The massive data breach at Equifax — one of the largest credit reporting agencies in the United States — underscores an urgent need to tighten everyday cyber-security measures and hold companies accountable when consumers are wronged.

In this latest hacking case, thieves may have lifted extensive identity information — Social Security numbers, birth dates, addresses and even driver’s license numbers — for roughly 44 percent of the U.S. population. In response, members of Congress are rightly sounding alarms, with Hawaii’s two senators pushing hard for Equifax to step up consumer protections.

U.S. Sen. Brian Schatz has reintroduced the Stop Errors in Credit Use and Reporting (SECURE) Act, legislation that would make it easier for consumers to spot and resolve identity theft, fraud and errors in credit reports. And U.S. Sen. Mazie Hirono is among 20 Senate Democrats who on Monday called for Equifax to completely end its use of forced arbitration agreements, which limit the ability of consumers to pursue courtroom recourse in the wake of corporate wrongdoing.

The incident also serves as a wake-up call for consumers: As technology evolves, we must do more to lock down our own digital lives. Lax personal security clearly increases risk of exposure to ID theft and damaging fraudster debt accrued in our names. After all, even in cases in which cyber-security is top priority, the risk to the proverbial firewall around a network of sensitive information is never zero.

Amid public pressure, Equifax is now taking a few steps to better protect consumers. Its initial paltry response to last week’s headlines about the hacking was to offer consumers a one-year complimentary subscription to credit monitoring, which detects ID theft and fraud after it occurs. On Monday, the company said it would also waive all fees for people who want to freeze their Equifax credit files. That’s a more proactive step.

A security freeze means that your credit file cannot be shared with potential creditors. It can help prevent ID theft because most businesses will not open credit accounts without first checking credit history. And if your files are frozen, even if a fraudster has your name and Social Security number, it’s unlikely that credit will be obtained in your name.

Also, the company has scrapped its initial effort to restrict consumer recourse in this case to private arbitration. A letter signed by Hirono and the other senators applauded that move but rightly expressed dismay that the company’s overarching terms of service still opts for arbitration, which hinders the option of class-action lawsuits.

The letter correctly asserted that: “Forced arbitration provisions in consumer contracts erode Americans’ ability to seek justice in the courts by forcing them into a privatized system that is inherently rigged against consumers and which offers virtually no way to challenge a biased outcome.”

While Atlanta-based Equifax scrambles to untangle problems with its financial records caused by the breach, the proposed SECURE Act should be supported as a means to set the stage for safer access to more accurate credit reports. Schatz said: “Because these credit agencies operate in the dark, they are allowed to be terribly unfair and unaccountable. Millions of Americans have bad credit because of mistakes from credit agencies.”

Currently, there are no minimum standards for credit reporting agencies (CRAs) and data providers to accurately match consumer names, addresses and other personal information, which contributes to credit report errors. The SECURE Act would establish procedures that CRAs must follow to ensure maximum possible accuracy. It would also require CRAs to pass along documentation sent by consumers to data providers, making it easier for a consumer to correct a credit report.

Among other things, the bill would also: protect children from ID theft by enabling parents to impose a security freeze on their child’s credit report; and improve regulation enforcement by creating a national registry of CRAs, through which consumers could track which companies are collecting and disseminating information about them.

In the aftermath of the Equifax breach — and in anticipation of inevitable future hacking incidents — members of Congress and others must remain tenacious in efforts to root out cyber-security weaknesses and build consumer confidence.