If you believe you have been affected by this data breach, and would like to consult with an attorney, please complete a brief questionnaire here.

On September 8, 2017, Cohen Milstein filed a putative data privacy breach class action, Washburn, et al v. Equifax, Inc., Case No. 1:17-cv-03451-MHC, U.S. District Court, Northern District of Georgia, Atlanta Division, against Equifax, a leading credit-reporting company that safeguards some of the most sensitive financial and personal information of over 143 million individuals across the United States.

Case Background

On September 7, 2017, Equifax announced that a massive cybersecurity data breach had occurred in its data systems from mid-May through July 2017. This hack allowed criminals to access personally identifiable information (“PII”) such as names, Social Security numbers, birth dates, addresses, and driver’s license numbers, for millions of individuals. In addition, Equifax reported that the hackers gained access to approximately 209,000 customers’ credit card numbers, and had gained access to financial dispute documents containing PII for approximately 182,000 U.S. customers.

Equifax admitted that it discovered the unauthorized access on July 29, 2017, yet did not inform the public of this breach until more than a month later.

The complaint alleges that Equifax’s wrongful conduct includes failing to take adequate and reasonable measures to ensure its data systems were protected, failing to take available steps to prevent and stop the breach from ever happening, failing to disclose the material facts that it did not have adequate computer systems and security practices to safeguard consumers’ financial and personal data, and failing to provide timely and adequate notice of the data breach.

The complaint further alleges that Equifax’s actions and failure to act when required has caused Plaintiffs and millions of others to suffer harm and/or face the significant risk of future harm, including but not limited to: a) unauthorized charges on their debit and credit card accounts; b) theft of their personal and financial information; c) costs associated with the detection and prevention of identity theft and unauthorized use of their financial accounts; d) loss of use of and access to their account funds; e) the imminent and certainly impending injury flowing from potential fraud and identify theft posed by their credit card and personal information being placed in the hands of criminals; and f) continued risk to their financial and personal information.

Plaintiffs seek to recover monetary damages, injunctive relief, and other remedies for violations of state statutes and the common law.

For media inquiries, please contact: Desmond Lee at 646.517.1826 or Denise Luu at 626.382.6217 or send an email.