WASHINGTON ― The credit monitoring company that compromised the personal information of nearly half the U.S. population said Monday it won’t ask people for credit card info if they sign up for its “free” service.
Last week, Equifax Inc. announced that it had been hacked by criminals who obtained personal details about 143 million Americans, including names, addresses and Social Security numbers. To make up for its massive cybersecurity failure, the firm said it would give victims a free one-year subscription to its credit monitoring service.
There was a catch: the supposedly free service required credit card information up front and would begin charging the card after the free trial ended unless users proactively canceled, according to terms of use for the product dated Sept. 6.
Equifax quietly deleted the information about fees from its website over the weekend, and on Monday, the firm announced it wouldn’t ask for credit cards when people sign up for the service, which is called TrustedID Premier.
“We are not requesting consumers’ credit card information when they sign up for the free credit file monitoring and identity theft protection we are offering to all U.S. consumers,” the company said in a statement. “Consumers who sign up for TrustedID Premier will not be automatically enrolled or charged after the conclusion of the complimentary year of TrustedID Premier.”
Amanda Werner of the consumer advocacy group Public Citizen said Equifax changed its policy in the face of public pressure.
“This is what happens when someone’s watching,” Werner said. “Equifax got caught trying to profit from a massive security breach and the outrage from consumers and advocates made them reverse their position.”
Spokespeople for Equifax did not respond to inquiries from HuffPost about why it changed the credit card policy. On its website the company characterized the change as a “clarification.”
Equifax is one of the three biggest companies that track consumers’ credit histories and sell the information to lenders looking to evaluate customers’ creditworthiness. The people affected by its security failure, which the company disclosed last week even though it occurred earlier this year, are not necessarily Equifax customers.
The firm has also faced massive criticism for requiring customers to agree to arbitration clauses designed to prevent them from being able to sue or join a class action lawsuit. The company has said its arbitration clauses only apply to the use of its products, so people who sign up for credit monitoring won’t waive their ability to sue over the data breach.
A new rule from the Consumer Financial Protection Bureau will ban the use of arbitration clauses designed to prevent people from joining class action lawsuits. The rule is set to take effect this month but Republicans in Congress have said they want to overturn it.