Equifax, Inc., a consumer credit reporting company is reportedly about to close a deal to resolve data breach probes. The firm will pay $700 million to U.S. regulators & states for the case settlement.
As per credible sources, a 2017 data breach at Equifax exposed nearly 150 million social security numbers of Americans and other sensitive personal information. The firm will pay the amount as a violation settlement with the Consumer Financial Protection Bureau, Federal Trade Commission & state attorneys general.
Reportedly, the breach is amongst the biggest consumer data breaches by one of the largest credit-reporting firms that has exposed big security flaws and raised cybersecurity concerns among policy makers and consumers. Hackers could access Equifax’s systems through a software flaw the company had neglected. A faulty scanning tool enabled hackers to stay undetected in Equifax’s network for months.
As per sources close to the matter, the backlash for the breach was swift. Equifax’s long-serving chief executive retired within a week after the breach was exposed. The Federal and State officials launched a spate of investigations. Lawmakers berated Equifax executives for waiting 6 weeks to disclose the hack after it detected suspicious activity & raised questions about how it handles the consumer data that it collects.
The amount to be paid by Equifax could vary, depending upon the number of claims ultimately filed by consumers. The settlement will require the firm to make more changes on how it handles and protects consumer data. A fund will also be established to compensate consumers for the harm they had sustained as a result of the breach.
Equifax is on track to spend approximately $1.25 billion to gear up its security systems and upgrade technology. In 2018, regulators in several states ordered the company to strengthen its disaster-response protocols, patches and information-security defenses, cite sources close to the matter.