·
[Editor’s note: This is a guest post from Jeff Knott, assistant vice president at Equifax. Equifax is a bronze sponsor and will be...
Following the Equifax hack, Credit Karma is offering a free service that will alert customers if their information has been compromised; the service is currently being tested and will be available sometime in October; the company accelerated the launch due to the large breach at Equifax and has seen a 50% increase in signups following the hack. Source
American Banker shares some of the companies that may stand to benefit from the Equifax hack as identity verification becomes top of mind; Mitek is planning to roll out a new product called Mobile Verify for Lending; other companies that have similar solutions include Trulioo, VixVerify and AuthenticID. Source
The Consumer Financial Protection Bureau (CFPB) has fined TransUnion and Equifax over $23.2 million for deceptively advertising services; the agencies reportedly advertised credit services costing customers over $200 as free and misled customers about the use of credit reports they obtained; according to the CFPB, TransUnion will pay $13.93 million to consumers and a $3 million fine while Equifax will pay $3.8 million to consumers and a $2.5 million fine. Source
The WSJ reports that the hack actually occurred in March instead of May; the breach wasn’t discovered until July 29th and it was announced to the public on September 7th. Source
Credit bureaus have had a tough past year with the Equifax breach of customer data and new legislation in the U.S. looking to increase competition by allowing lenders to use different sources; changing the credit bureau system is not as easy as it may sound as they have been intertwined in the financial services system for a long time; lenders still use the bureaus for a large majority of lending decisions, even though some alternative bureaus have seen traction; the breach at Equifax could have a lasting effect because people did have a lot of trust in the company to secure their sensitive information like social security numbers; as data sharing in financial services becomes commonplace a premium will need to be placed on how that data is secured. Source.
Capital One recently suffered a data breach resulting from poor security practices that exposed 100 million credit card applications and accounts. They expect the breach to cost the company $150 million. Two years back, Equifax lost 140 million identities, again from poor security practices. At the time, I said that according to GDPR this should cost them $150 million. They have since settled for about $600 million -- though some of that seems to be in-kind services coverage like free credit monitoring (lol!). Separately, Facebook has settled for a $5 billion fine associated with the Cambridge Analytica privacy "breach".