Skip to content
Newsletter Signup
  1. News
  2. Press Releases
Published:

On Equifax: Senator Hassan, Colleagues Urge FTC to Prevent Second Round of Identity Theft and Fraud

WASHINGTON – Senator Maggie Hassan today joined a number of her colleagues in calling on the Federal Trade Commission (FTC) to outline specific actions being taken to ensure that consumers do not fall victim to a second round of attacks on their personal information following the massive Equifax breach. 

Citing revelations of fraud schemes perpetrated on consumers who voluntarily provided their personal information to scammers, the Senators wrote: “Almost immediately after the breach, fake websites appeared claiming to allow consumers to check whether their information was exposed. The websites, sent to consumers via email and text message, are nothing more than phishing sites. In addition, some consumers received calls from entities claiming to be Equifax, with fraudulent representatives asking the consumer to verify account information. Other consumers received calls from entities claiming to be the IRS.”

The Senators also expressed additional concerns about Equifax’s own diligence in vetting the links it tweeted to a fake website in response to consumer requests for information and assistance in the aftermath of the data breach.With more than half of the U.S. adult population exposed and vulnerable to identity theft, criminals have an extensive range of potential victims, and the FTC has a critical role to play to protect consumers from additional harm," added the Senators.  

The letter poses five specific questions to be answered by the FTC Chairman:

    1. To what extent, if at all, is the FTC tracking Equifax frauds and scams?  Is FTC tracking this information in conjunction with any other federal agencies?
    1. What steps is the FTC taking to combat Equifax scammers? Please be specific as to how resources are being deployed to combat both internet and phone scams.
    1. What steps is FTC taking to educate consumers and ensure they do not fall prey to frauds and scams related to the Equifax data breach?
    1. Is the FTC working with all three of the major consumer reporting agencies to identify, report, and interdict these frauds and scams? Please be specific as to what steps are being taken.
    1. Does the FTC have sufficient authority and/or resources to effectively combat these frauds and scams? If not, what else is needed?

The full text of the Senators’ letter to the FTC can be found below.

Dear Acting Chairman Ohlhausen:

As you know, the recent Equifax data breach exposed the personally identifiable information of more than 143 million people. Predictably, a number of unscrupulous actors have used the data breach as an opportunity to take advantage of consumers. We write to request specific information as to what actions the Federal Trade Commission (FTC) is taking to ensure consumers do not fall victim to a second round of attacks on their personal information.

Almost immediately after the breach, fake websites appeared claiming to allow consumers to check whether their information was exposed.[1] The websites, sent to consumers via email and text message, are nothing more than phishing sites. In addition, some consumers received calls from entities claiming to be Equifax, with fraudulent representatives asking the consumer to verify account information.[2] Other consumers received calls from entities claiming to be the IRS.[3] Further complicating matters, through its own Twitter account, Equifax tweeted links to a fake website in response to consumer requests for information and assistance.[4] With more than half of the U.S. adult population exposed and vulnerable to identity theft, criminals have an extensive range of potential victims, and the FTC has a critical role to play to protect consumers from additional harm.

The internet presents a formidable obstacle to law enforcement, with new bad actors constantly replacing those who have been apprehended. Nonetheless, we have a responsibility to do everything within our power to remain vigilant and prevent harm wherever possible. Given the breadth of the Equifax data breach and the potential for widespread abuse, we request answer to the following questions no later than October 30:

(1)    To what extent, if at all, is the FTC tracking Equifax frauds and scams?  Is FTC tracking this information in conjunction with any other federal agencies?

(2)    What steps is the FTC taking to combat Equifax scammers? Please be specific as to how resources are being deployed to combat both internet and phone scams.

(3)    What steps is FTC taking to educate consumers and ensure they do not fall prey to frauds and scams related to the Equifax data breach?

(4)    Is the FTC working with all three of the major consumer reporting agencies to identify, report, and interdict these frauds and scams? Please be specific as to what steps are being taken.

(5)    Does the FTC have sufficient authority and/or resources to effectively combat these frauds and scams? If not, what else is needed?

The severity of the damage inflicted by largescale data breaches demands our immediate attention.  Left ignored, the harm done to American consumers is likely to be multiplied many times over by those who see the Equifax data breach as a scamming opportunity.  Thank you for your prompt attention to this matter.

Sincerely,

###