Corporate Misconduct Accountability Project
Equifax Inc. and Equifax Information Services LLC · CFPB Consent Order
Equifax Failed Hundreds of Thousands of Consumers in Credit Dispute Crisis
The Consumer Financial Protection Bureau found Equifax systematically mishandled consumer disputes, blocked identity theft protections, and miscalculated credit scores, harming families seeking loans, housing, and jobs.
CRITICAL SEVERITY
TL;DR
Equifax violated federal law by failing to properly investigate hundreds of thousands of consumer credit report disputes. The company ignored documents consumers submitted, improperly reinserted deleted information without notice, failed to protect identity theft victims within required timeframes, and made coding errors that miscalculated credit scores for hundreds of thousands of people. These failures led to wrongful denials of mortgages, car loans, apartments, and jobs.
If Equifax has mishandled your dispute or failed to correct errors on your credit report, you may have legal rights.
$15M
Civil money penalty imposed by CFPB
100,000s
Consumers affected by credit score miscalculations
4 days
Legal deadline Equifax missed for identity theft blocks
The Allegations: A Breakdown
Core Allegations
What Equifax did to harm consumers · 8 points
| 01 | Equifax failed to conduct reasonable reinvestigations of consumer disputes. The company forwarded insufficient information to furnishers and did not review or consider relevant documents consumers provided, violating the Fair Credit Reporting Act. | high |
| 02 | Equifax used restrictive numeric dispute codes that failed to capture the substance of consumer complaints. These codes could not convey details like misspelled names, incorrect addresses, or court records proving accounts were fraudulent. | high |
| 03 | Equifax improperly reinserted previously deleted information into consumer credit files without providing required notices. The company used overly narrow matching rules that allowed inaccurate data to reappear on reports consumers thought were corrected. | high |
| 04 | Equifax failed to block fraudulent accounts for identity theft victims within the legally required four business days. The company set restrictive criteria for acceptable proof documents and did not clearly communicate these requirements to consumers. | high |
| 05 | A coding error in Equifax’s Online Model Server in 2022 miscalculated credit scores for hundreds of thousands of consumers. Some scores dropped 25 points or more, leading to wrongful credit denials and higher interest rates. | high |
| 06 | Equifax labeled some consumer disputes as frivolous or irrelevant to avoid additional review. This practice locked consumers into fruitless battles to correct legitimate errors on their credit reports. | medium |
| 07 | Equifax’s flawed systems created cycles where consumers had to repeatedly dispute the same errors. Some consumers filed disputes hundreds of thousands of times per month, suggesting massive operational failures. | high |
| 08 | The CFPB found Equifax’s practices constituted unfair acts under the Consumer Financial Protection Act because they caused substantial injury that consumers could not reasonably avoid. | high |
Regulatory Failures
Laws Equifax violated · 5 points
| 01 | Equifax violated FCRA Section 611 by failing to conduct reasonable reinvestigations when consumers disputed credit report information. The law requires agencies to review all relevant documents consumers provide. | high |
| 02 | Equifax violated FCRA Section 605B by failing to block information resulting from identity theft within four business days of receiving proper documentation from victims. | high |
| 03 | Equifax violated FCRA Section 607(b) by reinserting previously deleted information without meeting strict legal conditions. The company failed to certify accuracy with furnishers and failed to notify consumers before reinsertion. | high |
| 04 | The CFPB found Equifax violated the Consumer Financial Protection Act prohibition on unfair practices. The agency determined Equifax caused substantial consumer injury that was not outweighed by benefits and could not be reasonably avoided. | high |
| 05 | The Consent Order was filed under CFPB authority granted by Sections 1053 and 1055 of the Consumer Financial Protection Act, demonstrating the Bureau’s jurisdiction over credit reporting agencies. | medium |
Profit Over People
How cost-cutting harmed consumers · 5 points
| 01 | Equifax prioritized speedy dispute resolution over thorough verification. The company’s design favored corporate efficiency over protecting consumer interests, leading to systematic failures in data accuracy. | high |
| 02 | Equifax showed reluctance to invest in robust dispute management systems despite knowing about failures. The company continued using flawed matching rules rather than allocating resources to fix known problems. | high |
| 03 | Equifax delayed its response to the 2022 credit score miscalculation fiasco. The company took its time acknowledging the issue, leaving consumers uncertain about remedies while dealing with wrongful credit denials. | high |
| 04 | The company’s internal strategy appeared designed to limit resources for dispute investigations. Equifax could have implemented monthly audits and engaged with consumer advocacy groups but failed to do so meaningfully. | medium |
| 05 | Equifax treated data accuracy as a tedious compliance function rather than fundamental to its social license to operate. This mindset allowed cost considerations to override legal obligations and consumer protection. | medium |
Economic Fallout
Financial harm to families and communities · 7 points
| 01 | Consumers were denied mortgages, car loans, and personal credit lines due to Equifax’s errors. These denials prevented families from making major purchases necessary for economic stability and mobility. | high |
