Elizabeth Warren Goes After Equifax Over Hack

The agency’s initial response seemed to “hoodwink” customers “into waiving important legal rights.”

Paul Marotta/Zuma

The hack of credit reporting agency Equifax revealed last week may have compromised the personal information including the social security numbers and addresses of as many as 143 million people. Sen. Elizabeth Warren (D-Mass.), the financial industry’s main foe in Congress, announced on Friday that she will introduce a bill to prevent this from happening again—and to ensure that Equifax doesn’t make money off of its massive cyberbreach.

The bill, titled the Freedom from Equifax Exploitation (FREE) Act, would require credit reporting agencies to offer customers free options to impose or lift a “credit freeze” that stops the sharing and selling of personal credit information to third parties. Currently, there is no federal rule requiring that credit reporting agencies offer any sort of freeze option, and agencies that do, charge between $2-$10 each time a freeze is imposed or lifted. (Freezes need to be lifted when a customer applies for most financial products, like a mortgage or a credit card.)

“Credit reporting agencies like Equifax make billions of dollars collecting and selling personal data about consumers without their consent, and then make consumers pay if they want to stop the sharing of their own data,” Sen. Warren said in a press release. “Our bill gives consumers more control over their own personal data and prohibits companies like Equifax from charging consumers for freezing and unfreezing access to their credit files. Passing this bill is a first step toward reforming the broken credit reporting industry.”

The bill—also sponsored by Sen. Brian Schatz (D-Hawaii)—would also offer consumers better fraud alert protections in the wake of the breachrequiring credit reporting agencies to offer up to seven years of renewable fraud alert protections. The FREE Act proposes an automatic refund by credit reporting agencies to those customers who’ve already paid for a credit freeze following the hack and would require agencies to provide consumers with an additional free credit report so they can keep tabs on possible damage.

Along with the announcement of the bill, Sen. Warren also launched a broadened investigation into the massive data breach by sending letters to all three credit reporting agencies with detailed questions about their response and plans to shore up protections in order to avoid future problemsIn her letter to Equifax, Warren issued sharp criticisms of the agency’s sluggish response, its lack of transparency about exactly what information may have been compromised, and Equifax’s initial attempt to enroll affected customers in free credit monitoring—provided they relinquish their right to sue the reporting agency.

Equifax learned of the hack on July 29, 2017, Warren noted, but did not inform the public until 40 days later, leaving consumers vulnerable to credit card fraud, tax fraud, identity theft, and various other crimes.”  She questioned why, “given the risk to so many Americans,” Equifax delayed in notifying them of the breach.” Sen. Warren added: “Equifax’s initial efforts to provide customers information did nothing to clarify the situation and actually appeared to be efforts to hoodwink them into waiving important legal rights.”

Warren also sent letters to the federal agencies tasked with consumer protection—the Consumer Financial Protection Bureau and the Federal Trade Commission—with detailed questions seeking information on their response to the hack. She also wanted to know when they learned of the breach, and what steps they’ve since taken to protect consumers from further damage.

Warren has asked both the credit reporting agencies and federal consumer protection watchdogs to respond to her letters by September 29.


In 2014, before Donald Trump announced his run for president, we knew we had to do something different to address the fundamental challenge facing journalism: how hard-hitting reporting that can hold the powerful accountable can survive as the bottom falls out of the news business.

Being a nonprofit, we started planning The Moment for Mother Jones: A special campaign to raise $25 million for key investments to make Mother Jones the strongest watchdog it can be. Five years later, readers have stepped up and contributed an astonishing $23 million in gifts and future pledges. This is an incredible statement from the Mother Jones community in the face of the huge threats—both economic and political—against the free press.

Read more about The Moment and see what we've been able to accomplish thanks to readers' incredible generosity so far, and please join them today. Your gift will be matched dollar for dollar, up to $500,000 total, during this critical moment for journalism.

We Recommend


Sign up for our newsletters

Subscribe and we'll send Mother Jones straight to your inbox.

Get our award-winning magazine

Save big on a full year of investigations, ideas, and insights.


Support our journalism

Help Mother Jones' reporters dig deep with a tax-deductible donation.


We have a new comment system! We are now using Coral, from Vox Media, for comments on all new articles. We'd love your feedback.