Equifax

Last updated

Equifax Inc.
Company type Public
Industry Credit risk assessment
Founded1899;125 years ago (1899) (as Retail Credit Company)
Founders
  • Cator Woolford
  • Guy Woolford
Headquarters
Atlanta, Georgia
,
U.S.
Area served
Worldwide
Key people
RevenueIncrease2.svg US$5.27 billion (2023)
Decrease2.svg US$934 million (2023)
Decrease2.svgUS$545 million (2023)
Total assets Increase2.svg US$12.3 billion (2023)
Total equity Increase2.svg US$4.53 billion (2023)
Number of employees
c.14,900 (2023)
Divisions
Website equifax.com
Footnotes /references
[2] [3]

Equifax Inc. is an American multinational consumer credit reporting agency headquartered in Atlanta, Georgia and is one of the three largest consumer credit reporting agencies, along with Experian and TransUnion (together known as the "Big Three"). [4] Equifax collects and aggregates information on over 800 million individual consumers and more than 88 million businesses worldwide. In addition to credit and demographic data and services to business, [5] Equifax sells credit monitoring and fraud prevention services directly to consumers. [6]

Contents

Equifax operates or has investments in 24 countries in the Americas, Europe, and Asia Pacific. With over 14,000 employees worldwide, Equifax has nearly US$5 billion in annual revenue and is traded on the New York Stock Exchange (NYSE) under the symbol EFX. [7]

History

Equifax was founded as the Retail Credit Company by Cator and Guy Woolford in Atlanta, Georgia, as Retail Credit Company in 1899. [8] By 1920, the company had offices throughout the United States and Canada. [9] By the 1960s, Retail Credit Company was one of the nation's largest credit bureaus, holding files on millions of American and Canadian citizens. [10] [11] Even though the company continued to do credit reporting, the majority of its business was making reports to insurance companies when people applied for new insurance policies, such as life, auto, fire and medical insurance. [11] RCC also investigated insurance claims and made employment reports when people were seeking new jobs. Most of the credit work was then being done by a subsidiary, Retailers Commercial Agency.

Retail Credit Company's information holdings and willingness to sell its information attracted criticism in the 1960s and 1970s. These included that it collected "... facts, statistics, inaccuracies and rumors ... about virtually every phase of a person's life; his marital troubles, jobs, school history, childhood, sex life, and political activities." The company was also alleged to reward its employees for collecting derogatory information on consumers. [11] This led to discrimination against queer people and people of color. [12]

In 1970, after the company had computerized its records, which led to wider availability of the personal information it held, the U.S. Congress held hearings that led to the enactment of the Fair Credit Reporting Act. This legislation gave consumers rights regarding information stored about them in corporate databanks. [13] It is alleged that the hearings prompted the Retail Credit Company to change its name to Equifax in 1975 to improve its image. [11]

Equifax expanded into commercial credit reports on companies in the United States, Canada and the UK, where it came into competition with companies such as Dun & Bradstreet and Experian. [14] The insurance reporting was phased out.[ citation needed ] The company also had a division selling specialist credit information to the insurance industry but spun off this service, including the Comprehensive Loss Underwriting Exchange (CLUE) database as ChoicePoint in 1997. [15] Equifax formerly offered digital certification services, which it sold to GeoTrust in September 2001. [16] Also in 2001, Equifax spun off its payment services division, forming the publicly listed company Certegy, which subsequently acquired Fidelity National Information Services in 2006. [17] Certegy effectively became a subsidiary of Fidelity National Financial as a result of this reverse acquisition merger (See Certegy and Fidelity National Information Services for further information). [17]

In October 2010, Equifax announced it was acquiring Anakam, an identity verification software company headquartered in San Diego, California, which invented and pioneered SMS (text-message based) two-factor authentication. Terms of the deal were not disclosed.

Equifax purchased eThority, a business intelligence (BI) company headquartered in Charleston, South Carolina, in October 2011. eThority is partnering with TALX, a St. Louis-based business unit of Equifax, and remained in Charleston. [18]

In February 2016, Equifax acquired the Australasian company Veda, the largest credit reference agency in Australia at the time. Veda had previously acquired the Australian market research and opinion polling company ReachTEL in September 2015, which continues to produce opinion polls in Australia. [19]

Equifax was the subject of more than 57,000 consumer complaints to the Consumer Financial Protection Bureau from October 2012 to September 17, 2017, with most complaints relating to incomplete, inaccurate, outdated, or misattributed information held by the company. [20]

In September 2017, Equifax announced a cyber-security breach, which it claims to have occurred between mid-May and July 2017, [21] where cybercriminals accessed approximately 145.5 million U.S. Equifax consumers' personal data, including their full names, Social Security numbers, birth dates, addresses, and driver license numbers. Equifax also confirmed at least 209,000 consumers' credit card credentials were taken in the attack. On March 1, 2018, Equifax announced that 2.4 million additional U.S. customers were affected by the breach, [22] increasing the number of affected to 147.9 million Americans. The company claims to have discovered evidence of the cybercrime event on July 29, 2017. Residents in the United Kingdom (15.2 million) and Canada (about 19,000) were also impacted. The vulnerability which Chinese hackers leveraged was CVE - 2017-5638; [23] the hackers managed to stay in Equifax's systems undetected for approximately 134 days. [24]

