Equifax Hit With $70 Billion Lawsuit After Leaking 143 Million Social Security Numbers

One day after Equifax announced (more than one month after it itself had learned) that its systems had been hacked, resulting in up to 143 million social security numbers, names, addresses, driver’s license data, birth dates, some credit card numbers and pretty much all other critical personal data being leaked and currently for sale somewhere on the dark web, the company whose job is, ironically, to protect the credit and personal information of hundreds of millions of Americans has been hit with a monster class-action lawsuit seeking as much as $70 billion.

In retrospect, we find it surprising that it wasn't multi-trillion lawsuit in light of the galactic stupidity exhibited by a company whose server apparently had zero firewalls from the internet and where any hacker could get access to the most confidential information available.

And while for the most part class action lawsuits are filed by ambulance-chasing lawyers seeking a recovery for a class of plaintiffs in exchange for a juicy 25-40% of the final amount, in this case In the complaint filed in Portland, Ore., federal court has every single merit to ultimately crush Equifax for what is nothing less than unprecedented carelessness in handling precious information.

In the lawsuit, plaintiffs alleged Equifax was negligent in failing to protect consumer data, choosing to save money instead of spending on technical safeguards that could have stopped the attack, Bloomberg reports. Imagine how much angrier they would be if they found that instead of "saving" the money, the company used it instead to buy back its own stock (in this case from selling executives).

“In an attempt to increase profits, Equifax negligently failed to maintain adequate technological safeguards to protect Ms. McHill and Mr. Reinhard’s information from unauthorized access by hackers,” the complaint stated. “Equifax knew and should have known that failure to maintain adequate technological safeguards would eventually result in a massive data breach. Equifax could have and should have substantially increased the amount of money it spent to protect against cyber-attacks but chose not to.” 

The plaintiffs in the lawsuit are Mary McHill and Brook Reinhard. Both reside in Oregon and had their personal information stored by Equifax. Tens of millions more will join the lawsuit shortly once they realize their data has similarly been hacked. Readers can find out if they have been affacted by the leak at the following site.

According to Bloomberg, the case was filed by the firm Olsen Daines PC along with Geragos & Geragos, a celebrity law firm known for blockbuster class actions. Ben Meiselas, an attorney for Geragos, said the class will seek as much as $70 billion in damages nationally.

Finally, as one social media commentator put it, "In retrospect it seems like a really dumb idea to give three random companies access to the entire financial records of every American."

Comments

blargg Sep 12, 2017 12:01 AM Permalink

A spokesperson for Equifax didn't answer specific questions, but confirmed in a blanket statement to reporters, shortly after publication, that "some consumers who visited the website soon after its launch failed to receive confirmation clarifying whether or not they were potentially impacted.""That issue is now resolved, and we encourage those consumers to revisit the site to receive a response that clarifies their status," the spokesperson said.

So, the website now keeps track of whatever random result it gave and returns that for future queries. 

dunce Sep 8, 2017 11:05 PM Permalink

Credit reporting companies do not serve individuals, they serve businesses by rating individuals credit risks. They get their information from businesses on individuals and share it with all the businesses. They need all of our identification to differentiate individuals yet never ask individuals for permission to share that information. Now some group or individual got all that identity information from them without asking. Boo hoo.

Rhetorical Sep 8, 2017 7:55 PM Permalink

Checked out to see if I was affected turns out I am. I wonder if I can say my last 15k in Crypto purchases was not me? If so my monero habit paid off then.

DoctorFix Sep 8, 2017 6:28 PM Permalink

Let me see if I get this straight.  The article states that Equifax is in the business of "protecting" my personal data?  Really?  Where in fucks sake did I sign on to the dotted line begging them to steal that and then repackage and sell it to someone?  Thus not only did they steal and repackage my personal and supposedly private information without my consent.  they also turned around and profited off of it without giving me any of the proceeds.  They, along with their criminal copycat corporate cockroaches, exposed my financial and personal life to the world and thus allowed it to be abused. They themselves are the instigators and catalyst for fraud!  If they wanted to find the original "hackers" all they'd need to do is look in the mirror.  And to add endless insult to injury they turn around and want you to pay for the privilege of not getting fucked by them.  Ah, but au-contraire, they've already fucked you and like the rats they always were they're now jumping ship.  I say hanging is too good for any of them

JelloBeyonce Sep 8, 2017 6:11 PM Permalink

Hmmm, I wonder exactly what a class-action lawsuit of potentially 143 million strong would looke like.Perhaps billions of dollars to the Lawyers, $2 each for the individual class-action participants?

