Vulnerabilities / Threats

9/18/2017
01:20 PM
50%
50%

Equifax Hit with Lawsuit

Victims living or doing business in Florida can send a certified letter to seek relief and still remain in compliance with the state's credit laws, attorney says.

A Florida attorney has filed a lawsuit against Equifax petitioning for relief under Florida's Credit Freeze and Unfair and Deceptive Trade Practices Act, which can provide Equifax victims an alternative tool in seeking relief from the credit monitoring agency, he maintained.

Credit breach victims living or doing business in Florida can send a certified letter seeking relief to credit monitoring agencies like Equifax and demand an unconditional credit freeze on their file, yet still remain compliant with the state's credit laws, attorney Matthew Weidner with Weidner Law said in a statement.

Weidner filed his lawsuit after failing to obtain a freeze on his credit file after several unsuccessful phone call discussions with an Equifax customer service representative, who he alleges repeatedly hung up on him.

The attorney also advises Equifax victims to reject any credit monitoring service or resolution offered by Equifax, which recently faced controversy over its "forced arbitration" clause that came with its free credit-monitoring service offer. He also advises Equifax breach victims to forego joining a class-action lawsuit because of the lengthy legal process.

Read more about the lawsuit here.

Join Dark Reading LIVE for two days of practical cyber defense discussions. Learn from the industry’s most knowledgeable IT security experts. Check out the INsecurity agenda here.

Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
RyanSepe
50%
50%
RyanSepe,
User Rank: Ninja
9/19/2017 | 7:58:29 AM
Credit Freeze
It's advisable to follow through with this action provided the legal right to do so. When a freeze occurs, how does this affect legitimate credit actions? Such as, if a genuine user was to open a credit card during the credit freeze, would that history be enacted after the freeze is lifted? Or would that individual be denied the card due to the freeze?
6 Ways Greed Has a Negative Effect on Cybersecurity
Joshua Goldfarb, Co-founder & Chief Product Officer, IDRRA ,  6/11/2018
Weaponizing IPv6 to Bypass IPv4 Security
John Anderson, Principal Security Consultant, Trustwave Spiderlabs,  6/12/2018
'Shift Left' & the Connected Car
Rohit Sethi, COO of Security Compass,  6/12/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-12026
PUBLISHED: 2018-06-17
During the spawning of a malicious Passenger-managed application, SpawningKit in Phusion Passenger 5.3.x before 5.3.2 allows such applications to replace key files or directories in the spawning communication directory with symlinks. This then could result in arbitrary reads and writes, which in tur...
CVE-2018-12027
PUBLISHED: 2018-06-17
An Insecure Permissions vulnerability in SpawningKit in Phusion Passenger 5.3.x before 5.3.2 causes information disclosure in the following situation: given a Passenger-spawned application process that reports that it listens on a certain Unix domain socket, if any of the parent directories of said ...
CVE-2018-12028
PUBLISHED: 2018-06-17
An Incorrect Access Control vulnerability in SpawningKit in Phusion Passenger 5.3.x before 5.3.2 allows a Passenger-managed malicious application, upon spawning a child process, to report an arbitrary different PID back to Passenger's process manager. If the malicious application then generates an e...
CVE-2018-12029
PUBLISHED: 2018-06-17
A race condition in the nginx module in Phusion Passenger 3.x through 5.x before 5.3.2 allows local escalation of privileges when a non-standard passenger_instance_registry_dir with insufficiently strict permissions is configured. Replacing a file with a symlink after the file was created, but befor...
CVE-2018-12071
PUBLISHED: 2018-06-17
A Session Fixation issue exists in CodeIgniter before 3.1.9 because session.use_strict_mode in the Session Library was mishandled.