| 02 | Wrongly lowered credit scores forced consumers into subprime products with higher interest rates. Families paid more for credit they qualified for at better rates, draining household budgets. | high |
| 03 | Local entrepreneurs could not secure business loans due to inaccurate credit reports, preventing business expansion and job creation. This harmed entire communities dependent on local economic growth. | high |
| 04 | Landlords rejected tenants based on flawed credit records, leaving families without stable housing. This instability cascaded through communities, weakening local real estate markets. | high |
| 05 | Employers using credit checks in hiring decisions passed over qualified candidates due to Equifax errors. This intensified unemployment and reduced economic opportunities in affected communities. | medium |
| 06 | Rural communities faced particularly severe impacts when store owners were denied expansion loans. Entire towns lost potential employers and essential services, creating localized economic downturns. | medium |
| 07 | The inaccurate credit reporting created inefficiencies in the broader economy by giving lenders false impressions of consumer risk. This led to more defaults, bankruptcies, and lost economic opportunities. | medium |
Public Health and Safety
Mental and physical toll on families · 5 points
| 01 | Financial stress from Equifax’s errors contributed to depression, anxiety, and mental health crises in affected families. Chronic stress from repeated credit denials has been associated with cardiovascular problems. | high |
| 02 | Families experienced sleepless nights and daily fear during the weeks-long waiting periods for dispute resolutions. This emotional strain damaged family dynamics and affected children in stressed households. | medium |
| 03 | Consumers were denied medical loans and needed refinancing due to credit errors, escalating health concerns. When families cannot pay bills on time due to wrongful credit limits, physical health problems can worsen. | high |
| 04 | Children’s health suffered when families had to move constantly due to credit-based housing rejections. The instability created by Equifax’s failures had generational impacts on family well-being. | medium |
| 05 | Consumers experienced humiliating interactions with lenders, landlords, and employers who flagged credit errors. These experiences compounded stress-related health conditions and reduced overall quality of life. | medium |
Community Impact
How neighborhoods and local economies suffered · 6 points
| 01 | Local communities lost out on resident spending and investment when families were denied mortgages and chose to rent elsewhere. This weakened community real estate markets and reduced local economic activity. | high |
| 02 | Communities of color and low-income areas faced disproportionate disadvantages from Equifax’s failures. These errors widened existing wealth disparities and created additional barriers to economic mobility. | high |
| 03 | Local nonprofits had to redirect resources from other social services to help residents navigate Equifax’s broken dispute system. Community volunteers organized workshops to address corporate-driven chaos. | medium |
| 04 | Impoverished families paid exorbitant interest rates because Equifax’s flawed system incorrectly deemed them high risk. This created a hidden tax on vulnerable communities already struggling financially. | high |
| 05 | The pollution of consumer credit data resembled an environmental catastrophe in scale and community harm. Local economies that depend on steady credit extension became unstable due to Equifax’s systemic failures. | medium |
| 06 | Communities experienced cynicism and resentment toward a financial system that claimed to value mobility while systematically blocking opportunities. This erosion of trust discouraged community economic development. | medium |
Corporate Accountability Failures
How Equifax avoided responsibility · 6 points
| 01 | Equifax leadership knew about system failures but showed reluctance to invest in fixing them. The company continued relying on flawed matching rules despite repeated consumer complaints. | high |
| 02 | The company failed to implement basic accountability measures like monthly audits to ensure corrected errors stayed corrected. Equifax could have instituted oversight checks but chose not to do so. | high |
| 03 | Equifax did not meaningfully engage with consumer advocacy groups to refine dispute processes. This isolation from stakeholder feedback allowed broken systems to persist. | medium |
| 04 | The $15 million civil penalty may be too small compared to Equifax’s revenues, potentially making it just a manageable cost of doing business rather than a meaningful deterrent. | medium |
| 05 | Equifax entered the Consent Order without admitting or denying wrongdoing, avoiding public accountability for the specific harms documented by the CFPB investigation. | medium |
| 06 | The company’s response to the 2017 data breach included public relations campaigns about improved security, but the current violations show the underlying culture has not changed sufficiently. | medium |
The PR Machine
Corporate social responsibility as window dressing · 5 points
| 01 | Equifax promoted corporate social responsibility initiatives and community programs while simultaneously running dispute systems that harmed those same communities through unfair credit decisions. | high |
| 02 | The company’s external messaging emphasized consumer well-being, but internal cost-cutting strategies limited resources for proper dispute handling, revealing the hypocrisy of its public commitments. | high |
| 03 | Equifax engaged in public-facing philanthropic activities that did not excuse the fundamental neglect of consumer disputes. True corporate responsibility cannot coexist with systematic legal violations. | medium |