In March 2018, the Security and Exchange Commission accused Jun Ying, Equifax's former CIO, of illicit insider trading, by selling company stock before the breach was publicly disclosed. [25] After an investigation by the FBI, Ying pleaded guilty, was sentenced to four months of prison plus a year of supervised release, and was fined $55,000.00 and ordered to pay restitution of $117,117.61 in June 2019. [26] [27] An Equifax manager, Sudhakar Reddy Bonthu, also pleaded guilty to insider trading and received a sentence of 8 months of home confinement. [28] [29]

In July 2019, The New York Times , the New York Post and other media reported Equifax had agreed to pay approximately $650 million to settle with the Federal Trade Commission (FTC) to resolve investigations by several state attorneys general, the Consumer Financial Protection Bureau, the FTC, and a consumer class-action lawsuit related to the data breach. [30] [31] [32]

By September 2019, however, Equifax had added qualifications and "hurdles" to its claims process which put in doubt whether the previously announced cash settlement of $125 per affected consumer would actually be awarded. [33] [34] [35]

On 19 December 2019, a federal judge in Atlanta awarded class-action attorneys representing consumers approximately $77.5 million, suggesting that individual consumers might expect to receive around six or seven dollars. [36]

In July 2020, Equifax reported that, after purchasing Ansonia Credit Data (Ansonia), a major source of consumer credit, payments, and invoice receivables (AR) data used by financial companies and other borrowers and businesses in the shipping and logistics sectors, the firm has expanded its position in commercial payment technology solutions. [37]

On 2 August 2022, a week after its CEO Mark Begor was deemed "uniquely qualified to lead the Company" and was granted a $25 million bonus package by Equifax's board, the Wall Street Journal reported that Equifax had sent millions of incorrectly calculated credit scores to lenders. [38] [39] Equifax acknowledged reporting inaccurate credit scores, but insisted the errors had affected only a few people. The following day, a class-action lawsuit was filed by Jacksonville, Florida resident Nydia Jenkins against Equifax alleging she had received a "substantially pricier car loan" (resulting in an additional loan payment of $2,352 more per year) due to Equifax reporting her credit score 130 points off from what it should have been. [40] [41]

In February 2023, it was announced Equifax had acquired the Barueri-headquartered credit bureau, Boa Vista Serviços for $596 million, [42] starting to trade on the B3 in São Paulo, under the symbol EFXB31.

Products

Equifax primarily operates in the business-to-business sector, selling consumer credit and insurance reports and related analytics to businesses in a range of industries.[ citation needed ] Business customers include retailers, insurance firms, healthcare providers, utilities, government agencies, as well as banks, credit unions, personal and specialty finance companies and other financial institutions.[ citation needed ] Equifax sells businesses credit reports, analytics, demographic data, and software. [43] Credit reports provide detailed information on the personal credit and payment history of individuals, indicating how they have honored financial obligations such as paying bills or repaying a loan. [43] Credit grantors use this information to decide what sort of products or services to offer their customers, and on what terms. [43] Equifax also provides commercial credit reports containing financial and non-financial data on businesses of all sizes. Equifax collects and provides data through the National Consumer Telecom and Utilities Exchange (NCTUE), an exchange of non-credit data including consumer payment history on telecommunications and utility accounts. [43] [44] [45]

In 1999, Equifax began offering services to the credit consumer sector in addition, such as credit fraud and identity theft prevention products. [43] Equifax and other credit monitoring agencies are required by law to provide US residents with one free credit file disclosure every 12 months; the Annualcreditreport.com website incorporates data from U.S. Equifax credit records. [43]

Equifax also offers fraud prevention products based on device fingerprinting such as "FraudIQ Authenticate Device." [43]

Equifax also offers a credit protection service, called Equifax Protect. [46]

Security failings

According to senator Michael Crapo, "The amount of data that the private industry and Government collect and store is very concerning. There is intrinsic vulnerability in collecting and storing personal financial information, and we need to have a meaningful discussion on how to protect and limit access to it." [47]

2016 advance-warnings of insecure systems

According to an October 2017 report from Motherboard, around December 2016, a security researcher examining Equifax's servers found that an online portal, created for Equifax employees only, was accessible to the open Internet. [48]

"I didn't have to do anything fancy," the researcher told Motherboard, explaining that the site was vulnerable to a basic "forced browsing" bug. The researcher requested anonymity out of professional concerns. "All you had to do was put in a search term and get millions of results, just instantly—in cleartext, through a web app," they said. In total, the researcher downloaded the data of hundreds of thousands of Americans in order to show Equifax the vulnerabilities within its systems. They said they could have downloaded the data of all of Equifax's customers in 10 minutes: "I've seen a lot of bad things, but not this bad."

