Consumer Alerts

Consumers may begin filing claims at www.equifaxbreachsettlement.com

SACRAMENTO – California Attorney General Xavier Becerra today encouraged consumers to begin the process of applying for restitution and submitting documentation for claims from the Equifax Settlement. The settlement resolved allegations that the credit reporting agency improperly exposed the personal information of 147 million consumers, including 15 million Californians, after a massive data breach in 2017. Data exposed by the breach included names, Social Security numbers, birth dates, addresses, and in some instances, driver’s license numbers. Equifax did not disclose the breach, which lasted from mid-May through July 2017, until September 2017. The settlement requires Equifax to pay up to $425 million into a restitution fund and  $175 million in state penalties, and offer benefits like credit monitoring and consumer assistance for eligible customers.

“On top of holding Equifax accountable for one of the most devastating data breaches to face our nation, we have now recovered hundreds of millions of dollars to help our families who fell victim,” said Attorney General Becerra. “Our credit status impacts nearly every aspect of our lives – from purchasing a home or a car to finding a job. The same Americans who had to immediately protect themselves from fraudsters or identify thieves will have to be vigilant for the rest of their lives. We encourage every eligible person to apply for the relief they are entitled to as part of our settlement.”

Depending on eligibility, consumers may receive one or more of the following:

• Cash reimbursement for time or money spent trying to avoid or recover from fraud or identity theft because of the breach, and out of pocket losses resulting from the data breach;
• Free credit monitoring services for up to 10 years, or, alternatively, a payment of up to $125 for buying a different credit monitoring service;
• Reimbursement for up to 25 percent of the cost of Equifax credit monitoring paid for in the year leading up the data breach announcement; and
• At least seven years of free identity restoration services to help remedy the effects of identity theft and fraud.

Consumers may visit www.equifaxbreachsettlement.com to file a claim, learn more about eligible benefits, determine whether their information was impacted by the breach, or contact the settlement administrator. The webpage, documentation, and the claims process are managed by the settlement administrator, not by Equifax. Affected consumers may also call the settlement administrator at 1-833-759-2982 and request to receive information by mail.  

California consumers to receive $21 million in relief

SACRAMENTO – California Attorney General Xavier Becerra today announced a settlement with Student CU Connect CUSO, LLC (CUSO) resolving allegations related to its involvement in an illegal private loan scheme to benefit itself at the expense of its students. CUSO provided private loans for students to attend the now-defunct, predatory ITT Technical Institute (ITT Tech). With substantial assistance from CUSO, ITT Tech conducted a coordinated scheme to misdirect student borrowers towards expensive student loans that borrowers struggled to repay. The settlement will provide $168 million in relief to 22,000 borrowers - 4,000 of whom are in California. Many of these students were low-income and the targets of aggressive and misleading sales tactics by the school.

“ITT Tech, aided by CUSO, ripped off thousands of students in this illegal and coordinated scam,” said Attorney General Becerra. “In addition to grossly overcharging vulnerable students for a sham education, the companies guided students toward expensive and unwieldy loans that were nearly impossible to pay back. Students should be worrying about homework, not predators looking to exploit them for a quick buck.”

ITT Tech – one of the most expensive for-profit post-secondary institutions – received revenues from student tuition and fees. As required by federal law known as the 90/10 Rule, private for-profit schools may receive no more than 90 percent of their revenue from federal public loans, with the remainder originating from other sources. ITT Tech enlisted CUSO to provide ITT Tech students with private loans for this purpose. It then steered borrowers toward the lender. This scheme was designed for ITT Tech to enhance its financial statements, its appearance with investors, and to facilitate compliance with the 90/10 Rule.

The loan program issued $189 million in loans to ITT Tech students between 2009 and 2011. ITT Tech staff targeted students through aggressive tactics, including pulling students from class, withholding course material or transcripts, and rushing students through financial aid appointments. The company projected that more than 60 percent of students would default on the loans, which carried interest rates as high as 16.25 percent. These loans covered tuition gaps for which ITT Tech had previously offered short-term loans called “Temporary Credits.” Temporary Credits were zero-interest loans payable in nine months, but were presented to students as loans payable upon graduation. The credits had a high default rate, as students were unable to repay the full amount in such a short time. By extending loans through CUSO, ITT Tech could remove these unpaid credit balances from its financial reports.

Besides requirements that CUSO provide $168 million to student borrowers, the settlement includes restitution and borrower relief. CUSO will cease conducting business, including acquiring or issuing student loans, and cease all collection activities. CUSO will also cancel all outstanding balances of consumer loan accounts and will direct credit reporting agencies to delete these balances from consumers’ credit reports. CUSO will implement a consumer redress plan to notify consumers of the settlement.

A copy of the final judgment can be found here.

