Equifax has agreed to pay $700 million, and potentially more, to settle with the federal authorities and states over its 2017 data breach that exposed the Social Security numbers and other private information of almost 150 million people, roughly half of the USA population.
The breach affected a whopping 147 million customers globally, including 15 million Brits, saw hackers make off with details including social security numbers, names, dates of birth, addresses, credit card numbers and driver's licence numbers after exploiting an "entirely preventable" flaw in Equifax's systems.
Under an agreement with the attorneys general from 48 states as well as the District of Columbia and Puerto Rico, Equifax will set aside up to $425 million to reimburse victims of the breach, including those who experienced identity theft. "This is a good settlement for Vermonters".
Equifax is paying up to $425 million to help cover the costs incurred by almost 147 million consumers as a result of the 2017 data breach.
The settlement requires court approval.
Equifax, a major United States consumer credit rating firm, disclosed the breach in September 2017 which happened after it failed to patch a known security flaw in one of its websites that used Apache Struts, a tool for building Java web apps. Because it did not, one in every two Americans' personal information was exposed to hacking.
Nadler: Mueller Doesn't Need to Comply With That DOJ Letter
Mueller probably doesn't want to extend a public war of words with Barr, a longtime friend and his former boss. Republicans want Robert Mueller to concede it was all a waste of time and money, if not an outright hoax.
"If you're going to be obtaining personal information from people, it's important that you invest that money to protect their information, or you could be facing something similar to what Equifax had to deal with", she said. The company will also be required to offer affected consumers extended credit-monitoring services for a total of 10 years.
The data breach prompted the resignation of CEO Richard Smith and investigations by federal regulators, multiple states attorneys general and the company faces a number of civil lawsuits.
The FTC is expected to announce a $5bn settlement with Facebook as early as this week over its handling of user data that led to political consultancy Cambridge Analytica acquiring data on 87 million Facebook users. After that, Equifax will provide another six years of credit monitoring.
"Companies that profit from personal information have an extra responsibility to protect and secure that data", FTC chairman Joe Simons said in a statement announcing the settlement. The first four years will include reports from the top three bureaus - Equifax, Experian and TransUnion - and $1 million in identity theft insurance. Neither the company nor government agencies have disclosed who was behind the data breach.
An investigation showed Equifax failed to maintain reasonable security measures despite knowing about certain vulnerabilities.