Escapeclaws Sep 8, 2017 4:43 PM Permalink

Suppose you click on that link and enter your last name and six digits, what then, assuming your data was stolen. Is there any point to clicking on that link? Does it make any difference if your data was stolen?

Everyone is lying Sep 8, 2017 4:09 PM Permalink

Publish the names and home addresses of every Equifax executive that sold stock prior to this disaster. Pictures would be nice, too. We'll take it from there. Pitchforks and torches party for all!  

z530 Sep 8, 2017 3:42 PM Permalink

The fact that one of the largest data management companies in the world isn't using tokenization for PII is shocking. Then they allow a production, Internet facing web server be configured to present debugging info (how developers and hackers figure out problems with the app or servers) is also shocking. This is a fuckup of catastrophic proportions.  I wouldn't be surprised if their Chief Security Officer is already fired.

pparalegal Sep 8, 2017 2:59 PM Permalink

What galactic stupidity? They sold then shorted their own stock before going public that they F'd everyone. Just another day in banking financial land. As long as the K Street lobby machine is fully funded all is well up in congress and at the NSA.

adr Sep 8, 2017 2:46 PM Permalink

Even though I've never enrolled in anything with Equifax, nor used the service, I checked the site and is says my info was compromised.Since I have an 850 credit score which entitles me to buy the Empire State Building if I want to, I want $1 billion in damages. The loss of my perfect score would be devastating to my ego.I do love going into car dealerships and banks and having them say, "We need to check your credit." I say, "No you don't, trust me." When they run the report and they look at the screen, the widening of their eyes is priceless. IN an instant negotiations become easier and I then get to deal with the top dog who will try anything to get my business. Knowing there isn't a bank in the world that would turn me down means I can focus on getting the best deal possible.My dad knows a lawyer who got $250 million from an airline in the 90s. Maybe I should give him a call and start a $500 billion lawsuit. 

konadog Sep 8, 2017 2:45 PM Permalink

In retrospect, we find it surprising that it wasn't multi-trillion lawsuit in light of the galactic stupidity exhibited by a company whose server apparently had zero firewalls from the internet and where any hacker could get access to the most confidential information available. It was a bad prospective idea, but the elite turds making these decisions refuse to hear the voices of the "little people".  Same as outsourcing IT to India (a culture known for lethargy and corruption) and other 3rd world countries is a bad prospective idea. How long before some genius claims that was a bad "retrospective" idea as if anyone with half a brain couldn't have reasoned it out ahead of time?  News flash globalist inbreeds: in addition to being lazy, unimaginative twits, these assholes are selling the same information on a daily basis that Equifax just lost in mass. I wouldn't be surprised to learn that Equifax had outsourced IT security to India.

Calculus99 Sep 8, 2017 2:31 PM Permalink

More proof if it was needed that (almost) the second highest paid in a firm these days should be 'head of tech security'. It's fucking wide open out there for the hackers folks. In 10 years time the hackers will look back at 2010-2020ish and say it was tyhe golden age, so easy etc.These dopey firms will have to learn the hard way, you pay peanuts in security and you get monkeys. YOu also put your fim at real risk, money, brand, rep, mega lawsuits etc.PS. If any readers have kids, 16-24 and they're headed into the tech world, get them to specialise in security because jobs and salaries are only going one way.  

moorewasthebestbond (not verified) Sep 8, 2017 2:13 PM Permalink

I guess I won't be getting any of the class action law suit money. I am NR (no rating) because for the last 15 years I quit the game. I just bury gold and silver and guns and dig them up for sale if and when I need some Federal Reserve Notes.

peippe sauldaddy Sep 8, 2017 2:32 PM Permalink

shocking!are you saying that a company that collates info on my debt servicing tendencies would try & scam me out of my right to reparations for damage(s) done to my finances? OMG it's like they want me paying 29.99% interest on my purchases so they can keep getting kickbacks from their retarded cousins that run the banks! OmFG!

