Washington State

Office of the Attorney General

Attorney General

Bob Ferguson

Sep 13 2019

Ferguson File Header

Dear Friends,

Even with the beautiful summer weather this July and August — my office has been busy protecting the people and environment of Washington state.

We held two major companies accountable for data breaches, one the largest insurance company in the Pacific Northwest and the other as part of the largest data breach enforcement action in U.S. history.

We filed a lawsuit against the U.S. Navy in efforts to protect the vulnerable wildlife and communities on Whidbey Island.

We challenged the Trump Administration’s abhorrent treatment of immigrant children and their unlawful expansion of the “public charge” rule. We also eliminated another corporate chain’s “no-poach” rule.

I remain tremendously grateful for the hard work of all the attorneys and professional staff in the Office of the Attorney General.

As we continue to defend affordable health care, Washingtonians’ privacy and workers’ rights, you can read about it here with summaries containing links to news releases, claim forms and an inaugural Labor Day report.

In this issue:

Thank you for following the work of the Attorney General’s Office.



Bob Ferguson
Washington State Attorney General

Keeping personal data safe

Keeping Washingtonians’ personal data safe

This July my office held two companies accountable for failing to reasonably secure Washingtonians’ personal data — Equifax, a major credit-reporting agency, and Premera Blue Cross, the largest health insurance company in the Pacific Northwest.

Equifax will pay more than half a billion dollars because of a 2017 data breach affecting nearly 150 million individuals nationwide. Up to $425 million of that will go directly to consumers who were harmed. This is the largest data breach enforcement action in U.S. history.

To check if you were impacted and for information on filing a claim, visit www.equifaxsettlementbreach.com.

The resolution with my office, 49 other attorneys general and the federal agencies involved,  asserts that Equifax failed to put procedures in place to fix security issues — despite being alerted to the vulnerability in its network — leading to the breach.

From May 2017 through July 2017, hackers had access to Equifax’s network, affecting approximately 148 million consumers across the United States. More than 3 million Washingtonians’ personal information was compromised.

Similarly, Premera will pay $10 million over its 2014 data breach that affected the private health care information of over 10.4 million individuals.

Premera had an obligation to safeguard the privacy of millions of Washingtonians — and failed. As a result, millions had their sensitive information exposed. Hackers had access to sensitive personal information, including private health information, social security numbers, bank account information, names, addresses, phone numbers, member identification numbers and email addresses.

More information about the class action is available here.

When companies handle Washingtonians’ personal data, we expect them to keep that information safe. Premera misled Washingtonians and other consumers nationwide about its privacy practices before and after the data breach. Equifax also fell short in its obligations. These resolutions hold Equifax and Premera accountable to the millions of individuals who had their information stolen.

KING-5 News
Washington State Attorney General Bob Ferguson breaks down the latest with the Equifax data breach – New Day Northwest  

Premera Blue Cross pays states $10 million over data breach

The Seattle Times
Premera Blue Cross pays states $10 million over data breach