracy, fairness and privacy of the information in consumer credit bureau files. The law regulates the way credit reporting agencies can collect, access, use and share the data they collect in your consumer reports.
Who enforces the federal laws regarding credit? ›
The FTC administers a wide variety of laws and regulations, including the Federal Trade Commission Act, Telemarketing Sale Rule, Identity Theft Act, Fair Credit Reporting Act, and Clayton Act. In total, the Commission has enforcement or administrative responsibilities under more than 70 laws.
What agency oversees the Fair Credit Reporting Act? ›
Who Enforces the FCRA? As a federal law, enforcement of the FCRA falls to the Federal Trade Commission (FTC) and the Consumer Financial Protection Bureau (CFPB).
