Class Action Lawsuits and Equifax’s Data Breach


Equifax is a consumer credit reporting agency that stores the personal and financial data of literally hundreds of millions of Americans. That’s the reason that cyber-security experts were so worried when the personal financial information on 143 million Americans was exposed to hackers in an unprecedented break-in from hackers back in July.

Driver’s license numbers as well as social security numbers may have been compromised for tens, if not hundreds, of millions of Americans. The full extent of the damage is not yet fully known. The consumer credit reporting agency detected the breach of its data centers on July 29th, but by that juncture the damage had certainly been done. Addresses, birth dates, and highly sensitive personal information was hoovered up in the breach.

Now consumers want to know if they have any legal recourse any Equifax for exposing their personal data to hackers. The solution could be a class-action lawsuit that would provide compensation to perhaps hundreds of millions of Americnas who were exposed to the hack last July. Equifax, though, has been very clever thus far in dodging responsibility for the data breach.

In Equifax’s terms of service many of the customers who eventually had their credit and personal information swiped signed an agreement, maybe unwittingly, to settle all disputes on an individual rather than collective basis. This means that Equifax might be able to bat away lawsuits and overpower individuals with a formidable legal team and resources on a one-on-one basis, all but ruling out class-action lawsuits.

To their credit the folks at Equifax added a page to their website that allowed customers the chance to enter their social security numbers and find out whether their data had been compromised. Still, some legal experts are scratching their heads over how much Equifax is really doing for consumers in light of the data breach.

Signing up for the service left many legal experts confused per each side’s responsibility. The conclusion from some legal corners was that Equifax’s enrollment page left it unclear as to whether the consumer waived his or her right to bring a class-action lawsuit later, should negligence be shown, or even what exactly the consumer was agreeing to.

There’s some dissonance between Equifax’s general agreement and the company’s TrustedID premier monitoring service’s terms of services. The Consumer Financial Protection Bureau announced a ban on arbitration clauses this summer as well, which adds another legal complexity.