House Committee report confirms Equifax botched data security and response

Media Contacts
Mike Litt

Director, Consumer Campaign, U.S. PIRG Education Fund

U.S. PIRG Education Fund

Today, the House Oversight and Government Reform Committee released the results of its investigation into the 2017 Equifax data breach. Mike Litt, consumer campaign director for the U.S. PIRG Education Fund, issued the following statement, which includes steps that consumers can take to protect themselves from identity theft:

“Today’s report confirms that Equifax botched its data security and botched its response to its massive data breach. This was the worst data breach in history because Equifax lost the Social Security numbers for nearly 150 million Americans, exposing us to identity theft and other fraud for the rest of our lives.

The recommendations in the government report, including more transparency and oversight of data security at the credit bureaus, are good first steps. But there should also be financial consequences for credit bureaus when they lose our data. More than a year later, Equifax still has not paid a price for losing our data and making it easier for criminals to use our personal information for their gain. We didn’t give the credit bureaus permission to collect or sell our data. The only way they will take our data security seriously is if they risk monetary penalties for losing it.

Furthermore, Equifax never provided us the information or tools we needed to adequately protect ourselves. Given Equifax’ lack of action, U.S. PIRG Education Fund offers these tips about how to protect yourself from fraud made possible by the data lost in the Equifax breach:

  • New Account Fraud (including cell phone, credit card, loan and utilities accounts): Get credit freezes at all three nationwide credit bureaus — Equifax, Experian, and TransUnion.

  • Tax Refund Fraud: File your taxes as soon as possible, before thieves do. Also, if you qualify, get an Identity Protection (IP) PIN.

  • Health Care Services/Medical Benefits Fraud: Sign up for online accounts with your health care and insurance providers to periodically check for any fraudulent services on your statements.

  • Phishing Scams: Ignore unsolicited requests for information by email, links, phone calls, pop-up windows or text messages. Marriott will notify its affected customers about its breach by email ([email protected]) and has said it will not ask for personal information or include attachments.

More tips for protecting yourself from identity theft and fraud are available here.”