Attorney General Peter F. Kilmartin today joined with attorneys general around the country in a letter to credit reporting firm Equifax requesting that it disable links for enrollment in fee-based credit monitoring service in the wake of the massive data breach impacting 143 million people.
Attorney General Kilmartin is part of multistate investigation which was launched as soon as Equifax publicly disclosed the breach last week.
"We believe continuing to offer consumers a fee-based service in addition to Equifax's free monitoring services will serve to only confuse consumers who are already struggling to make decisions on how to best protect themselves in the wake of this massive breach," the attorneys general wrote in the letter to the company. "Selling a fee-based product that competes with Equifax's own free offer of credit monitoring services to victims of Equifax's own data breach is unfair, particularly if consumers are not sure if their information was compromised."
The attorneys general also wrote that, although Equifax has agreed to waive credit freeze fees for those who would otherwise be subject to them – which includes Rhode Island residents – the other two credit bureaus, Experian and Transunion, continue to charge fees for security freezes. The attorneys general wrote that Equifax should be taking steps to reimburse consumers who incur these fees to completely freeze their credit.
"Equifax has poorly managed its response to the data breach from the start. To ask consumers to lay out more money to protect themselves from identity theft adds insult to injury," said Attorney General Kilmartin. "The fees associated with signing up and removing a credit freeze can add up, and it should not be borne by the consumer who would not be in the position of needing a credit freeze had it not been for the Equifax data breach in the first place. Equifax needs to start putting the consumer first and quickly move to ease the confusion and frustration many are experiencing."
Attorney General Kilmartin reminds consumers of measures to take outside of the Equifax process to better protect from being victimized:
• Consumers should be suspicious of emails from government agencies or their financial institutions looking to confirm specific personal information or financial account information.
• Do NOT trust any unsolicited email, text, or phone call.
• Do NOT click on a link in any email or text that claims to be from a government agency or financial institution.
• Do NOT provide personal information over the telephone to someone who contacts you claiming to be from a government agency or a financial institution.
• In you receive a call from Equifax seeking to confirm your personal information or account numbers, hang up. Equifax is NOT contacting consumers directly
• Always contact your financial institution directly – by phone - to report suspicious activity on your accounts or to confirm whether they sent you a notification.
• Check your financial accounts DAILY for suspicious activity and report it immediately to your financial institution.
• Based on information out of Alabama where a hacker used a person's compromised information in an attempt to trick a retirement broker into gaining access to a client's account, we strongly advise that you contact your investment or retirement manager to understand what protocols and safety measures are in place to ensure someone cannot pose as you to gain access to your accounts.
Attorney General Kilmartin is providing consumers with up to date information on the Office's website www.riag.ri.gov and encourages consumers to alert the Consumer Protection Unit when they receive a fraudulent email, text or call related to the Equifax data breach and to file complaints against Equifax when appropriate. Emails can be sent to firstname.lastname@example.org.