Motherboard

The same types of sensitive private information of American consumers (names, birth dates, social security numbers, etc.) were exposed as in the May–July breach, according to Motherboard. [48] Additionally, the security researchers said they were able to gain shell access on Equifax's servers and discovered and reported to Equifax additional vulnerabilities. According to the reporting, despite receiving this warning from the security researcher, the affected portal was not closed until six months later in June, well after the March and May–July breaches had begun. [48] Moreover, the employee portal was reportedly not the same server targeted in the later breaches, which Motherboard speculates may suggest multiple breaches by more than one party may have occurred. [48]

March 2017 security breach

On September 18, 2017, Bloomberg News reported that Equifax had been the victim of a "major breach of its computer systems" in March 2017, and that in early March it had begun "notifying a small number of outsiders and banking customers" about this attack. [49]

According to Bloomberg, a person familiar with the breach believed this early-March intrusion may have been carried out by the same party that breached Equifax's computer systems again in May. According to Bloomberg, Equifax enlisted Mandiant (owned by FireEye, Inc.) to assist in investigating the March attack. The same cybersecurity firm was hired following the May–July breach. [49]

May–July 2017 data breach

Between May and July 2017, currently unidentified hackers were able to use a known exploit on one of Equifax' web servers that had yet to be updated to access the credit records of more than 140 million Americans as well as some British and Canadian citizens before the breach was detected and shut down. Equifax disclosed the breach on September 7, 2017, after determining the means and scope of the breach. [50] The event was considered "one of the biggest data breaches in history." [51]

Several consumers filed lawsuits in small-claims court against Equifax due to the breach, while Equifax later came to a $575 million settlement with the Federal Trade Commission to offer either a cash payment or credit monitoring for those affected by the breach. [52] The data from the breach has yet to be seen on black markets or the dark web by security experts, making it difficult to identify the origin of the breach. However, in February 2020, the United States Department of Justice indicted four members of China's People's Liberation Army on nine charges related to the breach, which China has denied. [53] [54]

2017 exposure of Argentine consumer data

In September 2017, Brian Krebs revealed that the Argentine arm of Equifax had left private data from approximately 14,000 consumers, and more than 100 staff members, available to anyone who entered "admin" as both the username and password for one of its online systems. [55] [56]

2017 withdrawal of vulnerable mobile apps

On September 7, 2017, the same day as Equifax announced a large security breach, Equifax removed its official mobile apps from the Apple App Store and from Google Play. [57] While these apps themselves were not reportedly connected to that breach, they had security flaws of their own, being vulnerable to man-in-the-middle attacks owing to some parts using HTTP instead of HTTPS. [58]

2017 exposure of American salary data

On October 8, 2017, Krebs reported that The Work Number, a website operated by Equifax's TALX division, exposed the salary histories for employees of tens of thousands of US companies to anyone in possession of the employee's Social Security Number and date of birth. [59] [60] For roughly half the US population, both of the latter pieces of data are known to be in possession of criminals, following Equifax's May–July 2017 security breach. [59] [60] In July 2019, Equifax settled with the Federal Trade Commission for $700 million. This number contains a $380,500,000 consumer restitution fund, part of the class action lawsuit. [61]

Website malware

On October 12, 2017, Equifax's website was reported to have been offering visitors malware via drive-by download. [62] [63] The malware was disguised as an update for Adobe Flash. [62] [63] [64] [65] At that time, only 3 out of 65 top anti-malware products provided protection against the particular malware, meaning that many visitors were at risk of having their computers infected when visiting the Equifax website. [64]

On October 13, 2017, the attack was revealed to have been performed by hijacking third-party analytics JavaScript from Digital River brand FireClick. [66] [67]

Also on October 13, 2017, the U.S. Internal Revenue Service was reported to have suspended a $7.2 million contract with Equifax as a result of the attack. [68]

Criticism

In 1982, Retail Credit Company was criticized for collecting "...facts, statistics, inaccuracies and rumors... about virtually every phase of a person's life; his marital troubles, jobs, school history, childhood, sex life, and political activities." [69]

The company was charged with rewarding its employees for collecting negative information on consumers in the 1970s. There was a consent decree. In 1975 the company changed its name to "Equifax"reportedly to counteract its tarnished reputation. [70]

Lawsuits and fines

The company has been fined by the Federal Trade Commission on two occasions for violating the Fair Credit Reporting Act ("FCRA"). In 2000, Equifax, along with Experian and TransUnion, was fined $2.5 million for blocking and delaying phone calls from consumers trying to get information about their credit. In 2003, the FTC took Equifax to court for the same reason and settled its lawsuit with the company for a fine of $250,000. [71] [72]

In July 2013, a federal jury in Oregon awarded $18.6 million to Julie Miller of Marion County against Equifax for violations of the Fair Credit Reporting Act. [73] In her lawsuit, Miller alleged Equifax had merged her credit reports with another person with a different Social Security number, date of birth, and address. Miller contacted Equifax repeatedly in writing and over the telephone, but Equifax refused to delete dozens of false collection accounts from Miller's credit report. [74] The award included $18.4 million in punitive damages, and $180,000 in compensatory damages. Miller's lawyer, Justin Baxter, explained that the false reporting damaged Miller's reputation, she was denied credit, and her private information was given to businesses Miller had no relationship with. [75] The jury's verdict is believed to be the largest award in an individual case under the Fair Credit Reporting Act. [76] An Equifax spokesperson said that Equifax is considering appealing the jury's verdict. [77] A federal judge reduced the award to $1.62 million in 2014. [78]

