Marianne GoodlandMarianne GoodlandJanuary 3, 20184min1375

UPDATED with comment from Rep. Williams on credit alternatives.

More than 145 million Americans woke up on Sept. 8 to find that their personal data, including Social Security numbers,  birth dates, addresses and, in some instances, driver’s license numbers had been stolen through a security breach at the credit reporting agency Equifax.

Rep. Dave Williams of Colorado Springs believes the response by credit agencies to the data breaches has been less than satisfying and intends to sponsor a bill in the 2018 session to allow consumers to protect themselves and their financial and personal data.

Republican Williams said Tuesday that the “traditional response from credit agencies when these types of cyber security threats occur has been woefully inadequate to say the least. Equifax was utterly negligent when they allowed cyber criminals to steal the intimate information of over 145 million Americans.”

Williams said his bill would allow victims to control their private information. The bill would also incentivize credit agencies to protect consumers and “uphold their fiduciary reasonability to the individual people they hold immense financial influence over.”

Because of these data breaches, Williams said, “consumers are left with having to deal with cyber criminals and identity thieves for years to come, while Equifax and others continue to profit with little to no relief given to the true victims.”

Under the bill, consumers can “opt out” of a credit agency, which would prevent that agency from selling the information to a third party. The bill also will allow consumers who were victimized in a data breach to hold the agency responsible by requiring the agency to turn over the consumer’s credit file and any other consumer reports the agency has developed on the consumer. The agency would also be required to purge the consumer’s file, both the physical file and the electronic record, and would be prohibited from recording or retaining any information on the affected consumer.

UPDATE: The bill raises questions about credit options for consumers should they opt out of the credit reporting agencies. Williams on Wednesday told Colorado Politics that there are three main credit agencies that banks rely on, and “banks also can look at income and assets versus liabilities like they used to. They can even look at any other criteria they choose.”

In addition, Williams said, the marketplace “has alternatives and solutions for consumers who opt out of one or more of the credit agencies. The point is consumers, especially victims like in the case of Equifax, should have the choice, not a credit agency that has proven irresponsible with people’s private information.”


Joey BunchJoey BunchDecember 22, 20172min620

An employee at the Colorado Mental Health Institute at Pueblo fell for a phishing scam on a state computer on Nov. 1, but an investigation has found no evidence the phishers caught any data, the state Department of Human Services said Friday afternoon.

Phishing is an internet scam that involves getting access to passwords or other entry into a computer or  network to steal money or data.

Though there was no sign that sensitive patient records were tapped, “some personal information could have been compromised,” said DHS, citing name, date of birth, Social Security number, address, phone number, insurance information, admission and discharge dates.

The patients have been directed to the three credit reporting companies for a free copy of their credit report to make sure no one uses their identity.

Though everything seems fine so far, DHS is required to disclose the breach by the Health Insurance Portability and Accountability Act, because it potentially could have exposed personal information of more than 500 patients. This case involved the records of potentially 650 patients, DHS said.

“CMHIP has taken steps to notify all individuals who may have been affected and is working with HIPAA Privacy and Security staff to create new technical safeguards, review and revise privacy policies and procedures, and institute additional training for all CMHIP staffers to further address this issue,” DHS said in a statement.


Jessica MachettaNovember 9, 20177min406
Senator Cory Gardner (R-Colo.) questioned former Equifax CEO Richard Smith and Equifax interim-CEO Paulino do Rego Barros, Jr., about the company’s massive data breach at a Senate Commerce, Science, and Transportation Committee hearing. Equifax said in September that hackers breached a flaw in their system, stealing names, Social Security numbers, birth dates, addresses and driver’s […]

This content is only available to subscribers.

Login or Subscribe


Tom RamstackTom RamstackOctober 18, 201615min381

Ongoing accusations by the Obama administration that the Russian government should be blamed for hacking the computers of presidential campaigns is reviving calls by federal lawmakers for improvements to internet security. Among them is Colorado Republican U.S. Sen. Cory Gardner, who pledged to introduce a bill imposing stiff sanctions on Russian cyber-criminals. “Russia’s interference with American democracy is a direct threat to our political process and it may only be the tip of the iceberg," Gardner said in a statement. "It is imperative that Russia’s behavior is met with strength in the form of aggressive sanctions to show the world that its cyber-crimes will not be tolerated.”