Morgan & Morgan Sues Equifax for Data Breach Compromising 143M People

3 min read time
Morgan & Morgan Sues Equifax After Data Breach Compromises 143M Americans’ Personal Information

Update: 3/1/2018: Equifax announces that an additional 2.4 million Americans were affected by last year's data breach, bringing the total number of people impacted by the breach up to approximately 147.9 million.

The company claims that the additional people affected by the data breach only had their names and a partial driver's license number stolen by hackers. Previous consumers affected had their Social Security numbers, driver's license numbers, tax ID numbers, and other highly sensitive data exposed.


Update 2/9/2018: The Equifax data breach may have exposed even more sensitive data than previously reported, according to Fortune.

Tax identification numbers, driver’s license issuance dates and states, and email addresses were acquired by hackers, according to the new report. This leaked information is in addition to the Social Security numbers, addresses, driver’s licenses, credit card numbers, and the other sensitive data previously reported.

Tax identification numbers, in particular, could have serious consequences for victims of the data breach, as it increases the risk of fraudulent tax filings.


Update 9/26/2017: Equifax CEO Richard Smith announced his retirement "effective immediately," just weeks after the company revealed a massive data breach that gave hackers access to the sensitive information of 143 million consumers, according to NPR.


The Equifax data breach is said to affect as many as 143 million Americans, and attorney John Yanchunis of ClassAction.com and Morgan & Morgan is at the front lines in a fight to hold the company accountable for exposing such sensitive data as people’s names, addresses and Social Security numbers and credit card information.

On Thursday, Sept. 7 Yanchunis filed a class action against credit bureau Equifax, following the company’s announcement last week that its servers were breached in July.

The lawsuit accuses the company of failing to adequately protect its database of consumer information, allowing criminals to obtain the personal and financial information of hundreds of millions of Americans.

The lawsuit accuses the company of failing to adequately protect its database of consumer information, allowing criminals to obtain the personal and financial information of hundreds of millions of Americans. The suit also alleges that Equifax failed to inform consumers in a timely manner after discovering the breach.

Yanchunis, who has handled a number of high-profile data breach cases — including the class action against Target after the company’s 2013 breach — called the Equifax data breach “shocking.”

"Equifax contains one of the largest databases of consumer information and they should have been better prepared for any attempt to penetrate its systems," Yanchunis said in a press release.


If you suffered financial damages due to the recent Equifax data breach, our attorneys may be able to help. Fill out this form on our page to learn if you could be eligible to participate in a class action lawsuit today. Check back to this page for more updates on the growing Equifax data breach crisis.


The Equifax Data Breach: What You Need to Know

The Equifax data breach compromised sensitive financial and personal information — including addresses, credit cards, driver's licenses, and Social Security numbers — of 143 million Americans.

The breach occurred over the summer between Mid-May and July, according to the U.S. Federal Trade Commission. Although Equifax discovered the breach on July 29, the company failed to inform the public until just last week.

Now, consumers are in a scramble to secure their data, file credit reports, and freeze their credit in case their data was compromised in the breach.

But what makes this particular data breach so bad — especially when compared to other recent breaches like the Anthem data breach or the leak of over 1 billion Yahoo accounts between 2013 and 2014?

Possibly the Worst Data Breach in the U.S. Ever

Equifax has come under fire from consumers, lawyers, and government officials alike for what could possibly be one of the worst data breaches in our country’s history, both due to the severity of the data exposed and the company’s poor handling of the crisis.

As one of the three major credit report agencies — Experian and TransUnion are the other two — Equifax had access to a massive stash of consumer data. As a result, the information leaked in the data breach included highly sensitive information such as names, Social Security numbers, birth dates, addresses, driver's license numbers, and approximately 209,000 credit card numbers, according to Wired.

The information leaked in the data breach included highly sensitive information such as names, Social Security numbers, birth dates, addresses, driver's license numbers, and approximately 209,000 credit card numbers.

Unlike other breaches where only some consumer data like email addresses is exposed, the assortment of information exposed in this particular data breach gives hackers the potential power to fraudulently open a bank or credit account in another person’s name, according to the Los Angeles Times. Hackers could possibly change passwords and account settings with this information, as well.

Worse yet, their weeks-long delay informing consumers of the breach allowed hackers ample time to use the exposed data for nefarious purposes. For example, the two lead plaintiffs of Morgan & Morgan’s lawsuit against Equifax allege that they incurred out-of-pocket costs for identity theft protection after unauthorized use of their financial accounts due to Equifax’s negligence.

Equifax Faces Backlash Over Arbitration Clause

Additionally, Equifax was called out for its inadequate response to consumer inquiry into whether they were compromised or not. Equifax provided a website where you can check to see if your data was compromised, but the website fails to give a clear answer whether your data was affected or not, leaving consumers in limbo.

The website encourages users to sign up for the company’s “TrustedID Premier” credit monitoring service. Initially, the website’s terms of service included a fine print arbitration clause stating that website users — potential data breach victims — waived their right to participate in a class action if they use the service.

Fortunately, after immense backlash from the consumer advocates such as New York Attorney General Eric Schneiderman, who called the terms “unacceptable and unenforceable,” Equifax removed the arbitration clause from the user agreement, according to the Washington Post.

Adding Insult to Injury: Equifax Managers Sold Stocks Before Announcement

The ire of the public was stoked even further by news that three Equifax managers sold $1.8 million worth of stock between the time the data breach was discovered internally and when the data breach was officially announced, according to Bloomberg.

The executives included a chief financial officer and two presidents of the company’s business units. Although the three executives claim that they had not been informed of the incident before they sold stock, some believe their actions are indicative of profiteering in the face of a company crisis.

Data Breaches Are Happening More and More: What You Can Do

If it seems like you’ve been reading more and more about data breaches in recent months, it’s not your imagination: 2016 was a record year for data breaches. There were over 1,000 breaches last year, a 50 percent increase from 2015 according to Identity Theft Resource Center.

The rate of incidents shows no signs of slowing down in 2017. In fact, based on the number of data breaches in the first half of the year, this year is on track to surpass 2016’s record with an estimated 1,500 data breaches by end of year, according to the ITRC. Saks Fifth Avenue, GameStop, HealthNow Networks, Chipotle, and Verizon are just a handful of the major companies implicated in data breaches this year alone.

So what can consumers like you do to stay safe? The FTC recommends the following steps for protecting yourself following a data breach:

  • Check your credit report by visiting annualcreditreport.com. According to federal law, you are allowed to get a free copy of your credit report every 12 months from each credit reporting company.
  • Consider placing a credit freeze on your file with each bureau, making it harder for a hacker to potentially open a new account in your name. Alternatively, place a fraud alert on your files, which warns creditors that they should verify if anyone seeking credit in your name is actually you.
  • Monitor your existing accounts closely for fraudulent charges.

Were You Impacted by the Equifax Data Breach?

If you suffered financial damages due to the recent Equifax data breach, our attorneys may be able to help. Fill out the form on our page to learn if you could be eligible to participate in a class action lawsuit today. You may be entitled to compensation.

Check back to this page for more updates on the growing Equifax data breach crisis.

Disclaimer
This website is meant for general information and not legal advice.

Injured? Getting the compensation you deserve starts here.

An illustration of a broken car.

Deep Dive

Explore more information related to the case process.