In 2014, Equifax and Heartland Bank were sued by Kimberly Haman of the St. Louis area for reporting she was dead. [79] [80] A Heartland Bank spokesperson said the bank "immediately investigated and contacted the credit reporting agencies after Haman reported" she was still alive. [79] An Equifax "spokesperson told the Post-Dispatch that Equifax blocked the Heartland account information from appearing on Haman's credit report after a reporter's inquiry." [73] [79]

In April 2014, Equifax was sued in New York federal court by God Gazarov, who claimed the company erroneously reports him as having no credit history because of his unusual first name. [81] Gazarov settled his lawsuit in May 2015, with Equifax agreeing to enter his name into their database. [82]

On November 4, 2017, it was reported that a group of five Oklahomans had sued the company, claiming that Equifax "violated laws which require financial institutions to protect the security of their customers' personal information." [83] Equifax selected the law firm DLA Piper to work on the case in D.C. It had turned to Edelman for earlier crisis control after the October 2017 privacy breach. [84]

Consumer lawsuits claiming damages under the FCRA have been successful in small claims court. [85]

Equifax software engineer Sudhakar Reddy was charged with insider trading for purchasing options prior to the disclosure of the 2017 data breach. [86] [87]

In January 2020, Equifax agreed to a global settlement with the Federal Trade Commission, the Consumer Financial Protection Bureau, and 50 U.S. states and territories. For those that were affected by the data breach, there were open suggestions to file claims against it. The settlement includes up to $425 million to help people affected by the data breach. [88] [89] Equifax ultimately reached a settlement with regulators for up to $700 million. [90]

In October 2023, the UK's Financial Conduct Authority fined Equifax more than £11 million for failing to secure UK customer data. [91]

In May 2024, mortgage lenders First Financial Lending and Greystone Mortgage filed a proposed class-action lawsuit against Equifax, accusing the company of monopolizing the market for electronic income and employment verification services, allegedly leading to higher prices. [92] [93]

See also

Related Research Articles

<span class="mw-page-title-main">Identity theft</span> Deliberate use of someone elses identity

Identity theft, identity piracy or identity infringement occurs when someone uses another's personal identifying information, like their name, identifying number, or credit card number, without their permission, to commit fraud or other crimes. The term identity theft was coined in 1964. Since that time, the definition of identity theft has been legally defined throughout both the U.K. and the U.S. as the theft of personally identifiable information. Identity theft deliberately uses someone else's identity as a method to gain financial advantages or obtain credit and other benefits. The person whose identity has been stolen may suffer adverse consequences, especially if they are falsely held responsible for the perpetrator's actions. Personally identifiable information generally includes a person's name, date of birth, social security number, driver's license number, bank account or credit card numbers, PINs, electronic signatures, fingerprints, passwords, or any other information that can be used to access a person's financial resources.

A credit score is a number that provides a comparative estimate of an individual's creditworthiness based on an analysis of their credit report. It is an inexpensive and main alternative to other forms of consumer loan underwriting.

<span class="mw-page-title-main">Experian</span> Irish multinational consumer credit reporting company

Experian is a multinational data analytics and consumer credit reporting company headquartered in Dublin, Ireland. Experian collects and aggregates information on over 1 billion people and businesses including 235 million individual U.S. consumers and more than 25 million U.S. businesses. It is listed on the London Stock Exchange and is a constituent of the FTSE 100 Index. Experian is a partner in USPS address validation. It is one of the "Big Three" credit-reporting agencies, alongside TransUnion and Equifax.

<span class="mw-page-title-main">Social engineering (security)</span> Psychological manipulation of people into performing actions or divulging confidential information

In the context of information security, social engineering is the psychological manipulation of people into performing actions or divulging confidential information. A type of confidence trick for the purpose of information gathering, fraud, or system access, it differs from a traditional "con" in the sense that it is often one of the many steps in a more complex fraud scheme. It has also been defined as "any act that influences a person to take an action that may or may not be in their best interests."

<span class="mw-page-title-main">Fair Credit Reporting Act</span> U.S. federal legislation

The Fair Credit Reporting Act (FCRA), 15 U.S.C. § 1681 et seq., is federal legislation enacted to promote the accuracy, fairness, and privacy of consumer information contained in the files of consumer reporting agencies. It was intended to shield consumers from the willful and/or negligent inclusion of erroneous data in their credit reports. To that end, the FCRA regulates the collection, dissemination, and use of consumer information, including consumer credit information. Together with the Fair Debt Collection Practices Act (FDCPA), the FCRA forms the foundation of consumer rights law in the United States. It was originally passed in 1970, and is enforced by the U.S. Federal Trade Commission, the Consumer Financial Protection Bureau, and private litigants.

