Equifax will pay at least $575 million in a settlement for a mammoth 2017 data breach that impacted more than 140 million people. According to an announcement by the Federal Trade Commission (FTC), this penalty could rise to as much as $700 million.
The Atlanta-headquartered consumer credit reporting company hit the spotlight back in September 2017, when it announced that personal details — such as the names, dates of birth, Social Security numbers, addresses, and more — of up to 147 million U.S. consumers were exposed to hackers between May and July of that year. According to the FTC, Equifax stored much of its customers’ confidential data — including social security numbers, network credentials, and passwords — in plain text.
It later emerged that Equifax was made aware of the security vulnerability relating to its one of its customer databases as early as March of that year but failed to patch it.
The FTC said in its report:
The FTC alleges that Equifax failed to patch its network after being alerted in March 2017 to a critical security vulnerability affecting its ACIS database, which handles inquiries from consumers about their personal credit data. Even though Equifax’s security team ordered that each of the company’s vulnerable systems be patched within 48 hours after receiving the alert, Equifax did not follow up to ensure the order was carried out by the responsible employees.
The settlement comes hot on the heels of a number of other high-profile data breach levies. Earlier this month, British Airways was slapped with a $230 million fine — a record under Europe’s GDPR laws — over a 2018 security breach that compromised the personal data of 500,000 customers. A day later, hotel giant Marriott was hit with a $123 million fine for similar breaches under GDPR regulations.
The Equifax settlement, which is with the FTC, Consumer Financial Protection Bureau (CFPB), and 50 U.S. states and territories, will constitute $300 million to be used to fund credit monitoring services for affected consumers, as well as compensate those who bought credit or identity monitoring services as a result of the breach. A further $125 million has been put aside should the initial tranche not be enough. Equifax will also give all U.S. customers six free credit reports annually for seven years.
Moreover, Equifax will pay civil penalties of $175 million to 48 states, plus Washington, D.C. and Puerto Rico, and a further $100 million to the CFPB.
“Companies that profit from personal information have an extra responsibility to protect and secure that data,” said FTC chair Joe Simons. “Equifax failed to take basic steps that may have prevented the breach that affected approximately 147 million consumers. This settlement requires that the company take steps to improve its data security going forward and will ensure that consumers harmed by this breach can receive help protecting themselves from identity theft and fraud.”
The FTC has also ordered Equifax to implement a “comprehensive information security program,” including carrying out annual assessments of security risks, in addition to other measures, such as obtaining certifications each year to verify that the company is complying with the order.
Content sourced fromTNW
*This section only applies to third party rss feed users*
— Kashmir Broadcasting Corporation allows the use of RSS Feeds, but with our content usage we expect that credit is given, but in the event that it is not. This content policy annotation will act as a credit towards KBC (Kashmir Broadcasting Corporation) Please visit kbcchannel.tv for more news and articles — we can not justify what is written on a third party site, as the content can be altered to their specification, if something is not authentic as it should be please visit kbcchannel.tv and look for the original content. if it is no longer there then it can no longer be associated with Kashmir Broadcasting Corporation and if the content on a third party site has been altered to the point of offence or deemed inappropriate please report it to KBC via email: firstname.lastname@example.org or fill the submission form on kbc’s website: https://www.kbcchannel.tv/report-form/ with the details of the site and article heading — Thank You
Website — https://www.kbcchannel.tv/
FaceBook — https://www.facebook.com/kbcchanneltv
Twitter — https://twitter.com/kbcchanneltv
YouTube — https://www.youtube.com/channel/UCV6TFLe3dGbavSYilnC2paQ
Instagram — https://www.instagram.com/kbcchanneltv/