In a world where the internet is ubiquitous, no online service is completely safe from hackers. Credit reporting company Equifax Inc. (NYSE: EFX), said last week that “its systems were struck by a cyberattack.†Up to 143 million consumers in the U.S. may have been affected. Some U.K. and Canadian residents were also compromised in the breach. “Intruders accessed names, Social Security numbers, birth dates, addresses and driver’s license numbers.†Furthermore, the “credit card numbers for about 209,000 consumers were also accessed.†The hackers were able to use a vulnerability on a U.S. website application to gain access to certain files from mid-May through July of 2017. “The intruders also accessed dispute documents with personal identifying information for about 182,000 consumers.â€Â Though the attack was stated to have begun in mid-May, the breach was not discovered until July 29.
Since exposing one of the largest hacks of the year, the compromised company is now facing dozens of federal lawsuits. More than 23 lawsuits have been filed so far. In one case Equifax is accused of misleading shareholders about its ability to protect consumer data. The agency knew about the hack more than a month before the truth came out. The lawsuit claims the company inflated financial statements to bring up the share price, before being exposed. According to techcrunch, another lawsuit was filed in Portland, Oregon. “Customers say that Equifax has been negligent when it comes to information security. Two firms are leading the class action lawsuit, Olsen Daines PC, and Geragos & Geragos. The plaintiffs are Oregon residents whose information was stored by the agency and hacked by an unauthorized third party. They’re asking for billions in damages.†If successful this could cause major financial difficulty for Equifax as the company only makes about $600 million in earnings each year.
After Equifax announced the security breach about $3 billion was wiped away from the company’s market cap as its shares dropped as much as 17% in the immediate trading session. On Monday key law makers demanded a detailed account of the company’s security systems. They are concerned that customer’s sensitive information was not properly protected.