Settlement Requires Increased Consumer Assistance and Ten Years of Free Credit Monitoring

SACRAMENTO – California Attorney General Xavier Becerra today announced a nationwide settlement against Equifax resolving allegations that the credit reporting agency improperly exposed the personal information of 147 million consumers, including 15 million Californians, after a massive data breach in 2017. The breach occurred after Equifax failed to apply a critical software fix and implement security measures that would have protected and encrypted consumers’ data. Data exposed by the breach included names, Social Security numbers, birth dates, addresses, and in some instances, driver’s license numbers. Equifax did not disclose the breach, which lasted from mid-May through July 2017, until September 2017. The settlement requires Equifax to pay up to $425 million into a restitution fund for affected consumers, pay another $175 million to states in penalties, and offer additional benefits like credit monitoring and consumer assistance for eligible consumers. In addition to other robust injunctive terms, Equifax must implement and maintain critical data security enhancements.

“On top of holding Equifax accountable for one of the most devastating data breaches to face our nation, we have now recovered hundreds of millions of dollars to help our families who fell victim. Equifax, one of only three major credit reporting agencies, had a responsibility to secure and protect Americans' data. Instead, it breached public trust,” said Attorney General Becerra. “Our credit status impacts nearly every aspect of our lives – from purchasing a home or a car to finding a job. The same Americans who had to immediately protect themselves from fraudsters or identify thieves will have to be vigilant for the rest of their lives. We encourage every eligible person to apply for the relief they are entitled to as part of our settlement.”

Affected consumers may get more information about the $425 million restitution fund by going to www.equifaxbreachsettlement.com or calling the settlement administrator at 1-833-759-2982. Eligible consumers may receive cash reimbursement for time or money spent trying to avoid or recover from fraud or identity theft because of the breach, as well as limited reimbursement for payments for Equifax credit monitoring or identity theft protection subscriptions. Eligible consumers may also receive free credit monitoring services for a period of up to ten years, or, alternatively, a cash payment for buying a different credit monitoring service. 

This settlement is a result of collaborative efforts by a multistate coalition led by Attorney General Becerra. This settlement is also related to the settlements announced today by the Federal Trade Commission, the Consumer Financial Protection Bureau, and private litigants as part of a class action lawsuit. In addition to the restitution and credit monitoring provided by the settlement, Equifax will pay $175 million in penalties to the states, including more than $18.7 million to California, to support continued oversight and enforcement of consumer protection laws.

As part of the injunctive terms of the settlement, Equifax agrees to:

• Create a consumer assistance process responsive to claims of identity theft that includes affirmative assistance to consumers:
• Make reasonable efforts to reduce its use and storage of consumer Social Security numbers, including when using a Social Security number to authenticate consumers;
• Adhere to ban on profiting from data collected in connection with the breach or the remedies provided under the settlement;
• Comply with requirements related to its collection, maintenance, and safeguarding of consumer personal information;
• Implement and maintain a comprehensive and rigorous Information Security Program to protect the security of personal information; and
• Employ a Chief Information Security Officer and additional staff, who will report directly to the company's executive team, to oversee information security within each of the company's business units.

In addition to Attorney General Becerra, other Attorneys General participating in this settlement include Alabama, Alaska, Arizona, Arkansas, Colorado, Connecticut, Delaware, Florida, Georgia, Hawaii, Idaho, Illinois, Iowa, Kansas, Kentucky, Louisiana, Maine, Maryland, Michigan, Minnesota, Mississippi, Missouri, Montana, Nebraska, Nevada, New Hampshire, New Jersey, New Mexico, New York, North Carolina, North Dakota, Ohio, Oklahoma, Oregon, Pennsylvania, Rhode Island, South Carolina, South Dakota, Tennessee, Utah, Vermont, Virginia, Washington, Wisconsin, Wyoming, and the District of Columbia. Also joining are Texas, West Virginia and the Commonwealth of Puerto Rico.

A copy of the complaint can be found here. The final approved judgment can be found here.

SACRAMENTO - California Attorney General Xavier Becerra today announced the recovery of over $1 million for California as part of a multistate settlement against health insurer Premera Blue Cross (Premera). The settlement resolves allegations that the health insurer violated state and federal privacy laws arising from a 2014 data breach. The settlement was the result of a multistate investigation and includes $10 million in civil penalties, of which California will receive $1,002,814. It also includes significant injunctive terms requiring Premera to implement reasonable security to protect consumers’ personal and medical information and to maintain a compliance program.

“Consumers who entrust their health information to companies deserve security in return. Companies have a responsibility to protect consumers’ private information, especially sensitive health information,” said Attorney General Becerra. “Premera’s failure to protect the private information of millions of patients is unacceptable. This settlement should send a strong message to companies with loose data privacy practices: it doesn’t pay to cut security corners.”

The settlement stems from a data breach that was publicly announced in March 2015, where the personal information of 10.5 million consumers, including 400,000 Californians, was breached. The data included the consumers’ names, Social Security numbers, bank account information, medical information, and health claims-related data. Attackers gained access to patient data by sending fake, targeted emails to Premera employees. These emails contained malware that allowed the attackers to spend months compromising Premera’s inadequately-secured network.

The multistate investigation found that the company lacked basic data security, failed to monitor its network for malicious activity, and disregarded experts’ warnings of security flaws. In addition, it failed to limit access to sensitive information, allowing employees without business need to access the information.