TransUnion LLC is an American consumer credit reporting agency. TransUnion collects and aggregates information on over one billion individual consumers in over thirty countries including "200 million files profiling nearly every credit-active consumer in the United States". Its customers include over 65,000 businesses. Based in Chicago, Illinois, TransUnion's 2014 revenue was US$1.3 billion. It is the smallest of the three largest credit agencies, along with Experian and Equifax.

<span class="mw-page-title-main">Capital One</span> Bank holding company headquartered in McLean, Virginia

Capital One Financial Corporation is an American bank holding company founded on July 21, 1994 and specializing in credit cards, auto loans, banking, and savings accounts, headquartered in Tysons, Virginia with operations primarily in the United States. It is the 12th largest bank in the United States by total assets as of December 31, 2022, the third largest issuer of Visa and Mastercard credit cards, and one of the largest car finance companies in the United States.

A credit freeze allows an individual to control how a consumer reporting agency is able to sell personal financial identity data. The credit freeze locks the data at the consumer reporting agency until the individual gives permission for the release of the data.

LifeLock Inc. was an American software company active from 2005 to 2017. The company was best known for its eponymous LifeLock identity theft prevention software, now sold by Gen Digital after the latter acquired LifeLock in 2017. LifeLock's system monitors for identity theft, the use of personal information, and credit score changes.

<span class="mw-page-title-main">Credit card fraud</span> Financial crime

Credit card fraud is an inclusive term for fraud committed using a payment card, such as a credit card or debit card. The purpose may be to obtain goods or services or to make payment to another account, which is controlled by a criminal. The Payment Card Industry Data Security Standard is the data security standard created to help financial institutions process card payments securely and reduce card fraud.

<span class="mw-page-title-main">MyLife</span> Online information broker

MyLife is an American information brokerage firm. Founded by Jeffrey Tinsley in 2002 as Reunion.com, it changed names following a 2008 merger with Wink.com. MyLife gathers personal information through public records and other sources to automatically generate a "MyLife Public Page" for each person. These pages can list a variety of personal information, including an individual's age, past and current home addresses, phone numbers, email addresses, employers, education, photographs, relatives, political affiliations, a mini-biography.

Equifax Workforce Solutions, formerly known as TALX, is a wholly owned subsidiary of Equifax. It is based in St. Louis, Missouri. The company was originally founded in 1972 under the name Interface Technology Inc. The company maintains a database named "The Work Number" that holds and maintains employment and payroll information on 54 million American people. As of 2015, the company was the largest source of employment information in the United States, and collects information from over 7,000 employers.

<span class="mw-page-title-main">R1 RCM</span> U.S. healthcare company

R1 RCM Inc. is an American 'revenue cycle management' company servicing hospitals, health systems and physician groups across the United States.RCM is the process of managing all revenue-generation functions in a healthcare organization. It requires an understanding of the revenue cycle and begins when a patient seeks the organization's medical services and ends when the organization has collected all payments from the patient and/or their insurer. R1 has over 1,000 clients across the United States, including hospitals, health systems, and physician groups. R1 RCM employs more than 27,200 people and generates approximately $2.1 billion in annual revenue.

Identity theft involves obtaining somebody else's identifying information and using it for a criminal purpose. Most often that purpose is to commit financial fraud, such as by obtaining loans or credits in the name of the person whose identity has been stolen. Stolen identifying information might also be used for other reasons, such as to obtain identification cards or for purposes of employment by somebody not legally authorized to work in the United States.

In 2013 and 2014, the American web services company Yahoo was subjected to two of the largest data breaches on record. Although Yahoo was aware, neither breach was revealed publicly until September 2016.

The gathering of personally identifiable information (PII) refers to the collection of public and private personal data that can be used to identify individuals for various purposes, both legal and illegal. PII gathering is often seen as a privacy threat by data owners, while entities such as technology companies, governments, and organizations utilize this data to analyze consumer behavior, political preferences, and personal interests.

<span class="mw-page-title-main">Rohit Chopra</span> American consumer advocate (born 1982)

Rohit Chopra is an American consumer advocate who is the third director of the Consumer Financial Protection Bureau (CFPB) and previous member of the Federal Trade Commission (FTC). Prior to this, Chopra served as assistant director of the CFPB and as the agency's first Student Loan Ombudsman, an office created by the Dodd–Frank Act.

Between May and July 2017, American credit bureau Equifax was breached. Private records of 147.9 million Americans along with 15.2 million British citizens and about 19,000 Canadian citizens were compromised in the breach, making it one of the largest cybercrimes related to identity theft. Equifax discovered the breach end of July, but did not disclose it to the public until September 2017. In a settlement with the United States Federal Trade Commission, Equifax offered affected users settlement funds and free credit monitoring.

