Equifax Will Pay Up to $700 Million in Largest Data-Breach Settlement Ever
Monday, 22 July 2019 Equifax on Monday has agreed to pay up to $700 million to settle federal and state investigations into its massive 2017 data breach, which exposed about 45% of the U.S. population to fraud.
As part of its deal with the Federal Trade Commission, Equifax will pay at least $300 million — and up to $425 million — to reimburse people that paid for credit and identity-monitoring services due to its data breach. Another $175 million will be paid to all 50 states, as well as the District of Columbia and Puerto Rico, along with $100 million in penalties that will be paid to the Consumer Financial Protection Bureau.
The hack, which first came to light in September 2017, compromised the social security numbers, addresses, drivers license numbers and birth dates of 145 million Americans. Altogether, the credit services company is paying less than $5 per person affected by its data leak.
Full details of the settlement can be found at equifaxbreachsettlement.com, a website set up by the group that will handle claims.
*Also Read:* Former Equifax CEO Grilled by Congress: 'Like the Guards at Fort Knox Forgot to Lock the Doors' (Video)
Former Equifax CEO Richard F. Smith, during a trip to Congress that same year, blamed the data breach on “human error,” where an unnamed employee failed to patch its security system, despite the fix being available for months before the hack.
Equifax’s deal with the FTC also requires it to make a number of changes to its security protocols.
“This settlement requires that the company take steps to improve its data security going forward, and will ensure that consumers harmed by this breach can receive help protecting themselves from identity theft and fraud,” FTC Chairman Joe Simons said in a statement on Monday.
*Also Read:* Step Aside, Equifax: Yahoo Now Says 3 Billion Accounts Were Hacked in 2013
Equifax’s stock climbed about 1% in early trading to $138.45 per share.
*Related stories from TheWrap:*
Equifax CEO Richard Smith Announces 'Retirement' Following Data Breach
Two Equifax Execs Announce Retirement Just 8 Days After Massive Hack
Equifax Failed to Apply Security Patch Available for Months, Leading to Hack
Credit reporting agency Equifax has reached a deal to pay up to $700 million to state and federal regulators to settle probes stemming from a data breach that exposed the personal information of nearly 150 million people.