Equifax Inc. intends to respond within in the next few days to a demand letter from New York state regulators seeking further information on its massive 2017 data breach, a company spokeswoman told Bloomberg Law today.
In the demand letter, which was obtained by Bloomberg Law today, New York Secretary of State Rossana Rosado asked Equifax for data on New York consumer credit card information exposed during the breach, a summary of the company’s plan to resolve consumer disputes, and a copy of the forensic review prepared after the breach. The credit reporting company announced Sept. 7 that the private information of about 143 million Americans was compromised. The Dec. 27 letter, which was sent as part of the state’s first use of new identity theft regulations, gave Equifax 10 business days after receipt of the letter to respond.
Equifax intends to work with the state “to respond to their letter within the requested timeframe,” Meredith Griffanti, a spokeswoman for the company, told Bloomberg Law.
The letter is part of a multi-front effort by New York state in response to the Equifax data breach. The Department of Financial Services has proposed regulations that would subject credit reporting agencies to the state’s new cybersecurity requirements and Attorney General Eric T. Schneiderman (D) has an ongoing investigation into the breach.