References

  1. "The New Equifax Boss Wants to Make Amends. We Have Some Questions". The New York Times. April 5, 2019. Retrieved April 6, 2019.
  2. "Equifax, Inc. (EFX) Income Statement - Yahoo Finance". finance.yahoo.com.
  3. "Equifax Inc. 2023 Annual Report (Form 10-K)". SEC.gov. U.S. Securities and Exchange Commission. February 22, 2024.
  4. "How to protect yourself against the theft of your identity". The Economist . September 14, 2017. Retrieved September 15, 2017.
  5. "All Products and Solutions | Business | Equifax". Equifax.com. Retrieved September 23, 2017.
  6. Equifax. "All Credit Score, Credit Report & Identity Theft Products | Equifax". Equifax.com. Retrieved September 23, 2017.
  7. "Company Profile". equifax.co.uk. Equifax. Archived from the original on December 25, 2014. Retrieved December 8, 2014.
  8. "Equifax". New Georgia Encyclopedia. Retrieved June 13, 2020.
  9. Anderson, Raymond (August 30, 2007). The Credit Scoring Toolkit: Theory and Practice for Retail Credit Risk Management and Decision Automation. OUP Oxford. ISBN   978-0-19-922640-5.
  10. "Equifax breach just another page in the sordid history of credit bureaus". Mortgage Rates, Mortgage News and Strategy : The Mortgage Reports. September 18, 2017. Retrieved June 13, 2020.
  11. 1 2 3 4 "Separating Equifax from fiction", Wired, September 1995, retrieved September 13, 2007
  12. "The Equifax Way". jacobin.com. Retrieved August 19, 2023.
  13. FTC (2020). "A Summary of Your Rights Under the Fair Credit Reporting Act" (PDF). FTC. Archived from the original (PDF) on June 21, 2020. Retrieved June 12, 2020.
  14. "Equifax Inc | Encyclopedia.com". www.encyclopedia.com. Retrieved June 13, 2020.
  15. SEC Archives (December 31, 2001). "ANNUAL REPORT PURSUANT TO SECTION 13 OR 15(D) OF THE SECURITIES EXCHANGE ACT OF 1934 FOR THE FISCAL YEAR ENDED DECEMBER 31, 2001". SEC. Retrieved June 12, 2020.
  16. "GeoTrust acquires Equifax's digital certificate business". www.bizjournals.com. Retrieved June 13, 2020.
  17. 1 2 "DEFINITIVE PROXY STATEMENTS RELATING TO MERGER OR ACQUISITION". www.sec.gov. Retrieved June 13, 2020.
  18. Kearney, Brendan (October 4, 2011). "Equifax buys local eThority: Company to stay, grow in Charleston, founder says". The Post and Courier.
  19. Goot, Murray (May 15, 2019). "Who controls opinion polling in Australia, what else we need to know about the polls, and why it matters". Inside Story. Archived from the original on February 11, 2022. Retrieved February 11, 2022.
  20. "The Dizzying Number Of CFPB Complaints Against Equifax Since 2012 Should Infuriate You". Fast Company. September 18, 2017. Retrieved September 18, 2017.
  21. Equifax (September 7, 2017), Rick Smith, Chairman and CEO of Equifax, on Cybersecurity Incident Involving Consumer Data. , retrieved September 12, 2017
  22. "Equifax just discovered 2.4M more account breaches". NBC News. Retrieved March 1, 2018.
  23. "NVD - CVE-2017-5638". nvd.nist.gov.
  24. "Equifax, Apache Struts, and CVE-2017-5638 vulnerability | Synopsys". Software Integrity Blog. September 16, 2017. Retrieved February 17, 2020.
  25. "Equifax CIO Put '2 and 2 Together' Then Sold Stock, SEC Says". July 19, 2019. Retrieved July 20, 2019.
  26. "Former Equifax employee sentenced for insider trading". www.justice.gov. June 27, 2019. Retrieved July 20, 2019.
  27. "Former Equifax Executive Gets 4 Months for Insider Trading | SecurityWeek.Com". www.securityweek.com.
  28. Saunders, Jessica (October 17, 2018). "Former Equifax manager sentenced to 8 months home confinement for insider trading". The Atlanta Business Chronicle.
  29. "Ex-Equifax Manager Gets Home Confinement for Insider Trading | SecurityWeek.Com". www.securityweek.com.
  30. Cowley, Stacy; Eavis, Peter (July 19, 2019). "Equifax Is Said to Be Near $650 Million Settlement for Data Breach". The New York Times. ISSN   0362-4331 . Retrieved July 20, 2019.
  31. "Equifax agrees to pay $700M after massive data breach". New York Post. Associated Press. July 20, 2019. Retrieved July 20, 2019.
  32. Continuing Coverage: Data Privacy. "Report: Equifax to pay $700 million in breach settlement". The Atlanta Journal-Constitution. Associated Press. Retrieved July 20, 2019.{{cite news}}: |author= has generic name (help)
  33. Warzel, Charlie (September 16, 2019). "Opinion | Equifax Doesn't Want You to Get Your $125. Here's What You Can Do". The New York Times. ISSN   0362-4331 . Retrieved September 16, 2019.
  34. "Want that $125 from Equifax? Don't ignore the company's latest email". www.cbsnews.com. September 10, 2019. Retrieved September 16, 2019.
