In September, entrepreneur Joshua Browder’s Do Not Pay chatbot website added a new skill: allowing people to sue Equifax for its monumental data breach that exposed the personal information of 145.5 million people, which included Social Security numbers.
A few months later, the results are coming in and people are winning judgements approaching $10,000.
Yahoo Finance spoke to a few consumers who have taken on Equifax in small claims courts, a process that they found surprisingly smooth, with no need for lawyers.
“It was the easiest nine grand I ever made,” said Darrow B. of San Francisco, who just won a judgment of $9,100.
The Do Not Pay chatbot, which started as a way to fight parking tickets, lets users more easily fill out the forms required for these simple lawsuits by automatically populating things such as Equifax’s address for each of the 50 states. Under the “damages” section, it simply says Equifax was negligent and the breach resulted in “significant damages.” The details get ironed out in court.
“You go down to small claims court, you hand them the papers, they tell if everything’s OK, then you choose a court date that works for you,” she said. “Then you show up and the judge basically says what happened. It took about an hour at the court.”
According to F. Paul Bland, an attorney and executive director for Public Justice, suing in small claims court is fine even if there’s a pending class action case, of which dozens have emerged against Equifax.
FILE – This July 21, 2012, file photo shows signage at the corporate headquarters of Equifax Inc. in Atlanta. Attacks launched by cybercriminals wreak havoc and cause disruption as more of everyday life moves online. The U.S. attorney’s office in Atlanta has worked hand-in-hand with the local FBI office to prosecute a number of high-profile cybercrime cases. They’re currently investigating the breach at Atlanta-based Equifax, which exposed the personal information of 145 million Americans.
The Luck of the Draw
According to public records, about a dozen people in San Francisco have sued Equifax, many of whom used the app. But they haven’t always won — it depends on the judge.
One judge, who ruled in favor for a handful of plaintiffs against Equifax, including Darrow, seemed especially sympathetic. (With around one out of every two adults being affected, she was likely a victim of the breach as well.)
Darrow points to her ruling as a good blueprint to go from when arguing before the court. In it, the judge noted that Equifax had a duty to safeguard information, failed to heed warnings from the Department of Homeland Security, and “willfully” violated the Fair Credit Reporting Act and state regulations.
To some judges at least, demonstrating Equifax was negligent in its duty is enough for a positive judgment. The credit monitoring company was slow to disclose the breach (not everyone affected even got an email notifying them of what happened); it also pointed consumers to a useless website to see if they were affected, and then pushed them to sign up for a monitoring product that both could strip consumers of the right to sue the company and provide it with potential future revenue.