The Atlanta-based company — part of the “Big Three” consumer credit reporting agencies that also includes Experian and TransUnion — allegedly provided the incorrect scores to those applying for home, car and credit card loans, according to the report that cited “bank executives and others familiar with the errors.”
In a statement, Equifax blamed the erroneous scores on a “coding issue” and said it has been fixed.
“Equifax identified a coding issue within a legacy, on-premise server environment in the U.S. slated to be migrated to the new Equifax Cloud™ infrastructure. This issue, which was in place over a period of a few weeks, resulted in the potential miscalculation of certain attributes used in model calculations. Credit reports were not changed as a result of this issue,” it said in part.
In 2017, the company announced a massive cybersecurity breach in which criminals accessed 145.5 million U.S. consumers’ personal data, including names, Social Security numbers, birth dates, addresses and driver’s license numbers. Nearly 210,000 consumers’ credit card information was also taken in the hack.
In 2018, the company said 2.4 million additional customers were affected — bringing the total to nearly 148 million.
Later that year, the Security and Exchange Commission accused Jun Ying, Equifax’s former CIO, of selling company stock before the news of the breach was disclosed to the public.
Ying pleaded guilty and was sentenced to four months in federal prison for insider trading and ordered to pay nearly $120,000 in restitution.