FOLLOW US

Equifax agreed to pay up to $700 million to settle a nationwide complaint against it in connection with the 2017 data breach that affected approximately 147 million consumers.

According to the credit reporting company, the settlement agreements include a restitution fund of up to $425 million for consumers. That money will be available to pay for three-bureau credit monitoring for consumers affected by the data breach, actual out-of-pocket losses related to the breach, and other consumer benefits such as identity restoration services.

Equifax will also pay $175 million in penalties to 48 states, the District of Columbia and Puerto Rico and $100 million in civil penalties to the Consumer Financial Protection Bureau (CFPB).

A positive step for Equifax, U.S. consumers

In a statement, Equifax CEO Mark Begor said, "This comprehensive settlement is a positive step for U.S. consumers and Equifax as we move forward from the 2017 cybersecurity incident and focus on our transformation investments in technology and security as a leading data, analytics, and technology company.”

In addition, Begor said the restitution fund reinforces the company’s commitment and seriousness to “putting consumers first and safeguarding their data.”

“We have been committed to resolving this issue for consumers and have the financial capacity to manage the settlement,” said Begor.

Equifax must improve its data security

On the other hand, Federal Trade Commission (FTC) Chairman Joe Simmons, commented, “Companies that profit from personal information have an extra responsibility to protect and secure that data. Equifax failed to take basic steps that may have prevented the breach that affected approximately 147 million consumers.”

Simmons added that the settlement requires Equifax to implement actions to “improve its data security going forward.” The company must also ensure that affected consumers will receive protection from identity theft and fraud.

Meanwhile, CFPB Director Kathleen Kraninger said, “Today’s announcement is not the end of our efforts to make sure consumers’ sensitive personal information is safe and secure. The incident at Equifax underscores the evolving cyber security threats confronting both private and government computer systems and actions they must take to shield the personal information of consumers. Too much is at stake for the financial security of the American people to make these protections anything less than a top priority.”

Kraninger also encouraged affected consumers to submit their claims to receive free credit monitoring or cash reimbursements.