Ontario Resident Files $550 Million Lawsuit Against Equifax Over Security Breach
Published September 13, 2017 at 9:33 pm
If you use the Georgia-based consumer credit reporting agency Equifax, you might have heard about the extreme cybersecurity privacy hack that has impacted up to 143 million consumers, including several across Canada. Now, an Ontario resident has proposed class action seeking $550 million in damages on behalf of Canadian victims.
The proposed $550 million class action seeks an order from the Ontario Supreme Court of Justice requiring Equifax to notify Canadians who have been affected, as information was given only to those customers affected in the U.S.
That includes all residents of Canada whose information was stored on Equifax databases and was accessed without authorization between May 1, 2017 and August 1, 2017.
Though Equifax set up a website to provide information to American customers who might have been affected, it was impossible for Canadians to identify whether or not they were affected by the hack.
The statement of claim alleges, among other things, that Equifax breached its contract with class members as well as their privacy rights, was negligent in handling their information, and breached provincial privacy statutes.
“The scope of the privacy breach is unlike virtually any other previous breach,” explains Sotos Partner Jean-Marc Leclerc. “Retailers typically do not store information about social insurance numbers, or track bills, or keep records of items purchased with credit. Equifax does. Fighting identity theft takes years, during which a consumer’s ability to obtain anything with credit is compromised: purchasing a house; renting an apartment; or obtaining a credit card or line of credit, for example.”
On September 7, 2017, Equifax issued a statement saying that “criminals exploited a U.S. website application vulnerability to obtain Social Insurance Numbers, dates of birth, names, addresses, credit card numbers and other personal identifying information of millions of U.S. consumers and an undisclosed number of Canadians.”
Equifax says it discovered the unauthorized access on July 29 and immediately engaged a leading, independent cybersecurity firm that has been conducting a comprehensive forensic review to determine the scope of the intrusion, including the specific data impacted.
For those Canadians who might have been affected by the hack, hopefully, more information will be available soon.
INsauga's Editorial Standards and Policies