State Of Indiana Sues Equifax Over 2017 Data Breach

The massive data breach exposed the credit information of 150 million Americans, including almost 4 million in Indiana.

(Indianapolis, Ind.) – The State of Indiana wants Equifax to pay for exposing the information on nearly four million people in the state. 

The state filed a lawsuit Monday over the 2017 data breach at Equifax. The breach at one of the world’s largest credit reporting bureaus resulted in almost 150 million people across the country having their information exposed, including 3.9 million Hoosiers.  

“Data breaches such as this one cause real harm to real people,” Indiana Attorney General Curtis Hill said. “Hoosiers trust us to work hard every day to ensure their safety and security. This action against Equifax results from an extensive investigation, and we will continue our diligent efforts to protect consumers from illegal or irresponsible business activities.”

The lawsuit seeks civil penalties, consumer restitution, costs and injunctive relief.

The U.S. House of Representatives Committee on Oversight and Government Reform investigation concluded the breach from May 13 through July 30, 2017 was “entirely preventable.”

Indiana's lawsuit says Equifax prioritized profits over data security. During the time the break took place, according to the AG, the company also pursued aggressive cost-cutting measures that included the outsourcing of some of the company’s mission-critical systems. That outsourcing led to understaffing of vital functions and treated patching and vulnerability remediation as unimportant.

Also, the company is accused of violating Payment Card Industry standards, including storing some consumer payment card information in clear text.

Hill’s office said that Equifax knew PCI certification required all components of the payment card processing system and connected network to comply with the PCI standards. To date, no entity fully compliant with PCI Data Security Standard appears to have been breached. 

“Despite its knowledge, Equifax made a conscious choice to break the rules. It continues to break the rules even today, continuing to expose consumers to risks without warning. Equifax continues to accept and process payment cards in its U.S. operations, despite the fact that as of April 29 its full U.S. operations still had not been certified as compliant, as required by the PCI rules,” according to the Office of the Indiana Attorney General.

More from Local News


Events

Oldenburg Academy Receives Generous Grant to Support Launch of Robotics Team

A countywide VEX VRC High School robotics team is composed of students from Ripley County.

Aurora Elementary Teacher Hopes to Win America's Favorite Teacher Competition

In order to win, Lori Friedhoff needs your votes.

Batesville Location Selected for EV Charging Station

INDOT has announced the first electric vehicle infrastructure awards for the Charging the Crossroads program.

Local Sports Report - March 28, 2024

Report missing high school sports scorers and stats to news@eaglecountryonline.com.

Local Sports Report - March 26, 2024

Milan Softball got their 2024 season off to a great start.

On Air

Rick Bernius playing
Trisha Yearwood - She's In Love With The Boy

Nate Smith World On Fire 15:07
Fox News Fox News National Newscast 15:06
Eric Church Love Your Love The Most 15:03
Travis Tritt Put Some Drive In Your Country EAGLE ONLY 14:59