The following first appeared on Al Franken’s Facebook page:
“Equifax is one of the largest credit bureaus in the United States. They track the consumer financial information—like loans and credit card payment history—that serves as the basis for your credit score, and they store personal information ranging from social security numbers to home addresses. Yesterday, Equifax broke the news that their databases were breached in a massive cybersecurity attack, putting the sensitive information of nearly 145 million Americans at risk.
Now, first and foremost, I urge everybody to take stock of your accounts. Check up on your bank accounts regularly, sign up for a reputable credit monitoring service as soon as possible, and be extremely careful before opening emails or clicking links.
But I’m concerned about a specific remedy that Equifax is offering customers and consumers.
I’ve long fought to limit something called forced arbitration clauses—which is fine print that giant corporations bury into contracts in order to insulate themselves from liability. Mandatory, forced arbitration agreements lock you, the consumer, out of pursuing meaningful justice in the courts after you’ve been wronged. And these agreements can also prevent you from banding together with other victims in class-action lawsuits.
In the wake of this massive breach, Equifax has said that anyone who signs up for its own credit monitoring service—which is called TrustedID—must waive their rights to sue or join a class-action suit.
This is not how business should be done. When a company fails to protect its customers, they should take responsibility rather than look for ways to get off the hook. And furthermore, many caught up in this breach aren’t even paying customers—they’re everyday consumers whose information has been aggregated by Equifax for years.
I plan to ask Equifax to clarify what exactly the legal rights are for the reportedly 143 million Americans whose information was caught up in this cyberattack. Americans deserve to know what they can do to prevent their livelihoods from being ruined by hackers and identify theft, and Equifax needs to give that information to them as soon as possible.
In the meantime, if you believe you’ve been affected by the breach, I still strongly urge you to seek out a trustworthy credit monitoring service. And you can read more about protecting your identity here: https://www.consumer.ftc.gov/fe…/feature-0014-identity-theft”