  35. "That $125 payment from Equifax? You shouldn't count on it". www.cbsnews.com. July 31, 2019. Retrieved September 16, 2019.
  36. Leonhardt, Megan (December 19, 2019). "If you made a claim for $125 from Equifax, you're not getting it after court awards nearly $80 million to attorneys". CNBC. Retrieved December 20, 2019.
  37. "Equifax acquires Ansonia expanding leadership in commercial credit data solutions". IBSIntelligence. July 27, 2020. Archived from the original on July 28, 2020. Retrieved July 28, 2020.
  38. Andriotis, Andrew Ackerman and AnnaMaria (August 2, 2022). "WSJ News Exclusive | Equifax Sent Lenders Inaccurate Credit Scores on Millions of Consumers". Wall Street Journal. ISSN   0099-9660 . Retrieved August 3, 2022.
  39. Alexandra Peers (August 3, 2022). "Equifax issued wrong credit scores for millions". CNN. Retrieved August 3, 2022.
  40. "Jenkins v. Equifax - Complaint.pdf". Google Docs. Retrieved August 4, 2022.
  41. "Equifax sued over erroneous credit scores sent for "millions" of Americans". www.cbsnews.com. August 4, 2022. Retrieved August 4, 2022.
  42. "Equifax to acquire Brazilian credit bureau Boa Vista Serviços for $596m". NS Banking. February 10, 2023. Retrieved February 10, 2023.
  43. 1 2 3 4 5 6 7 Gupta, Rohit (December 6, 2018). Reward and Donation Crowdfunding: A Complete Guide for Emerging Startups. Notion Press. ISBN   978-1-68466-089-6.
  44. Ann Carrns (September 14, 2018). "Freezing Credit Will Now Be Free. Here's Why You Should Go for It". The New York Times . Retrieved September 22, 2018.
  45. Brian Krebs (May 9, 2018). "Think You've Got Your Credit Freezes Covered? Think Again". KrebsonSecurity . Retrieved September 22, 2018.
  46. Levingston, Rebecca (October 16, 2022). "Have you heard of 'Equifax'?". ABC Brisbane. Retrieved May 18, 2023.
  47. "- AN EXAMINATION OF THE EQUIFAX CYBERSECURITY BREACH". www.govinfo.gov. Retrieved June 13, 2020.
  48. 1 2 3 4 "Breaking: Equifax Knew of Security Flaws Months Before It Was Hacked". Motherboard. October 26, 2017. Retrieved October 29, 2017.
  49. 1 2 Riley, Michael, Anita Sharpe, and Jordan Robertson, "Equifax Suffered a Hack Almost Five Months Earlier Than the Date It Disclosed", Bloomberg News, September 18/19, 2017.
  50. Haselton, Todd (September 7, 2017). "Credit reporting firm Equifax says cybersecurity incident could potentially affect 143 million US consumers". cnbc.com. Retrieved September 8, 2017.
  51. "The end of the cloud is coming", VentureBeat, Victor Charypar, November 4, 2017
  52. "Equifax to Pay $575 Million as Part of Settlement with FTC, CFPB, and States Related to 2017 Data Breach". Federal Trade Commission. July 19, 2019. Retrieved July 25, 2019.
  53. Benner, Katie (February 10, 2020). "U.S. Charges Chinese Military Officers in 2017 Equifax Hacking". The New York Times . Retrieved February 10, 2020.
  54. "Data from Equifax credit hack could "end up on the black market," expert warns". CBS News . February 11, 2020. Retrieved February 11, 2020.
  55. "Equifax reportedly used 'admin' as password in Argentina". Cnet.com. Retrieved September 16, 2017.
  56. "Equifax suffers fresh data breach". BBC News. September 13, 2017. Retrieved September 16, 2017.
  57. "Equifax's app has disappeared from Apple's App Store and Google Play". Fastcompany.com. September 11, 2017. Retrieved September 16, 2017.
  58. "Here's Why Equifax Yanked Its Apps From Apple And Google Last Week". Fast Company . September 15, 2017. Retrieved September 16, 2017.
  59. 1 2 "Equifax Breach Fallout: Your Salary History — Krebs on Security". krebsonsecurity.com. October 9, 2017. Retrieved October 11, 2017.
  60. 1 2 "Equifax will give your salary history to anyone with your SSN and date of birth / Boing Boing". boingboing.net. October 10, 2017. Retrieved October 11, 2017.
  61. Statt, Nick (July 25, 2019). "Equifax owes you a lot more, but here's how to get $125 from this week's settlement". The Verge. Retrieved August 2, 2019.
  62. 1 2 Goodin, Dan (October 12, 2017). "Equifax website hacked again, this time to redirect to fake Flash update". Ars Technica. Retrieved October 12, 2017.
  63. 1 2 Schroeder, Stan. "Equifax may have been hacked again and it's not even funny anymore". Mashable. Retrieved October 12, 2017.
  64. 1 2 Humphries, Matthew. "Equifax Website Hacked Again". PCMAG. Retrieved October 12, 2017.
  65. Puzzanghera, Jim; Raab, Lauren (October 12, 2017). "Equifax website is apparently hacked". Los Angeles Times. ISSN   0458-3035 . Retrieved October 12, 2017.
