Canadian Class Action Suit Launched Against Equifax Over Data Breach

A class action lawsuit by Canadian consumers whose data was stolen in a massive hack of US credit bureau Equifax was launched Tuesday, seeking damages of Can $550 billion ($450 billion US).

The proposed class action includes all residents of Canada whose information was stored on Equifax databases and was accessed without authorization between May 1, 2017 and August 1, 2017, according to a statement by the Toronto-based Sotos law firm.

The hack was disclosed last week by Equifax, one of the three major credit bureaus that collect consumer financial data, and potentially affects 143 million US customers, as well as an as yet unspecified number of Canadian and British customers.

The breach is considered one of the worst-ever because of the nature of data collected: bank and social security numbers and personal information of value to hackers and others.

“Equifax set up a dedicated website to provide information to US customers who may have been affected, but there is no way for Canadians to identify if they were affected,” said lawyer Jean-Marc Leclerc.

“Fighting identity theft takes years, during which a consumer’s ability to obtain anything with credit is compromised: purchasing a house, renting an apartment or obtaining a credit card or line of credit, for example.”

The claim alleges that Equifax breached its contract with class members as well as their privacy rights and was negligent in handling their information.

Some reports have suggested Equifax data was being sold on “dark web” marketplaces, but analysts said it was too soon to know who was behind the attack and the motivation.

Related: Industry Reactions to Equifax Hack

Related: Apache Struts Flaw Reportedly Exploited in Equifax Hack