Equifax Agrees to $700 Million Settlement After Huge Hacking Incident Hit Consumers
WASHINGTON – Credit reporting giant Equifax Inc. signed a settlement Monday in which it agreed to pay as much as $700 million to resolve government and consumer complaints resulting from a data breach that exposed the personal financial information of most of the U.S. adult population.
The settlement follows investigations by the Federal Trade Commission, Consumer Financial Protection Bureau and all 50 state attorneys general. Consumers filed thousands of private lawsuits that were consolidated into a class action.
The agreement with the Federal Trade Commission awaits approval by a judge in the U.S. District Court for the Northern District of Georgia, where the case is pending.
“This settlement requires that the company take steps to improve its data security going forward and will ensure that consumers harmed by this breach can receive help protecting themselves from identity theft and fraud,” Federal Trade Commission Chairman Joe Simons said in a statement.
The Federal Trade Commission blamed much of the heavy penalty on Equifax’s negligence in failing to fix a known security hazard.
A security flaw in the company’s Apache Struts program was detected by engineers but continued for two months before the 2017 data breach, despite the availability of a software patch, the Federal Trade Commission reported.
A hacker who exploited the flaw then was able to steal records of more than 146 million users by gaining access to the Equifax system.
The breached information included Social Security numbers, names, birth dates, phone numbers, email addresses and drivers license records. The hackers also accessed 209,000 payment card numbers and expiration dates.
The Federal Trade Commission reported that Equifax stored many network credentials, passwords and Social Security numbers in plain text files where they were easily susceptible to cybercrime.
The agreement would allocate about $300 million for consumers affected by the data breach. Another $100 million would be paid to the Consumer Financial Protection Bureau for civil penalties. All 50 states, the District of Columbia and Puerto Rico would share $175 million of the compensation, Equifax said in a press release.
The company agreed to an additional $125 million payment if more than seven million
consumers file claims showing the original amount of compensation was inadequate.
Other parts of the agreement would give all U.S. consumers six free credit reports per year for seven years. Equifax also agreed to annual tests of its cybersecurity, to add more safeguards to its computers and to certify its compliance annually with the consent agreement.
The damage to the company goes far beyond the enormous penalties in the settlement agreement.
Equifax’s chief executive was forced into resignation, two of its top executives received prison sentences for insider trading, its credit rating suffered and legal fees reached into millions of dollars. The company spent millions more trying to strengthen its cybersecurity.
“This comprehensive settlement is a positive step for U.S. consumers and Equifax as we move forward from the 2017 cybersecurity incident and focus on our transformation investments in technology and security as a leading data, analytics and technology company,” Equifax Chief Executive Officer Mark W. Begor said in a statement.
Consumers who can prove they spent time trying to correct problems created by the data
breach can receive compensation as high as $20,000 per person. The compensation would be calculated at $25 per hour up to 20 hours.
The claims process is scheduled to open after court approval of the settlement. More information can be found on the Federal Trade Commission website at https://www.ftc.gov/enforcement/cases-proceedings/refunds/equifax-data-breach-settlement
In The News
In The News
IOWA CITY, Iowa (AP) — A Republican candidate saw her vote lead dwindle to single digits Wednesday in Iowa’s 2nd Congressional District as a dramatic recount moved toward a conclusion in a race that will help determine the size of Democrats’ majority in the House of... Read More
WASHINGTON (AP) — Monday seemed like the end of President Donald Trump's relentless challenges to the election, after the federal government acknowledged President-elect Joe Biden was the “apparent winner” and Trump cleared the way for cooperation on a transition of power. But his baseless claims have... Read More
WASHINGTON (AP) — Children of the world can rest easy. The global pandemic won't stop them from tracking Santa Claus' progress as he delivers gifts around the globe on Christmas Eve. The North American Aerospace Defense Command has announced that NORAD will track Santa on Dec.... Read More
WASHINGTON (AP) — As coronavirus cases surge again nationwide the Supreme Court late Wednesday barred New York from enforcing certain limits on attendance at churches and synagogues in areas designated as hard hit by the virus. The justices split 5-4 with new Justice Amy Coney Barrett in the... Read More
WILMINGTON, Del. (AP) — On a day of grace and grievance, President-elect Joe Biden summoned Americans to join in common purpose against the coronavirus pandemic and their political divisions while the man he will replace stoked the fading embers of his campaign to “turn the election... Read More
NEW YORK (AP) — After months of slumping sales and businesses toppling into bankruptcy, Black Friday is offering a small beacon of hope. In normal times, Black Friday is the busiest shopping day of the year, drawing millions of shoppers eager to get started on their... Read More