ICBA Sues Equifax Over Massive Data Breach
On behalf of community banks, suit seeks monetary damages and stronger security
Washington, D.C (Nov. 28, 2017)—On behalf of its members, the Independent Community Bankers of America® (ICBA) filed a lawsuit against Equifax Inc. for its recent breach of 145.5 million consumer records and 209,000 payment cards. Bank of Zachary, La., and First State Bank in Barboursville, W.Va., joined ICBA in this suit. ICBA’s lawsuit asks the U.S. District Court for the Northern District of Georgia to require Equifax to compensate all community banks harmed by the breach and to improve its security to avoid additional harm to the consumers and local communities that community banks serve.
“ICBA and the nation’s community banks are deeply troubled by the massive and preventable data breach at Equifax and its impact on community banks, consumers, small businesses and the economy,” ICBA President and CEO Camden R. Fine said. “Today’s lawsuit demands remedial action because Equifax needs to be held accountable for this massive and preventable catastrophic event.”
ICBA’s lawsuit seeks monetary relief for all community banks affected by the dramatic breach for such costs as: protective measures to deter customer identity theft, deposit and loan account fraud, customer notification, covering fraudulent transactions, payment card cancellation and replacement, and other expenses. The suit also calls on the court to direct Equifax to employ adequate security protocols consistent with legal and regulatory requirements and industry standards to protect personally identifiable information and payment card data.
“Community bankers have witnessed firsthand how the Equifax breach has harmed the members of the communities we serve,” said Preston Kennedy, ICBA vice chairman and CEO of Bank of Zachary.
“Equifax needs to be held accountable for this catastrophic event to protect the long-term security of our customers,” said Sam Vallandingham, president and CEO of First State Bank.
ICBA’s lawsuit notes that the breach—in which hackers entered Equifax’s system through a known vulnerability to access names, Social Security numbers, dates of birth, and other information—was the result of Equifax failing to heed warnings from security experts to properly secure its U.S. website. Despite Equifax’s clear legal duty to prevent and report this breach, it failed to devote sufficient resources to ensure adequate data security and waited nearly six weeks to report it to the public.
The Independent Community Bankers of America®, the nation’s voice for more than 5,700 community banks of all sizes and charter types, is dedicated exclusively to representing the interests of the community banking industry and its membership through effective advocacy, best-in-class education and high-quality products and services. For more information, visit ICBA’s website at www.icba.org.