Since Equifax announced that a data breach had left the personal information of tens of millions of people exposed last September, the Consumer Financial Protection Bureau — the US government’s top consumer watchdog — has received more than 20,000 complaints about the company, which is about double the number it received the six months before.
Equifax has said the CFPB is investigating, but thus far the agency hasn’t taken any action. Acting Director Mick Mulvaney is instead trying to make the bureau’s complaint portal private so the public won’t even be able to see what’s happening. Sen. Elizabeth Warren (D-MA), however, would like to know what’s up.
Along with Sens. Brian Schatz (D-HI) and Bob Menendez (D-NJ), Warren released a new report on the Equifax data breach on Monday. The findings: In the six months after Equifax first announced the breach on September 7, 2017, consumers have filed upward of 20,000 complaints regarding the company on the CFPB’s website related to the improper use of a credit report, incorrect information on a report, Equifax’s inadequate resolution to problems after the breach, and the identity theft solutions Equifax put out post-breach.
Despite the number and frequency of complaints, the CFPB has yet to take any punitive action. In fact, the CFPB has taken just one enforcement action at all since Mulvaney took over.
“The bottom-line is simple: Consumers are reaching out to the CFPB to help them deal with Equifax-related problems at nearly twice the rate they did before the recent data breach,” the report reads. “As part of its duty to consumers, the CFPB must continue a full-throated investigation into the Equifax breach, including the company’s response and its effort to work with consumers to mitigate the harm and repair any damage.”
The report includes some details of complaints filed by consumers, including one who claimed to have a job opportunity denied because of an Equifax credit report with false accounts and another who said they were directed to call six different phone numbers after the breach. “I have been a victim of identity theft and I have suffered from the credit breach,” another consumer wrote.
It’s been hard to get a read on exactly what the CFPB is up to, and whether Mulvaney, who took over for the Obama-appointed Richard Cordray in November, is taking the matter seriously. Reuters reported in February that the CFPB was scaling back its probe of Equifax, but the agency has denied the report. “The bureau is looking into Equifax’s data breach and response,” an agency spokesperson said in an email to Vox at the time. “Reports to the contrary are incorrect.”
The CFPB typically does not publicly confirm or deny confidential enforcement activities, but Equifax itself revealed the probe in its regulatory filings with the Securities and Exchange Commission.
While speaking with bankers and lending industry professionals at the American Bankers Association conference last week, Mulvaney said he wants to make the complaints portal, where consumers can file complaints about financial products and services, private, meaning nobody would know what harm Equifax and other companies might be causing customers and how the CFPB is responding. “I don’t see anything in here that says I have to run a Yelp for financial services sponsored by the federal government,” he said, holding up a copy of the Dodd-Frank financial reform law, according to the Wall Street Journal.
(That’s the same conference where Mulvaney said that as a member of Congress he only met with lobbyists who donated to his campaign.)
The Equifax breach was really bad, and the government has yet to offer a real response to it.
143 million of Equifax’s US users — or about half of the country’s population — had their personal information compromised in a data breach that spanned several weeks in the spring and summer. (Equifax has subsequently revised up that number twice; it now says the breach affected 148 million people.)
The company waited about
Sourse: vox.com