![equifax breach equifax breach](https://blogdotcybersafeworkforcedotcom.files.wordpress.com/2019/09/equifax-data-breach.jpg)
Major data breaches have become an almost routine occurrence. “The underlying law itself here does not provide as much protection as I think most Americans deserve and want.” “My perspective is that this is a win for the various consumer protection agencies that are involved, but that over the long term, it creates only a relatively mild incentive for the big credit reporting agencies to strengthen their data security,” Mr. Settling the case quickly is probably a better outcome for consumers than years of legal battling, he added. “The Equifax fine is grievously low, particularly given the scope of the identity problems they created,” said Pam Dixon, the executive director of the World Privacy Forum.īut the sum “is not insignificant,” said Christopher Peterson, a law professor at the University of Utah and a former enforcement lawyer at the Consumer Financial Protection Bureau. Some consumer advocates wish the punishment had been more harsh. The company waited more than a month to disclose the breach. According to a government report, the attackers siphoned off information for about 76 days until Equifax discovered the intrusion in late July 2017. Although the thieves did not steal Equifax’s crown jewels, its credit files, they used a flaw that was left unfixed to gain access to dozens of databases. Law enforcement officials have never publicly identified who was behind the hack. Consumers can exercise some control over how their files are used - for example, by freezing them to prevent new credit lines from being opened - but they cannot choose to have the bureaus stop collecting their information. Equifax makes money by selling its vast trove of information to auto loan, mortgage and credit card issuers. The breach not only exposed private information but also put a spotlight on the loosely regulated role credit bureaus play in the day-to-day lives of Americans. Those who already signed up for identity theft protection will be eligible for reimbursement. Keller, one of the lead lawyers representing consumers in the settlement. The site will begin accepting claims as soon as Tuesday, according to Amy E.
![equifax breach equifax breach](http://www.ckccpas.com/wp-content/uploads/2017/11/equifax.jpg)
Information for consumers will be posted at, a website set up by the group that will handle claims.
![equifax breach equifax breach](https://blogs.vmware.com/vmwaresecurity/files/2019/03/Equifax-dispute-portal-servers.png)
If all 147 million victims of the breach were to take part, the monitoring services would cost Equifax more than $2 billion. Every additional million consumers who opt in would cost Equifax more than $16 million, according to the settlement documents. That means the ultimate size of the settlement could change. Equifax is paying one of its competitors, Experian, to provide that service for the first four years, but the settlement assumes only about seven million people will sign up.
#Equifax breach plus#
The company also agreed to pay $275 million in fines to end investigations by the Consumer Financial Protection Bureau, the Federal Trade Commission and 48 states, plus the District of Columbia and Puerto Rico.Įquifax agreed to provide up to 10 years of free credit monitoring services to all victims of the breach in the United States, an offer that could prove costly. It does not just compensate victims who lost money: People who suffered through the hassles of bank phone trees and credit-card customer service lines can bill Equifax $25 an hour for their time.Ī federal judge gave the agreement preliminary approval on Monday, and once finalized, it will be the largest settlement of a data breach case in terms of dollar amount and number of victims, surpassing the $115 million the health care company Anthem paid to settle claims from 79 million people who had their personal information stolen in 2015.Īlmost half the settlement - $300 million - will go toward American consumers who were harmed by the breach, according to settlement documents filed in federal court in Atlanta. The settlement is vast in its scope, resolving investigations by two federal agencies and 48 state attorneys general and covering every American consumer whose data was stolen - or just under half the population of the United States. The credit bureau Equifax will pay about $650 million - and perhaps much more - to resolve most claims stemming from a 2017 data breach that exposed sensitive information on more than 147 million consumers and demonstrated how little control Americans have over their personal data.