This is one of the largest ever settlement for a data breach. Affected consumers should get in touch with the company.
On Monday Equifax Inc, a credit-reporting company, stated it will pay up to $700 million to settle U.S. federal and state probes into a massive 2017 data breach of personal information.
In what is the largest-ever settlement for a data breach draws to a close multiple probes into Equifax by the Federal Trade Commission, the Consumer Financial Protection Bureau and nearly all state attorneys general.
The development also sees Equifax resolving pending class-action lawsuits.
“This company’s ineptitude, negligence, and lax security standards endangered the identities of half the U.S. population,” said Letitia James, New York’s Attorney General in a statement.
In 2017, Equifax, was one of the three major credit-reporting companies which disclosed that a data breach had compromised the personal information, including Social Security numbers, of 143 million Americans.
The cyberattack resulted in Equifax’s chief executive exit the company following increased scrutiny over its security practices and the tardy pace of disclosing the breach. It also resulted in policymakers questioning how private companies could amass such as humongous amount of personal data and set off efforts to bolster consumers’ ability to protect and control their information.
Under the terms of the settlement, Equifax will establish a $300 million restitution fund for harmed consumers that could climb to $425 million depending on its use.
“Consumers eligible for the fund must submit claims showing they were fraud victims or set up credit-monitoring services following the breach”, said Equifax.
Equifax will also pay a $175 million fine to the states and $100 million to the CFPB.
According to a statement, the affected consumers will be eligible for 10 years of free credit monitoring.
Equifax has also agreed to make it easier for consumers to freeze their credit or dispute inaccurate information in credit reports and bolster its security practices and have its policies assessed regularly by a third party.