Equifax and CAA Identity Protection

RE: Equifax Data Breach
Skip to Question & Answer >>

 

CAA entered into a contract with Equifax Canada that began in March 2015 and ended June 30, 2017, under which Equifax agreed to provide consumer credit and identity theft protection services to CAA members who enrolled for those services.

We did so with the intent of providing a means for members to have confidence that their personal information could be protected from those who seek to use it for disreputable purposes. We chose Equifax as a partner because they were one of the most long-established brands in this category, and we wanted to give members the most assurance we could about this new member benefit.

The contract required Equifax to treat as confidential and to safeguard all personal information provided to Equifax by CAA members in accordance with all applicable laws, including Canada’s privacy laws (PIPEDA).

Since the data breach in the U.S. came to light late last week, we have been seeking answers from Equifax about whether CAA member data and other Canadian data were compromised. As of now, we have received no clear information from Equifax about the status of our members’ information and whether or not it was breached. Equifax has publicly stated that Canadian information was likely not compromised unless a Canadian might have applied for credit in the United States, but that is as much as we have been provided.

We are hopeful that this is accurate.

Equifax has made public a website for Canadians about the situation: http://www.consumer.equifax.ca/home/en_ca

We had hoped that Equifax would be more forthcoming about the breach beyond what has been available in the public domain, in order to be able to assist CAA members that subscribed to this program. Our requests to them since September 7 (the date when this breach became public information) have not yielded anything beyond what is available publicly.

We will continue to press Equifax for information about the breach and the potential implications for those CAA members that signed up. We hope to provide more information if it becomes available by this website.

If you require further information from CAA Niagara, please contact Member Services at 1-800-263-7272.

UPDATE: Equifax Canada announced on September 19, 2017 that they will provide Canadians with additional clarity on data breach

The Office of the Privacy Commissioner said they have a commitment from Equifax to inform all affected Canadians. We continue to press both the Office of the Privacy Commissioner and Equifax to let us know which of our members are affected.

In the meantime, if you signed up for the CAA-Equifax service, CAA encourages you to visit the RCMP’s website: http://www.rcmp-grc.gc.ca/scams-fraudes/id-theft-vol-eng.htm. It offers advice on what to look out for if you think someone is using your personal information, such as unusual activity on your credit card or bank accounts, as well as steps to take if you suspect someone is using your personal information.

 

Question & Answer

Are all CAA members enrolled in the Equifax ID protection program?
CAA Plus and Premier Members were eligible to enroll in ID Protect from March 2015 through June 2017, when CAA ended the program with Equifax due to low enrollment. CAA Niagara had less than 2,200 members enrolled. Members who chose to enroll would have done so directly with Equifax.

I enrolled in the program, should I be concerned?
Since the first reports of the Equifax breach surfaced, CAA has been trying to determine if any of the approximately 10,000 CAA Members nationwide who enrolled in the program were affected. As of now, we have received no clear information from Equifax about the status of our members’ information. Equifax has publicly stated that Canadian information was likely not compromised unless a Canadian might have applied for credit in the United States.

When did CAA find out about the Equifax breach?
CAA became aware at the same time as the public on September 7th, 2017.

What assurances did CAA have with regard to protecting personal data?
We value our members’ privacy. Our contract explicitly stated data provided to Equifax by CAA Members would be governed by Canada’s privacy law, PIPEDA. CAA chose Equifax as a partner because of their then highly regarded reputation.

When and why did the CAA/Equifax partnership end?
CAA was in a partnership with Equifax that was terminated on July 1, 2017 due to low enrollment in the program. This decision to end the partnership was made in advance of any knowledge of the breech. As part of the termination, Equifax was required to purge all data it had collected from CAA members.

How can I get updates about the Equifax breach?
CAA Niagara will continue to update this website, caaniagara.ca/equifax, as more information becomes available.

 

Last updated September 19, 2017 at 1:44 pm