Lawmakers take action on Equifax after cyber breach

After Equifax, the credit reporting bureau, suffered a major cyber breach in which 143 million American consumers' personal data was compromised, lawmakers are taking action.

Why now: It was revealed yesterday that the company's terms of use prevent users from pursuing any type of class-action lawsuit if they use the Equifax site to check whether their info was breached. But the company has since claimed that the arbitration clause doesn't refer to the cyber security breach; rather, it applies to their free credit file monitoring and identity theft protection programs.

• House Energy and Commerce Committee: "After receiving an initial briefing from Equifax, I have decided to hold a hearing on the matter so that we can learn what went wrong and what we need to do to better protect consumers from serious breaches like this in the future," said Rep. Walden, head of the committee.
• House Financial Services Committee: "This is obviously a very serious and very troubling situation and our committee has already begun preparations for a hearing. Large-scale security breaches are becoming all too common. Every breach leaves consumers exposed and vulnerable to identity theft, fraud and a host of other crimes, and they deserve answers," said Chairman Hensarling.
• NY Attorney General Eric Schneiderman tweeted: "This language is unacceptable and unenforceable. My staff has already contacted @Equifax to demand that they remove it." He then announced he's launching a formal investigation into Equifax and that his office will be watching closely.
• Sens. John Thune and Bill Nelson sent Equifax a letter: "This announcement raises a number of concerns given the sensitivity of the personal data implicated and, consequently, the severity of risk consumers may face. As one of the three major credit reporting agencies in the United States, Equifax collects highly-sensitive information on American consumers."

• Sen. Richard Blumenthal: "There is no excuse for Equifax's failure to strengthen its cyber-systems after suffering several previous breaches. The Federal Trade Commission must investigate this breach to assess whether Equifax did everything it could to secure all its systems given the sensitive nature of the consumer data it holds."
• Consumer Watchdog Group called for California's AG Becerra "should block Equifax's attempt to push its victims into arbitration and investigate why public notification of the breach was delayed so long."