Equifax Agrees $1.38bn Data Breach Lawsuit Settlement

Equifax Agrees $1.38bn Data Breach Lawsuit Settlement
17.01.2020 05:30 am

Equifax Agrees $1.38bn Data Breach Lawsuit Settlement


A US judge has rubber-stamped a $1.38 billion settlement related to the massive 2017 data breach at Equifax - capping the amount available for cash payouts to victims.

As first reported by BankInfo Security, the federal judge has given final approval for a settlement that deals with a class action lawsuit against Equifax.

Mirroring an agreement reached between Equifax and the Federal Trade Commission last year, the settlement sees the tens of millions of Americans affected by the breach given the choice between free credit monitoring or a cash payment.

While the cash payment is nominally worth up to $125 per victim, in reality it is likely to be significantly less because of a £31 million disbursement cap on the total pool available.

With so many opting for the cash payment option, the FTC has urged people to instead take the free credit monitoring. Anyone wishing to take the cash has until 22 January to make a claim.

A far larger slice of the settlement - around $1 billion - is dedicated to making security upgrades in the wake of the breach, which compromised the personal information of around 145 million Americans.

A senate investigation found numerous failings by the credit rating agency both before and after the breach. The investigation found problems with Equifax's cyber-approach going back way before the breach. The firm had no standalone written corporate policy governing the patching of known cyber vulnerabilities until 2015.

Even when this was remedied and an audit found thousands of vulnerabilities, several issues were not actually addressed before the 2017 attack.

And once the hackers were inside Equifax's systems, the damage could have been minimised but usernames and passwords were saved on a file share by employees - a move designed to make business more efficient. In addition, Equifax did not have basic tools in place to detect and identify changes to files.

Related News

GFT adds Security and Application Development specializations to Google Cloud technology accreditation

GFT, a global IT engineering and technology firm with a strong track-record in the financial services industry, continues to boost its cloud competences: The firm now retains... Read more »

IDEX Biometrics set to drive down cost of biometric smartcards with new TrustedBio™ family of products and solutions

IDEX Biometrics ASA, a leading provider of advanced fingerprint identification and authentication solutions, today announced the launch of TrustedBio™ — a new... Read more »

DLT Implementations Require Refreshed Approach to Security, According to New DTCC Paper

With the adoption of distributed ledger technology (DLT) expected to grow in financial services, The Depository Trust & Clearing Corporation (DTCC), the premier market... Read more »

Fraud Attempts and Threat Levels are Rising, Bottomline Survey Finds

Bottomline Technologies (NASDAQ:EPAY), a leading provider of financial technology that helps make business payments simple, smart and secure, today announced the release of the... Read more »

HTB Chooses Ping Identity for Multi-factor Authentication

Hampshire Trust Bank (HTB) today announces that it has partnered with Ping Identity to provide intelligent access for customers and brokers.

This forms part of HTB’s... Read more »

Free Newsletter Sign-up
+44 (0) 208 819 32 53 +44 (0) 173 261 71 47
Download Our Mobile App
Financial It Youtube channel