USA TODAY International Edition
One year after hack, what’s new at Equifax?
Investigations continue amid flurry of lawsuits
Alvin Kleveno is among the nearly 148 million members of a not-so-exclusive club – consumers whose personal data was compromised in the massive cyberattack disclosed one year ago by Equifax, one of the nation’s three major credit bureaus.
In the weeks after the bad news, the company alerted the Colorado resident that not only was his personal data endangered, a debit card he’d previously used to “unfreeze” his Equifax credit record had also been compromised.
Today, Kleveno is one of 96 named plaintiffs from all 50 U.S. states and the District of Columbia who are suing Equifax in a consumer class-action lawsuit. The case is among a multitude of lawsuits targeting the Atlantabased company.
The lawsuits have inched through the legal system in the year since the news that nearly half of all Americans had personal information exposed by the breach. Meanwhile, federal, state and overseas authorities pursue yetto-be-completed investigations.
Although a new law will let Americans freeze their credit reports without charge as of Sept. 21, Lauren Saunders, associate director of the National Consumer Law Center, says “very little has changed” for consumers because personal information for millions of consumers remains in the hands of thieves.
“After publicly announcing the worst data breach in history, Equifax still hasn’t paid a price or provided the information and tools consumers need to adequately protect themselves,” the U.S. PIRG Education Fund, an independent group focused on consumers and the public interest, says in a report scheduled for release on Thursday.
Equifax declined to make executives available for an interview about the one-year anniversary of its cyberattack disclosure. However, the company said it has tightened its data security perimeter, hired top cybersecurity and technology professionals, improved cyberattack detection and response times, and offered consumers more control over their data.
The company also agreed to a June consent order with financial regulators from eight states that requires it to conduct security audits at least once a year and take other steps to strengthen data safety.
“Protecting the data entrusted to Equifax is the company’s top priority,” the credit bureau said, adding that it has conducted regular cybersecurity briefings and calls “to update hundreds of business customers on our progress and lessons learned.”
After closing at $142.72 on September 7, 2017, Equifax shares plunged and closed at $89.59 close one week later, a 37 percent skid.
Equifax shares closed at $134.54 on Wednesday.
Timothy McHugh, an analyst with William Blair, maintained an outperform rating on Equifax shares in a late July 26 note to investors.
“Equifax’s story will continue to have a lot of moving parts,” he said, “but we are optimistic that the company’s growth rates, margins (and) technology ... and valuation multiple will improve over the next year or two.”