Equifax to pay $671M to settle massive 2017 data breach mess

Equifax has officially reached a settlement for its well-publicized 2017 data breach. The breach allowed hackers to access 145.5 million U.S. Equifax customers’ personal data, data that included their full names, Social Security numbers, birth dates, addresses, and driver license numbers.

According to an Equifax news release, the company agreed to the following terms in the settlement:

The $671 million resolution includes settlement agreements that would resolve the multi-district consumer class action litigation, as well as investigations by the Federal Trade Commission (FTC), the Consumer Financial Protection Bureau (CFPB), the Attorneys General of 48 states, Puerto Rico and the District of Columbia, and the New York Department of Financial Services (NYDFS).

If approved by the Court, a consumer restitution fund of up to $425 million will be available to pay for three-bureau credit monitoring for consumers whose information was impacted in the 2017 breach, actual out-of-pocket losses related to the breach, and other consumer benefits such as identity restoration services.

In the news release, Equifax was adamant about its commitment to protecting its customers from further attacks. Whether this proves to be a true statement or not remains to be seen, but the hefty payout is likely all the incentive they need to practice better cybersecurity methods. There are countless other targets of cybercriminals in the financial sector, and it would be wise for other companies to take note of Equifax’s mistakes.

A statement from Kathleen L. Kraninger, director of the U.S. Consumer Financial Protection Bureau, about this settlement underscored this very point. In the announcement on the Federal Trade Commission’s official website, Kraninger chastised Equifax for its negligence and also warned other companies in this quoted excerpt:

The incident at Equifax underscores the evolving cyber security threats confronting both private and government computer systems and actions they must take to shield the personal information of consumers. Too much is at stake for the financial security of the American people to make these protections anything less than a top priority.

The reality of this situation is that based on past history of corporate cybersecurity incidents, another Equifax-level breach will happen again someday. Consumers must be proactive in always being aware of what entities possess their data, and more importantly, never trust that a company can truly protect them from hackers looking for private data.

Featured image: Shutterstock

Derek Kortepeter

Derek Kortepeter is a graduate of UCLA and tech journalist that is committed to creating an informed society with regards to Information Security. Kortepeter specializes in areas such as penetration testing, cryptography, cyber warfare, and governmental InfoSec policy.

Published by
Derek Kortepeter

Recent Posts

Hold the phone! Voice communication is becoming cool again

Business telephone conversations have largely been supplanted by email. But voice communication is far from dead — and it may…

49 mins ago

What are the potential disadvantages of SSL/TLS?

There’s wide consensus on the benefits of SSL/TLS. However, not as much attention has been given to SSL/TLS disadvantages.

3 days ago

Exploring native software inventory logging in Windows Server

Windows Server has built-software inventory logging that can be very useful. Here’s how to use this little-known feature.

3 days ago

Passwordless authentication: Safer, better, and about time

Passwordless authentication has quickly become one of the primary means by which users access their laptops, phones, and tablets because…

3 days ago

Automated Incident Response in Office 365 ATP simplifies cybersecurity

Microsoft has pumped up Office 365 Advanced Threat Protection with a new feature, Automated Incident Response. Here’s what you need…

4 days ago

IFA 2019: Smart TVs and even smarter wearables unveiled

What will be in your living room or on your wrist this year? It may very likely be one of…

4 days ago