Equifax faces two distinct class actions claiming tens of billions of dollars over the data breach it revealed last Thursday.

The first class action was filed on Thursday in Atlanta, where Equifax is based. It came from attorneys at Tampa-based firm Morgan & Morgan, and also sees the participation of Roy Barnes, former governor of the State of Georgia.

A second lawsuit was submitted in Oregon, also on Thursday, by lawyers from West Coast-based firms Geragos & Geragos and Olson Daines. They’re claiming a customer damage compensation of some $70bn (£58bn).

The credit rating agency was first compromised in May, and only discovered the vulnerability at the end of July. More than a month later on the 7th September, it announced hackers had accessed 143m records, as well as 209,000 credit card numbers.

The Oregon lawsuit reads: “In an attempt to increase profits, Equifax negligently failed to maintain adequate technological safeguards to protect [customers’] information from unauthorized access by hackers … Equifax could have and should have substantially increased the amount of money it spent to protect against cyber-attacks but chose not to.”

It said claimants “hope Equifax will use this massive data breach, and their subsequent lawsuit, as a teachable moment to finally adopt adequate safeguards to protect against this type of cyber-attack in the future”.

How well do you really know your competitors?

Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.

Company Profile – free sample

Thank you!

Your download email will arrive shortly

Not ready to buy yet? Download a free sample

We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form

By GlobalData
Visit our Privacy Policy for more information about our services, how we may use, process and share your personal data, including information of your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.

After the breach, Equifax made available a tool, called TrustedID Premier, which let clients check whether their data had been hacked. However, the terms for accessing the tool contained a clause preventing users from joining any form of class action. Equifax quickly amended the terms to allow for lawsuits regarding the data breach incident.

The scandal sent Equifax’s shares plummeting, and stood at $122 on Monday, down 17% from before the announcement.

Three executives at the company reportedly sold $2m worth of shares after the breach was discovered, but Equifax denies they had any insider knowledge of the hack.