History
Equifax was founded as the Retail Credit Company by Cator and Guy Woolford in Atlanta, Georgia, as Retail Credit Company in 1899.[8] By 1920, the company had offices throughout the United States and Canada.[9] By the 1960s, Retail Credit Company was one of the nation's largest credit bureaus, holding files on millions of American and Canadian citizens.[10] Even though the company continued to do credit reporting, the majority of its business was making reports to insurance companies when people applied for new insurance policies, such as life, auto, fire and medical insurance. RCC also investigated insurance claims and made employment reports when people were seeking new jobs. Most of the credit work was then being done by a subsidiary, Retailers Commercial Agency.
Retail Credit Company's information holdings and willingness to sell its information attracted criticism in the 1960s and 1970s. These included that it collected "...facts, statistics, inaccuracies and rumors ... about virtually every phase of a person's life; his marital troubles, jobs, school history, childhood, sex life, and political activities." The company was also alleged to reward its employees for collecting derogatory information on consumers.[11] This led to discrimination against queer people and people of color.[12]
In 1970, after the company had computerized its records, which led to wider availability of the personal information it held, the U.S. Congress held hearings that led to the enactment of the Fair Credit Reporting Act. This legislation gave consumers rights regarding information stored about them in corporate databanks.[13] It is alleged that the hearings prompted the Retail Credit Company to change its name to Equifax in 1975 to improve its image.[11]
In expanding its business, Equifax acquired a number of companies in the health field. In May 1994, Equifax acquired HealthChex Inc., a company that specialized in profiling physicians and reviewing health insurance claims. In November 1994, it acquired Osborn Laboratories, a medical testing company. The same year, Equifax also acquired Electronic Tabulating Services, a clearinghouse for health insurance claims.[11]
Equifax also expanded into commercial credit reports on companies in the United States, Canada and the UK, where it came into competition with companies such as Dun & Bradstreet and Experian.[14] The insurance reporting was phased out. The company also had a division selling specialist credit information to the insurance industry but spun off this service, including the Comprehensive Loss Underwriting Exchange (CLUE) database as ChoicePoint in 1997.[15] Equifax formerly offered digital certification services, which it sold to GeoTrust in September 2001.[16] Also in 2001, Equifax spun off its payment services division, forming the publicly listed company Certegy, which subsequently acquired Fidelity National Information Services in 2006.[17] Certegy effectively became a subsidiary of Fidelity National Financial as a result of this reverse acquisition merger (See Certegy and Fidelity National Information Services
In October 2010, Equifax announced it was acquiring Anakam, an identity verification software company headquartered in San Diego, California, which invented and pioneered SMS (text-message based) two-factor authentication. Terms of the deal were not disclosed.
Equifax purchased eThority, a business intelligence (BI) company headquartered in Charleston, South Carolina, in October 2011. eThority is partnering with TALX, a St. Louis-based business unit of Equifax, and remained in Charleston.[18]
In February 2016, Equifax acquired the Australasian company Veda, the largest credit reference agency in Australia at the time. Veda had previously acquired the Australian market research and opinion polling company ReachTEL in September 2015, which continues to produce opinion polls in Australia.[19]
Equifax was the subject of more than 57,000 consumer complaints to the Consumer Financial Protection Bureau from October 2012 to September 17, 2017, with most complaints relating to incomplete, inaccurate, outdated, or misattributed information held by the company.[20]
In September 2017, Equifax announced a cyber-security breach, which it claims to have occurred between mid-May and July 2017,[21] where cybercriminals accessed approximately 145.5 million U.S. Equifax consumers' personal data, including their full names, Social Security numbers, birth dates, addresses, and driver license numbers. Equifax also confirmed at least 209,000 consumers' credit card credentials were taken in the attack. On March 1, 2018, Equifax announced that 2.4 million additional U.S. customers were affected by the breach,[22] increasing the number of affected to 147.9 million Americans. The company claims to have discovered evidence of the cybercrime event on July 29, 2017. Residents in the United Kingdom (15.2 million) and Canada (about 19,000) were also impacted. The vulnerability which Chinese hackers leveraged was ;[23] the hackers managed to stay in Equifax's systems undetected for approximately 134 days.[24]
In March 2018, the Security and Exchange Commission accused Jun Ying, Equifax's former CIO, of illicit insider trading, by selling company stock before the breach was publicly disclosed.[25] After an investigation by the FBI, Ying pleaded guilty, was sentenced to four months of prison plus a year of supervised release, and was fined $55,000.00 and ordered to pay restitution of $117,117.61 in June 2019.[26][27] An Equifax manager, Sudhakar Reddy Bonthu, also pleaded guilty to insider trading and received a sentence of 8 months of home confinement.[28][29]
In July 2019, The New York Times, the New York Post and other media reported Equifax had agreed to pay approximately $650 million to settle with the Federal Trade Commission (FTC) to resolve investigations by several state attorneys general, the Consumer Financial Protection Bureau, the FTC, and a consumer class-action lawsuit related to the data breach.[30][31][32]
By September 2019, however, Equifax had added qualifications and "hurdles" to its claims process which put in doubt whether the previously announced cash settlement of $125 per affected consumer would actually be awarded.[33][34][35]
On 19 December 2019, a federal judge in Atlanta awarded class-action attorneys representing consumers approximately $77.5 million, suggesting that individual consumers might expect to receive around six or seven dollars.[36]
In July 2020, Equifax reported that, after purchasing Ansonia Credit Data (Ansonia), a major source of consumer credit, payments, and invoice receivables (AR) data used by financial companies and other borrowers and businesses in the shipping and logistics sectors, the firm has expanded its position in commercial payment technology solutions.[37]
On 2 August 2022, a week after its CEO Mark Begor was deemed "uniquely qualified to lead the Company" and was granted a $25 million bonus package by Equifax's board, the Wall Street Journal reported that Equifax had sent millions of incorrectly calculated credit scores to lenders.[38][39] Equifax acknowledged reporting inaccurate credit scores, but insisted the errors had affected only a few people. The following day, a class-action lawsuit was filed by Jacksonville, Florida resident Nydia Jenkins against Equifax alleging she had received a "substantially pricier car loan" (resulting in an additional loan payment of $2,352 more per year) due to Equifax reporting her credit score 130 points off from what it should have been.[40][41]
In February 2023, it was announced Equifax had acquired the Barueri-headquartered credit bureau, Boa Vista Serviços for $596 million,[42] starting to trade on the B3 in São Paulo, under the symbol EFXB31.