In reply to by sauldaddy

Bemused Observer Sep 8, 2017 2:04 PM Permalink

I will NOT conduct ANY business online, period. I flat out REFUSE to create an online SS account. Once I started receiving SS payments, my cell phone began ringing, and hasn't stopped yet...people trying to sell me back braces, knee braces, drug plans, 'counseling' (for what?). It was OBVIOUS that my phone number was released to all these people, who apparently knew I was a new recipient and were eager to market their goods and services to me. The fuckers SOLD my information to telemarketers! Well, they can take their "online" and shove it up their asses. I don't trust them, and have no reason to change my mind. They can't protect jack shit online, and no one is obligated to trust their 'new' system which does NOT function properly, and obviously considers your personal info their own to sell. I am NOT your fucking COMMODITY assholes! So from now on, we'll keep it real simple...if it was 'done' online, it was NOT done by ME. Because I don't do my business online...period! Real easy to tell the real from the fake that way, no 'investigations' needed.Fuck off, dot gov...

sauldaddy Sep 8, 2017 2:01 PM Permalink

Newsflash!!!!! If the have your equifax file all they have to do is order a fake ID of the dark web , go to your bank and whipe you the fuck out. You've been warned .

You can thank the flunkies at he NSA for allowing weaponized hacking tools to be available to any script kiddie with a internet connection. I'm shocked they haven't wiped out entire banks by now. Maybe they did and the banks just kept it secret.

runnymede Sep 8, 2017 1:52 PM Permalink

When they've stolen everything else and encumbered you in perpetuity, the only thing else of value left to strip mine is your very 'identity'."Welcome to the matrix; the blue pill goes down easier"Regards,The Uniparty 

Eddielaidler Sep 8, 2017 1:43 PM Permalink

So these pricks sell off their stock before going public with the breach and then want you to use a trial version of their identity theft protection. Fucking false flag for profit.

Quivering Lip Sep 8, 2017 1:42 PM Permalink

So Equifax fucked up with data and now want more data to see if they fucked up with your data. Brilliant!!The CEO'S of the majority of most major corporations all come out of the same fucking clown car. 

runnymede Sep 8, 2017 1:35 PM Permalink

"In retrospect it seems like a really dumb idea......."This could be said about most collective human endeavors. Unfortunately, most humans are wired only to take the short view of things, and are unwilling or incapable of critical thought; and mistakes are repeated despite history's clear repeated warnings; and the competent are not invited to the meeting.The tragi-comedy continues.....

Gophamet Sep 8, 2017 1:34 PM Permalink

Looking forward to the SEC slapping their scummy executives with insider trading for dumping the stock. How about a little ground glass with that vaseline! 

runnymede VWAndy Sep 8, 2017 1:46 PM Permalink

Looking forward to the .gov overreaction of the latest incarnation of closing the barn after the horse gets out.Maybe someday the citizenry will get it that .gov and and it's unholy offspring, the corporate State is by it's nature incompetent to the purposes it espouses. History testifies otherwise though. 

In reply to by VWAndy

surf@jm Sep 8, 2017 1:18 PM Permalink

LMAO!.......America and its scam artist economy......What else would you call a country that has 1% interest rates, but credit card rates at 10% or more, with over a trillion owed on credit cards?........

motoXdude Sep 8, 2017 1:10 PM Permalink

Silly Customers!   Their only concern is their stockholders and Execs, you're just the means to their end!   They're too busy acquiring and expanding, paying-out dividends and bonuses!   You don't matter as you're small and insignificant to them... they're BIG SHOTS!   My oh my... what kinds of Boobs are Business Schools pumping-out these days!   Ethics?  Morals?   Loyalty?   HA!   It's been TRUMPED BY THE DESIRE FOR MONEY... NOTHING ELSE MATTERS ANYMORE!  Get used to it or get ready to stand-up for change!  Otherwise SHUT UP AND TAKE IT!

RedDwarf Sep 8, 2017 1:04 PM Permalink

The US government's centralized data on everybody with a security clearance was hacked.  So even with good security this happens.  Then we had Ashley Maddison, now this.  It's a pattern for a reason.  Centralized repositories of this type of information are systemic risks.  We now have multiple examples of tens and hundreds of millions of records being hacked.Blockchains fix this.  You replace systemic risk with localized risk.  An individual can lose his private key and lose his information or money or stuff, but the blockchains themselves are secure.  You have the global access you need for modern society to work, but you no longer have the systemic security risk of the whole dataset being compromised.