  66. Goodin, Dan. "Equifax rival TransUnion also sends site visitors to malicious pages". Ars Technica UK. Retrieved October 13, 2017.
  67. Kovacs, Eduard. "Malicious Redirects on Equifax, TransUnion Sites Caused by Third-Party Script | SecurityWeek.Com". www.securityweek.com. Retrieved October 13, 2017.
  68. David, Kravets (October 13, 2017). "After second bungle, IRS suspends Equifax's "taxpayer identity" contract". Ars Technica. Retrieved October 16, 2017.
  69. WIRED Magazine referenced a March 1970 edition of The New York Times, which included an article by Columbia University Professor Alan Westin. No specific date or article is referenced. Simson Garfinkel, Separating Equifax from Fiction , September 1995.
  70. Simson Garfinkel, Separating Equifax from Fiction, WIRED Magazine, September 1995.
  71. Equifax Fined $250,000 Fine By FTC Archived October 7, 2008, at the Wayback Machine , NBC 10, August 3, 2003, retrieved September 13, 2007
  72. "Equifax to Pay $250,000 to Settle Charges". ConsumerAffairs.com. July 30, 2003. Archived from the original on August 17, 2007. Retrieved July 23, 2007.
  73. 1 2 Patrick, Robert (February 8, 2014). "'Excuse me, I'm not dead' St. Louis County woman pleads to her bank". St. Louis Post-Dispatch. Retrieved February 18, 2014.
  74. "An $18 Million Lesson in Handling Credit Report Errors". The New York Times. August 2, 2013. Retrieved August 2, 2013.
  75. "Equifax must pay $18.6 million after failing to fix Oregon woman's credit report". The Oregonian. Archived from the original on July 29, 2013. Retrieved July 26, 2013.
  76. "Jury Awards $18.6M For Equifax Credit Report Mix-up". ABC News . Archived from the original on December 15, 2013. Retrieved July 29, 2013.
  77. "Equifax weighs appealing $18.6M award to consumer". Ajc.com. Retrieved July 31, 2013.
  78. "Judge cuts Oregon woman's award in Equifax case". Oregonlive.com. January 30, 2014. Retrieved February 3, 2015.
  79. 1 2 3 Weiss, Debra Cassens (February 11, 2014). "Woman sues in effort to prove she is alive". ABA Journal. Retrieved February 18, 2014.
  80. Gershman, Jacob (February 10, 2014). "Woman Listed as Deceased Files Lawsuit Claiming She's Alive". Wall Street Journal Law Blog. Retrieved February 18, 2014.
  81. White, Martha C. (April 11, 2014). "God Just Wants Some Credit, So He's Suing Equifax". NBC News. Retrieved April 22, 2014.
  82. "Man with 1st name 'God' settles with credit rating agency". AP News. May 29, 2015. Archived from the original on October 30, 2023. Retrieved October 30, 2023.
  83. "Oklahomans File Lawsuit Against Equifax", NewsOn6, November 4, 2017
  84. "Equifax Picks DLA Piper", Kevin McCauley, O'Dwyer's, October 23, 2017
  85. "Equifax is losing appeals". Yahoo Finance. March 9, 2018.
  86. Wilhelm, Colin (June 28, 2018). "Former Equifax manager charged with insider trading linked to cyber breach". Politico . The SEC says Bonthu bought options before the company's data breach became public and sold them for a profit of more than $75,000
  87. "Former Equifax Manager Charged With Insider Trading". U.S. Securities and Exchange Commission. June 28, 2018. In a complaint filed in federal court in Atlanta today, the SEC charged that Equifax software engineering manager Sudhakar Reddy Bonthu traded on confidential information he received while creating a website for consumers impacted by a data breach.
  88. "Equifax Data Breach Settlement". Federal Trade Commission. July 11, 2019. Retrieved April 12, 2020.PD-icon.svg This article incorporates public domain material from this U.S government document.
  89. "Equifax Data Breach Settlement". Federal Trade Commission. July 11, 2019. Retrieved May 4, 2021.
  90. Bernard, Tara Siegel (January 22, 2020). "Equifax Breach Affected 147 Million, but Most Sit Out Settlement". The New York Times. ISSN   0362-4331 . Retrieved April 13, 2020.
  91. "Financial watchdog fines Equifax Ltd £11 million for role in one of the largest cyber security breaches in history". Financial Conduct Authority. October 12, 2023. Archived from the original on October 22, 2023. Retrieved October 30, 2023.
  92. Nunes, Flávia Furlan (May 31, 2024). "Lenders file class-action lawsuit against Equifax, citing monopoly in work number product". HousingWire. Archived from the original on May 31, 2024. Retrieved June 3, 2024.
  93. Scarcella, Mike (May 29, 2024). "Equifax hit with antitrust class action over work verification services". Reuters . Archived from the original on May 29, 2024. Retrieved June 3, 2024.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.