Agreement between 8 States & Equifax is a Good First Step

U.S. PIRG

Statement by Mike Litt, consumer campaign director at U.S. PIRG, on news of an agreement between eight states’s banking regulators and Equifax to fix the credit bureaus’ data security flaws.

We’re disappointed that so far no penalties at all have been imposed on Equifax, but the agreement between Equifax and eight states is a good first step. The agreement will help make sure Equifax takes our data security seriously and handles any future security problems responsibly.

Accountability is more likely when every tool in the tool box is used, especially when consumers have no say in their information being collected and sold in the first place. You need it all – meaningful company policies and board oversight, action by state and federal agencies, private lawsuits, strong laws, and public pressure.

Equifax had security measures before its massive data breach. But it failed to detect and fix a security flaw it was told about and then bungled its response after the breach. Clearly, Equifax needs more oversight and the specter of punitive action if it fails to protect our data or handle future security problems responsibly.

-30-

U.S. PIRG is the federation of state Public Interest Research Groups.  PIRGs are non-profit, non-partisan public interest advocacy organizations that stand up to powerful interests whenever they threaten our health and safety, our financial security, or our right to fully participate in our democratic society.