Elizabeth Warren Goes After Equifax Over Hack

The agency’s initial response seemed to “hoodwink” customers “into waiving important legal rights.”

Paul Marotta/Zuma

The hack of credit reporting agency Equifax revealed last week may have compromised the personal information including the social security numbers and addresses of as many as 143 million people. Sen. Elizabeth Warren (D-Mass.), the financial industry’s main foe in Congress, announced on Friday that she will introduce a bill to prevent this from happening again—and to ensure that Equifax doesn’t make money off of its massive cyberbreach.

The bill, titled the Freedom from Equifax Exploitation (FREE) Act, would require credit reporting agencies to offer customers free options to impose or lift a “credit freeze” that stops the sharing and selling of personal credit information to third parties. Currently, there is no federal rule requiring that credit reporting agencies offer any sort of freeze option, and agencies that do, charge between $2-$10 each time a freeze is imposed or lifted. (Freezes need to be lifted when a customer applies for most financial products, like a mortgage or a credit card.)

“Credit reporting agencies like Equifax make billions of dollars collecting and selling personal data about consumers without their consent, and then make consumers pay if they want to stop the sharing of their own data,” Sen. Warren said in a press release. “Our bill gives consumers more control over their own personal data and prohibits companies like Equifax from charging consumers for freezing and unfreezing access to their credit files. Passing this bill is a first step toward reforming the broken credit reporting industry.”

The bill—also sponsored by Sen. Brian Schatz (D-Hawaii)—would also offer consumers better fraud alert protections in the wake of the breachrequiring credit reporting agencies to offer up to seven years of renewable fraud alert protections. The FREE Act proposes an automatic refund by credit reporting agencies to those customers who’ve already paid for a credit freeze following the hack and would require agencies to provide consumers with an additional free credit report so they can keep tabs on possible damage.

Along with the announcement of the bill, Sen. Warren also launched a broadened investigation into the massive data breach by sending letters to all three credit reporting agencies with detailed questions about their response and plans to shore up protections in order to avoid future problemsIn her letter to Equifax, Warren issued sharp criticisms of the agency’s sluggish response, its lack of transparency about exactly what information may have been compromised, and Equifax’s initial attempt to enroll affected customers in free credit monitoring—provided they relinquish their right to sue the reporting agency.

Equifax learned of the hack on July 29, 2017, Warren noted, but did not inform the public until 40 days later, leaving consumers vulnerable to credit card fraud, tax fraud, identity theft, and various other crimes.”  She questioned why, “given the risk to so many Americans,” Equifax delayed in notifying them of the breach.” Sen. Warren added: “Equifax’s initial efforts to provide customers information did nothing to clarify the situation and actually appeared to be efforts to hoodwink them into waiving important legal rights.”

Warren also sent letters to the federal agencies tasked with consumer protection—the Consumer Financial Protection Bureau and the Federal Trade Commission—with detailed questions seeking information on their response to the hack. She also wanted to know when they learned of the breach, and what steps they’ve since taken to protect consumers from further damage.

Warren has asked both the credit reporting agencies and federal consumer protection watchdogs to respond to her letters by September 29.


The more we thought about how MoJo's journalism can have the most impact heading into the 2020 election, the more we realized that so many of today's stories come down to corruption: democracy and the rule of law being undermined by the wealthy and powerful for their own gain.

So we're launching a new Mother Jones Corruption Project to do deep, time-intensive reporting on systemic corruption. We aim to hire, build a team, and give them the time and space needed to understand how we got here and how we might get out. We'll publish what we find as a major series in the summer of 2020, including a special issue of our magazine, a dedicated online portal, and video and podcast series so it doesn't get lost in the daily deluge of breaking news.

It's unlike anything we've done before and we've got seed funding to get started, but we're asking readers to help crowdfund this new beat with an additional $500,000 so we can go even bigger. You can read why we're taking this approach and what we want to accomplish in "Corruption Isn't Just Another Scandal. It's the Rot Beneath All of Them," and if you like how it sounds, please help fund it with a tax-deductible donation today.

We Recommend


Sign up for our newsletters

Subscribe and we'll send Mother Jones straight to your inbox.

Get our award-winning magazine

Save big on a full year of investigations, ideas, and insights.


Support our journalism

Help Mother Jones' reporters dig deep with a tax-deductible donation.