| 04 | The disconnect between Equifax’s marketing claims about fairness and its operational reality showed that corporate social responsibility had become a cosmetic exercise rather than genuine commitment. | medium |
| 05 | Equifax’s claims about improvements must be viewed with skepticism until the company demonstrates in practice that it has eliminated the systemic issues documented in the Consent Order. | medium |
Wealth Disparity
How credit errors widened inequality · 6 points
| 01 | Wealthy individuals with financial advisors and lawyers could pressure Equifax to correct mistakes quickly, while struggling consumers lacked resources to fight back. This dynamic widened existing wealth gaps. | high |
| 02 | A single inaccurate tradeline could cost a potential homeowner the chance to buy property, eliminating a key pathway to generational wealth. This particularly harmed communities already facing racial wealth disparities. | high |
| 03 | Consumers stuck with unresolved errors remained in financial limbo while others with accurate reports moved forward with car purchases and home investments, creating a growing opportunity gap over time. | high |
| 04 | Low-income consumers and those with less financial literacy were more vulnerable to consequences of negative credit information. They had fewer pathways to address mistakes and less time to navigate complex dispute processes. | high |
| 05 | Someone forced to rely on inadequate public transportation due to wrongful car loan denial faced hindered job prospects. When multiplied across hundreds of thousands of affected people, the wealth disparity impact becomes vast. | medium |
| 06 | The credit reporting system’s concentration among three major bureaus left consumers with no meaningful choice or market alternative. This power asymmetry enabled errors to persist without competitive pressure for improvement. | medium |
Exploiting Delay
How the broken dispute process trapped consumers · 5 points
| 01 | Consumers had to file disputes multiple times for the same errors, facing indefinite cycles of phone calls, online submissions, and mailed documents. Some disputes numbered in the hundreds of thousands per month. | high |
| 02 | Equifax set restrictive criteria for acceptable identity theft proof but did not clearly communicate these requirements. Consumers sent documents the company would later dismiss, wasting months in the correction process. | high |
| 03 | The company’s narrow matching rules allowed previously deleted information to reappear on credit reports. Consumers who assumed matters were resolved discovered the same negative entries had returned without notice. | high |
| 04 | Weeks-long waiting periods for dispute resolution left consumers in uncertainty while credit decisions affecting housing, employment, and loans proceeded based on inaccurate data. | medium |
| 05 | Equifax’s practice of labeling disputes as frivolous or irrelevant prevented meaningful review and locked consumers out of the correction process, forcing them to start over repeatedly. | medium |
The Bottom Line
What this means for consumers and reform · 6 points
| 01 | The CFPB Consent Order documents a pattern of systematic legal violations, not isolated mistakes. Equifax’s flawed policies and coding failures prevented timely and accurate resolution of consumer disputes for years. | high |
| 02 | The mandated compliance measures require Equifax to limit data reinsertions, improve reinvestigation logic, and maintain better records. Success depends on continuous audits and threat of new penalties if old habits return. | medium |
| 03 | Consumers have reason for skepticism given Equifax’s track record of superficial improvements after earlier controversies. The real test is whether changes persist once public scrutiny diminishes. | medium |
| 04 | Credit reporting affects major life decisions including homeownership, employment, and access to essential services. Flawed credit data undermines economic mobility and widens inequality for entire communities. | high |
| 05 | Fundamental reform of the credit reporting system requires stricter legal standards, increased transparency, accountability in corporate governance, consumer empowerment, and potentially public alternatives to for-profit models. | medium |
| 06 | The Consent Order resolves only violations the Bureau knows about as of the effective date. It does not provide immunity for other potential liabilities that may arise from these practices. | medium |
Timeline of Events
2017
Equifax suffers massive data breach exposing sensitive consumer information, launches public relations campaigns promising improved security
2019-2024
Equifax operates flawed dispute resolution systems, failing to properly investigate hundreds of thousands of consumer credit report disputes
2022
Coding error in Equifax Online Model Server miscalculates credit scores for hundreds of thousands of consumers, causing wrongful denials and higher rates
January 2025
CFPB files Consent Order documenting systematic FCRA violations and unfair practices, imposing $15 million civil penalty
January 16, 2025
Equifax Chief Legal Officer John J. Kelley signs Stipulation and Consent without admitting or denying wrongdoing
January 17, 2025
Consent Order filed with CFPB administrative docket, becoming effective and fully enforceable
Direct Quotes from the Legal Record
QUOTE 1
Core jurisdiction and violations
allegations
“The Consumer Financial Protection Bureau (Bureau) intends to initiate an administrative proceeding against Equifax, Inc. and Equifax Information Services LLC (Respondent), under 12 U.S.C. §§ 5563 and 5565, for its processing of consumer disputes related to consumer reports in violation of the Fair Credit Reporting Act (FCRA), 15 U.S.C. § 1681 et seq. and the Consumer Financial Protection Act of 2010 (CFPA), 12 U.S.C. §§ 5536(a)(1)(a)-(b), 5564, and 5565.”
