A Seattle law firm has filed a national class action lawsuit against Equifax, over a data breach that left 143 million customers' vulnerable to hackers.
Residents of Washington state and a small business owner are listed as plaintiffs in the suit filed by the firm Stritmatter Kessler Whelan on Tuesday, in U.S. District court.
In a statement, the firm called Equifax's actions after revealing the breach, "amateur hour at its best and profiteering at its worst."
The lawsuit claims customers, who tried to find out if their information may have been stolen, were referred to an unsecured website. Calls went unanswered.
"Days later, no one we have spoken to has clear confirmation that their data was compromised," read a statement.
The lawsuit notes Equifax has offered complimentary identity theft protection, but it expires in a year, forcing customers to pay about $20 per month to keep the service.
Equifax's identity protection is provided by its own wholly owned subsidiary, TrustedID, which will likely see increased business.
Hackers gained access to up to 143 million Equifax customers’ data, including some credit card and Social Security numbers, the credit-reporting service announced last week.
In most cases, the hackers accessed names, Social Security numbers, birth dates, addresses and some driver’s license numbers, Equifax explained.
"Everyone should be worried," said plaintiff Jennifer Mertlich from Puyallup.
Mertlich had her identity stolen before and had someone open credit cards and get a driver's license in her name.
She fears the information from Equifax will open her up to worse.
"It'll never be repaired entirely," said Mertlich.
Over 209,000 credit card numbers and other documents with personal information for 182,000 customers were also accessed in the breach.
“Criminals” used a U.S. website application to gain access to the files from mid-May to June 2017, the company said in a statement.
The company said it discovered the intrusion on July 29 and worked immediately to stop it. An investigation should be finished within weeks.
"This is clearly a disappointing event for our company, and one that strikes at the heart of who we are and what we do. I apologize to consumers and our business customers for the concern and frustration this causes," Chairman and Chief Executive Officer Richard F. Smith said.
In a USA TODAY editorial, Equifax wrote they are working to make changes.
"It was a painful announcement because of the concern and frustration this incident has created for so many consumers," Smith wrote. "We apologize to everyone affected. This is the most humbling moment in our 118-year history.
Equifax has set up a website for customers to see if their data has been compromised and access complimentary credit monitoring and identity theft services for a year.
Questions to the company can be directed here or to 866-447-7559
Customers will receive a notice in the mail if they were affected.
USA TODAY contributed to this report.