Equifax Gets Slapped With Subpeona From New York Regulator

By  |  September 28, 2017
 | 

Equifax is facing yet another legal woe from its massive data breach. This time, New York State’s financial services regulator has issued a subpoena to the company, demanding that it provide more information about the leak.

    Get the Full Story

    Complete the form to unlock this article and enjoy unlimited free access to all PYMNTS content — no additional logins required.

    yesSubscribe to our daily newsletter, PYMNTS Today.

    By completing this form, you agree to receive marketing communications from PYMNTS and to the sharing of your information with our sponsor, if applicable, in accordance with our Privacy Policy and Terms and Conditions.

    According to a Reuters news report, the New York’s Department of Financial Services (DFS) sent the subpoena to Equifax on Sept. 14, citing a source who declined to be named.

    The subpoena is requesting documents related to the data breach that compromised the personal data of up to 143 million Americans, details on when Equifax learned of the leak and what actions it took after it was found, as well as additional information.

    A spokesman for DFS declined to comment, while an Equifax spokesman was not immediately available.

    New York has had a strong response to the Equifax hack. Governor Andrew Cuomo recently proposed regulation that would take effect in February, requiring all agencies – including TransUnion and Experian – to report their officers or directors who are responsible for compliance with laws and regulations involving financial services, banking and insurance each year. If the companies fail to register, they risk being barred from doing business with financial companies regulated by New York State.

    The state would also be able to bar a credit reporting agency from doing business if it is found to engage in “unfair, deceptive or predatory practices.”

    Advertisement: Scroll to Continue

    In addition, New York has a new cybersecurity regulation, the first of its kind in the country, which requires financial firms to take measures to protect networks and customer data from hackers and to disclose cyber events to state regulators. It took effect on March 1.

    If Equifax had already been subject to the regulation, it would have had to report the breach within 72 hours of its discovery instead of the 41 days it took the company to make the leak known.

    In addition to its issues in New York, Equifax is being investigated by multiple federal and state agencies, including the U.S. Department of Justice. The company is being sued by the state of Massachusetts, as well as the city of San Francisco, for not doing enough to protect consumers from the cyber breach.

    And just this past week, the company announced its that Richard Smith, its chief executive, would retire and forgo his 2017 bonus. Smith is still expected to testify about the hack at congressional hearings next week.


    Recommended

    FTX

    3 Former Executives Involved With FTX Agree to SEC Final Judgments

    Aldar, Visa, AI agents, payments

    Visa and Aldar Launch Voice-Enabled Agentic Payments

    CFTC, Senate

    Senate Confirms Michael Selig as CFTC Commissioner and Travis Hill as FDIC Board Chairperson

    stablecoins, senate, legislation, regulations, cryptocurrency

    Senate Bill Would Create Federal Task Force to Combat Crypto Scams

    See More In: , , , , , , ,