💡 This establishes the legal foundation showing Equifax violated both the Fair Credit Reporting Act and the Consumer Financial Protection Act through its dispute handling practices.
QUOTE 2
No admission of wrongdoing
accountability
“Respondent, in the interest of compliance and resolution of the matter, and without admitting or denying any wrongdoing, consents to the issuance of a Consent Order substantially in the form of the one to which this Stipulation and Consent to the Issuance of a Consent Order is attached (Consent Order), and which is incorporated by reference.”
💡 Equifax settled without admitting guilt, a common tactic that allows companies to avoid accountability while paying fines that may be insufficient to deter future violations.
QUOTE 3
Collateral estoppel effect
accountability
“Respondent agrees that the facts described in Section V of the Consent Order will be taken as true and be given collateral estoppel effect, without further proof, in any proceeding before the Bureau to enforce the Consent Order, or in any subsequent civil litigation by the Bureau to enforce the Consent Order or its rights to any payment or monetary judgment under the Consent Order, such as a non-dischargeability complaint in any bankruptcy case.”
💡 The facts established in the Consent Order will be legally binding in future enforcement actions, meaning Equifax cannot later dispute what happened.
QUOTE 4
Limited scope of settlement
accountability
“The Consent Order resolves only Respondent’s potential liability for law violations that the Bureau asserted or might have asserted based on the practices described in Section V of the Consent Order, to the extent such practices occurred before the Effective Date and the Bureau knows about them as of the Effective Date. Respondent acknowledges that no promise or representation has been made by the Bureau or any employee, agent, or representative of the Bureau, about any liability outside of this action that may have arisen or may arise from the facts underlying this action or immunity from any such liability.”
💡 This settlement only covers violations the CFPB currently knows about, leaving Equifax exposed to additional liability if more consumer harm is discovered.
QUOTE 5
Waiver of hearing rights
regulatory
“The rights to all hearings under the statutory provisions under which the proceeding is to be or has been instituted; the filing of proposed findings of fact and conclusions of law; proceedings before, and a recommended decision by, a hearing officer; all post-hearing procedures; and any other procedural right available under Section 1053 of the CFPA, 12 U.S.C. § 5563, or 12 C.F.R. Part 1081”
💡 Equifax waived its right to challenge the findings in court, expediting the settlement but preventing public examination of the full evidence against the company.
QUOTE 6
Waiver of fee recovery
accountability
“Any claim for fees, costs, or expenses against the Bureau, or any of its agents or employees, and any other governmental entity, related in any way to this enforcement matter or the Consent Order, whether arising under common law or under the terms of any statute, including, but not limited to the Equal Access to Justice Act and the Small Business Regulatory Enforcement Fairness Act of 1996; for these purposes, Respondent agrees that Respondent is not the prevailing party in this action because the parties have reached a good faith settlement”
💡 Equifax cannot recover legal fees or costs, and must accept that it is not the prevailing party despite settling without admitting wrongdoing.
QUOTE 7
No bias claims allowed
regulatory
“Any right to claim bias or prejudgment by the Director based on the consideration of or discussions concerning settlement of all or any part of the proceeding.”
💡 Equifax cannot later claim the CFPB Director was biased, even though the Director both negotiated the settlement and issued the final order.
QUOTE 8
Binding on successors
accountability
“The terms and provisions of this Stipulation and the Consent Order will be binding upon, and inure to the benefit of, the parties hereto and their successors in interest.”
💡 If Equifax is sold or merged, the new owners will still be bound by this settlement and its compliance requirements.
QUOTE 9
Entry without further notice
regulatory
“Respondent agrees that the Bureau may present the Consent Order to the Bureau Director for signature and entry without further notice.”