The settlement resolves allegations that Premera violated each state’s consumer protection and medical information laws, as well as the federal Health Insurance Portability & Accountability Act (HIPAA), which established national standards and safeguards to protect personal health information.

A copy of the complaint can be found here and the proposed judgment can be found here.

SACRAMENTO – California Attorney General Xavier Becerra today issued a consumer alert following the Governor’s declaration of a state of emergency in Kern County due to a 6.4 magnitude earthquake on July 4, 2019, near the City of Ridgecrest, California. The proclamation declared on July 4 applies to Kern County. Attorney General Becerra reminds all Californians that price gouging during a state of emergency is illegal under Penal Code Section 396.

“Families throughout Kern County are grappling with the significant damage caused by this earthquake and ongoing aftershocks. They should not have to worry about unscrupulous businesses trying to illegally cheat them out of fair prices,” said Attorney General Becerra. “California’s price gouging law protects people impacted by an emergency from illegal price gouging on housing, gas, food, and other essential supplies. I encourage anyone who has been the victim of price gouging, or who has information regarding potential price gouging, to immediately file a complaint through my Office’s website or call (800) 952-5225, or to contact their local police department or sheriff’s office.”

California law generally prohibits charging a price that exceeds, by more than 10 percent, the price of an item before a state or local declaration of emergency. This law applies to those who sell food, emergency supplies, medical supplies, building materials, and gasoline. The law also applies to repair or reconstruction services, emergency cleanup services, transportation, freight and storage services, hotel accommodations, and rental housing. Exceptions to this prohibition exist if, for example, the price of labor, goods, or materials has increased for the business.

Violators of the price gouging statute are subject to criminal prosecution that can result in a one-year imprisonment in county jail and/or a fine of up to $10,000. Violators are also subject to civil enforcement actions including civil penalties of up to $2,500 per violation, injunctive relief, and mandatory restitution. The Attorney General and local district attorneys can enforce the statute.

SACRAMENTO – California Attorney General Xavier Becerra today announced a lawsuit against Texas-based ClubCorp Inc., owner-operator of more than 200 private golf and country clubs nationwide, for failing to repay more than $10 million owed to its more than 9,000 California members. Under the contract entered into by club members, the money, paid as deposits by members, had to be returned after 30 years. Instead, ClubCorp only returned the money if asked and otherwise continued using the money for its own purposes. Given that the club targeted members in mid-life, many of the members to whom the club owed dues are senior citizens.

“We are taking action against ClubCorp on behalf of thousands of Californians,” said Attorney General Becerra. “Instead of repaying money owed to its members, ClubCorp allegedly pocketed its members’ money unless reminded of its obligation. Through this lawsuit, we are reminding ClubCorp that it’s time for the company to return the millions it owes to Californians.” 

The complaint further alleges ClubCorp violated the California False Claims Act by filing reports with the State Controller’s Office that falsely omitted the amounts it owed to its members. If ClubCorp could not return that money to its members, it was required to provide it to the Controller to be held for the rightful owner. ClubCorp is not allowed to simply keep the money, and in doing so is alleged to have violated the law. 

A copy of the complaint can be found here.

SACRAMENTO – California Attorney General Xavier Becerra announced today judgments totaling $1,498,574 in a lawsuit against telemarketers who scammed investors. The company, Consumer Rights Legal Services (CRLS), and four individuals, including CRLS’s president and owner, James Davitt, cheated more than 150 victims by offering bogus “investment recovery services” that they claimed would recover money victims had lost from previous investments. Many of the victims were elderly and had already lost hundreds of thousands of dollars from previous schemes.

“The California Department of Justice is committed to protecting consumers from unscrupulous operators who prey on the most vulnerable,” said Attorney General Becerra. “In this case, these con artists not only targeted the elderly, they doubled down to cheat Californians who had already been the victims of financial fraud. Today’s announcement sends a strong message that California will not stand for those who choose to disregard our laws, and we stand ready to prosecute anyone who violates them.” 

The telemarketers, operating out of Long Beach, cheated victims by making a false and deceptive sales pitch that CRLS could recover their investments for an up-front fee of several thousand dollars. In truth, the company offered only false hope and recovered nothing for the victims. In some instances, victims even paid CRLS to recover fees they had paid to a prior “investment recovery” scam called Consumer Advocate Services Enterprises, where Davitt and other CRLS personnel had previously worked. In addition to judgments totaling $930,800 in penalties and $567,774 in restitution, Attorney General Becerra recovered almost $25,000 in victim restitution pursuant to a bond issued to CRLS under California’s Telephonic Sellers Law.  

Since taking office, Attorney General Becerra has made protecting consumers a top priority. Among other actions, Attorney General Becerra recovered $148.7 million for California from Wells Fargo in settlements over the bank’s systematic misconduct to exploit its own customers; recovered $102 million from BP Energy in a settlement for overcharging Californians for natural gas; and reached a settlement to provide over $51 million in debt relief for students deceived by the now-defunct for-profit Corinthian Colleges.

Consumers are encouraged to report scams to the Office’s Public Inquiry Unit by calling (800) 952-5225 or by submitting a complaint.

A copy of the judgments can be found attached to the electronic version of this press release here.