Equifax To Pay $700m For Data Breach Settlement

Credit checking specialist Equifax US Information Solutions is to pay an eye watering data breach settlement of around $700m to US regulators and US states.

The settlement figure will reportedly be paid to settle with the Federal Trade Commission, the Consumer Financial Protection Bureau and most state attorneys general, the Wall Street Journal (WSJ) reported.

Earlier this month Jun Ying, the former Chief Information Officer CIO of Equifax was sentenced to four months in a federal prison for insider trading. He sold off his stock options before the 2017 data breach became public knowledge.

Equifax data breach

The highly damaging breach at Equifax first came to light back in September 2017. That breach resulted in the theft of the data belonging to 143 million US consumers (and 15.2 million British citizens).

Data stolen included names, addresses, social security numbers, and dates of birth.

What made the Equifax breach so damaging, was that the firm had discovered the breach back in July 2017 but waited 40 days before telling the world.

Even worse, Equifax’s IT team had known about the about the vulnerability exploited by the hackers as far back as March 2017, after a security researcher had warned the firm about its vulnerability to a cyberattack months before it actually suffered the breach.

This meant that there were personnel within Equifax’s senior management that knew of the breach long before the firm publicly declared the security incident.

Settlement deal

And now according to the WSJ, Equifax is nearing a deal to settle multiple state and federal investigations that resulted from the breach.

According to people familiar with the matter, the settlement deal with regulators and US states, would also resolve a nationwide consumer class-action lawsuit.

The amount to be paid by Equifax could change depending on the number of claims eventually filed by consumers, and the WSJ added that the settlement could be announced as soon as Monday.

The fallout from the 2017 Equifax breach triggered multiple investigations across the world, and the credit monitoring firm was hauled up before the US Congress.

Former CEO Richard Smith faced a serious grilling from US Senators. This was after he had already retired from the firm after the breach became public.

Do you know all about security? Try our quiz!

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

Recent Posts

Craig Wright Sentenced For Contempt Of Court

Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…

2 days ago

El Salvador To Sell Or Discontinue Bitcoin Wallet, After IMF Deal

Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…

2 days ago

UK’s ICO Labels Google ‘Irresponsible’ For Tracking Change

Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…

2 days ago

EU Publishes iOS Interoperability Plans

European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…

3 days ago

Momeni Convicted In Bob Lee Murder

San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…

3 days ago