💡 Equifax agreed to allow the Director to finalize the order immediately without additional process, waiving its right to any final review or negotiation.
QUOTE 10
No service required
regulatory
“Any right to service of the Consent Order, and agrees that entry of the Consent Order on the administrative docket will constitute notice to Respondent of its terms and conditions”
💡 Equifax waived formal service requirements, meaning it cannot later claim it was not properly notified of the order’s terms and obligations.
QUOTE 11
Enforcement authority
regulatory
“Respondent agrees that the Consent Order will be deemed an order issued with the consent of the person concerned under 12 U.S.C. § 5563(b)(4) and agrees that the Consent Order will become a final order, effective upon its entry on the administrative docket, and will be fully enforceable by the Bureau under 12 U.S.C. §§ 5563(d)(1) and 5565.”
💡 The CFPB can immediately enforce this order without additional proceedings, giving the agency strong tools to ensure Equifax complies with the mandated reforms.
QUOTE 12
Voluntary agreement
accountability
“Respondent voluntarily enters into this Stipulation and Consent to the Issuance of a Consent Order (Stipulation).”
💡 Equifax claims it voluntarily agreed to this settlement, but this came only after a federal investigation documented systematic legal violations affecting hundreds of thousands of consumers.
Frequently Asked Questions
What did Equifax do wrong?
Equifax violated federal law by failing to properly investigate consumer disputes about credit reports. The company ignored documents people sent, used oversimplified dispute codes that missed important details, improperly put deleted information back on credit reports without notice, failed to protect identity theft victims within required timeframes, and made coding errors that wrongly calculated hundreds of thousands of credit scores.
How many people were affected by Equifax’s failures?
Hundreds of thousands of consumers were harmed. The CFPB found that Equifax’s credit score coding error alone affected hundreds of thousands of people, with some scores dropping 25 points or more. The dispute handling failures and improper reinsertion of data affected additional hundreds of thousands of consumers over multiple years.
What happens if my credit score was wrong because of Equifax?
If Equifax miscalculated your credit score or failed to correct errors on your report, you may have been wrongly denied loans, charged higher interest rates, rejected for apartments, or passed over for jobs. The Consent Order requires Equifax to fix its systems, but you may need to dispute errors again and document any financial harm you suffered.
Did Equifax admit it broke the law?
No. Equifax agreed to the Consent Order without admitting or denying wrongdoing. This is a common settlement tactic that allows companies to pay fines and agree to reforms without taking legal responsibility for the harm they caused.
How much is Equifax paying in penalties?
Equifax must pay a $15 million civil money penalty to the CFPB. Critics note this amount may be small relative to the company’s revenues and the scale of consumer harm, potentially making it just a cost of doing business rather than a meaningful deterrent.
Will I get money from this settlement?
The Consent Order does not establish a consumer compensation fund. The $15 million penalty goes to the government. If you were harmed by Equifax’s failures, you may need to pursue your own dispute process or consider other legal options.
What is Equifax required to do now?
Equifax must fix its dispute investigation processes, stop improperly reinserting deleted data, improve its identity theft blocking procedures, maintain better records, and submit to ongoing audits. The company must also ensure that consumer-submitted documents are properly reviewed during reinvestigations.
What should I do if Equifax has errors on my credit report?
File a dispute directly with Equifax and provide all supporting documents that prove the information is wrong. Keep copies of everything you send and document all communications. If Equifax does not fix the error, you can file a complaint with the Consumer Financial Protection Bureau at consumerfinance.gov or consult with a consumer rights attorney.
How do I know if I was affected by the 2022 credit score error?
If you had a credit decision made during 2022 and noticed an unexpected score drop or denial, you may have been affected. Check your credit reports from all three bureaus and look for score discrepancies or unexplained changes during that period.
Can Equifax do this again?
The Consent Order is supposed to prevent these violations from continuing, but it only covers practices the CFPB knows about as of the settlement date. Consumer advocates remain skeptical because Equifax has a history of promising improvements after earlier controversies without fundamentally changing its culture. Ongoing monitoring and potential additional penalties are meant to ensure compliance.
💡 Explore Corporate Misconduct by Category
Corporations harm people every day — from wage theft to pollution. Learn more by exploring key areas of injustice.
- 💀 Product Safety Violations — When companies risk lives for profit.
- 🌿 Environmental Violations — Pollution, ecological collapse, and unchecked greed.
- 💼 Labor Exploitation — Wage theft, worker abuse, and unsafe conditions.
- 🛡️ Data Breaches & Privacy Abuses — Misuse and mishandling of personal information.
- 💵 Financial Fraud & Corruption — Lies, scams, and executive impunity.
