Equifax Agrees $1.38bn Data Breach Lawsuit Settlement

Equifax Agrees $1.38bn Data Breach Lawsuit Settlement
17.01.2020 05:30 am

Equifax Agrees $1.38bn Data Breach Lawsuit Settlement


A US judge has rubber-stamped a $1.38 billion settlement related to the massive 2017 data breach at Equifax - capping the amount available for cash payouts to victims.

As first reported by BankInfo Security, the federal judge has given final approval for a settlement that deals with a class action lawsuit against Equifax.

Mirroring an agreement reached between Equifax and the Federal Trade Commission last year, the settlement sees the tens of millions of Americans affected by the breach given the choice between free credit monitoring or a cash payment.

While the cash payment is nominally worth up to $125 per victim, in reality it is likely to be significantly less because of a £31 million disbursement cap on the total pool available.

With so many opting for the cash payment option, the FTC has urged people to instead take the free credit monitoring. Anyone wishing to take the cash has until 22 January to make a claim.

A far larger slice of the settlement - around $1 billion - is dedicated to making security upgrades in the wake of the breach, which compromised the personal information of around 145 million Americans.

A senate investigation found numerous failings by the credit rating agency both before and after the breach. The investigation found problems with Equifax's cyber-approach going back way before the breach. The firm had no standalone written corporate policy governing the patching of known cyber vulnerabilities until 2015.

Even when this was remedied and an audit found thousands of vulnerabilities, several issues were not actually addressed before the 2017 attack.

And once the hackers were inside Equifax's systems, the damage could have been minimised but usernames and passwords were saved on a file share by employees - a move designed to make business more efficient. In addition, Equifax did not have basic tools in place to detect and identify changes to files.

Related News

Experian Unveils Breakthrough Solution in the Fight Against Synthetic Identity Fraud

To combat a growing threat that’s expected to drive $48 billion in annual online payment fraud losses by 2023,1 Experian® today announced the launch of Sure Profile™. Experian... Read more »

Kompli-Global and Yoti team up to tackle fraudsters and money launderers with verified identities

Kompli-Global, the leading RegTech AML specialist, has formed a strategic partnership... Read more »

Koine signs international Joint Venture to deliver post-trade solutions to traditional exchanges and digital securities trading venues

Koine, the provider of segregated, institutional custody and settlement services for digital assets, has announced a joint... Read more »

Arcserve and Sophos Deepen Alliance to Unveil Fully Integrated Cyber and Data Protection for On-Premises, Cloud, and SaaS Workloads

Arcserve, LLC, the world’s most experienced data and ransomware protection provider, today... Read more »

Chargebacks911 launches Digital Chargeback University Educational Series

Chargebacks911, a dispute management specialist, announced dates for the first set of... Read more »

Paymentology introduces new card scoring model

Cloud based payment processor Paymentology has launched its new Instream Fraud Scoring model which aims to improve the identification and blocking of... Read more »

Free Newsletter Sign-up
+44 (0) 208 819 32 53 +44 (0) 173 261 71 47
Download Our Mobile App
Financial It Youtube channel