CNN

Equifax will pay up to $700 million to settle data breach hack investigation

Jul 22, 2019, 5:50 AM
FILE - This July 21, 2012, file photo shows signage at the corporate headquarters of Equifax Inc., ...
FILE - This July 21, 2012, file photo shows signage at the corporate headquarters of Equifax Inc., in Atlanta. Equifax will pay up to $700 million to settle with the Federal Trade Commission and others over a 2017 data breach that exposed Social Security numbers and other private information of nearly 150 million people. The proposed settlement with the Consumer Financial Protection Bureau, if approved by the federal district court Northern District of Georgia, will provide up to $425 million in monetary relief to consumers, a $100 million civil money penalty, and other relief. (AP Photo/Mike Stewart, File)
(AP Photo/Mike Stewart, File)

(CNN) — Credit reporting agency Equifax has reached a deal to pay up to $700 million to state and federal regulators to settle probes stemming from a data breach that exposed the personal information of nearly 150 million people.

The Federal Trade Commission announced Monday that Equifax will pay at least $300 million and as much as $425 million to compensate affected people with credit monitoring services. That money will go into a fund that will also reimburse people who purchased credit- or identity-monitoring services because of the 2017 data breach. The amount of the settlement could change depending on the number of claims still to be filed by consumers.

Equifax will also pay $275 million in civil penalties and other compensation to 48 states, Washington, Puerto Rico and the Consumer Financial Protection Bureau.

The deal also requires more changes to how Equifax handles private user data. For example, the company will have to adjust its information security protocols, including annual assessments of security risks and receiving the board’s certification attesting that the company has complied with the FTC’s order.

The FTC alleges Equifax violated the agency’s prohibition against unfair and deceptive practices. The FTC said Equifax failed to properly safeguard peoples’ personal information despite claiming in its privacy policy that it implemented “reasonable physical, technical and procedural safeguards” to protect their data.

“Companies that profit from personal information have an extra responsibility to protect and secure that data,” said FTC Chairman Joe Simons in a statement. “Equifax failed to take basic steps that may have prevented the breach.”

The hack, the largest in US history, exposed sensitive information, including names, Social Security numbers, drivers’ license numbers and addresses.

Equifax did not respond to CNN Business’ request for comment.

Equifax first disclosed the hack in September 2017, three months after the company discovered the breach.

Hackers leveraged a security flaw in a tool designed to build web applications to steal customer data. Equifax admitted it was aware of the security flaw a full two months before the company says hackers first accessed its data.

The data breach prompted the resignation of CEO Richard Smith and investigations by federal regulators, multiple states attorneys general and the company faces a number of civil lawsuits.

The-CNN-Wire
™ & © 2019 Cable News Network, Inc., a Time Warner Company. All rights reserved.

Today’s Top Stories

CNN

A surface-to-surface missile is fired into the sea off the east coast in this handout picture provi...
Yoonjung Seo, Caitlin Hu, Eric Cheung and Brad Lendon, CNN

US and South Korea test-fire missiles in continued response after North Korea launch

In response to a recent test missile launch by North Korea, the US and South Korea launched four missiles off the Korean Peninsula Wednesday morning.
6 hours ago
Three Fresh Carnitas Tacos on a plate wth lime and radish...
Casey Barber, CNN

Make every day National Taco Day with these tasty recipes

October 4 is National Taco Day, but any day in October (or any month, really) is a worthwhile opportunity to dive into the diverse world of tacos.
1 day ago
Russian President Vladimir Putin (C) with Ukrainian separatist regional leaders Vladimir Saldo (L),...
Olga Voitovych and Joshua Berlinger, CNN

Russian Parliament begins process to rubber-stamp annexations as Moscow struggles to define borders

Despite there being no set boundaries, Russia's parliament began the process of approving Vladmir Putin's decision to annex part of Ukraine.
1 day ago
FILE - This photo provided by the North Korean government shows North Korean leader Kim Jong Un del...
Yoonjung Seo, Emiko Jozuka, Junko Ogura, Brad Lendon and Simone McCarthy, CNN

Japan issues rare alert as North Korea fires missile without warning over main island

The US Indo-Pacific Command also released a statement saying American commitments to the defense of Japan and South Korea "remain ironclad."
1 day ago
FORT MYERS BEACH, FLORIDA - OCTOBER 02:   In this aerial view,  destruction left in the wake of Hur...
Nouran Salahieh, CNN

Florida faces an ’emotional roller coaster’ as search for Hurricane Ian survivors continues

Many of the Ian-related deaths -- 42 -- have been reported in southwestern Florida's Lee County, which includes Fort Myers and Sanibel Island.
2 days ago
LOS ANGELES, CALIFORNIA - SEPTEMBER 17: Sacheen Littlefeather on stage at AMPAS Presents An Evening...
Toyin Owoseje, CNN

Sacheen Littlefeather, Native American activist and actress, dead at 75

In August, the Academy formally apologized to Littlefeather for the mistreatment she experienced during her speech and in the years that followed.
2 days ago

Sponsored Articles

Young woman receiving laser treatment...
Form Derm Spa

How facial plastic surgery and skincare are joining forces

Facial plastic surgery is not only about looking good but about feeling good too. The medical team at Form Spa are trained to help you reach your aesthetic outcomes through surgery and through skincare and dermatology, too.
large group of friends tohether in a park having fun...
BYU MBA at the Marriott School of Business

What differentiates BYU’s MBA program from other MBA programs

Commitment to service is at the heart of BYU’s MBA program, which makes it stand out among other MBA programs across the country.
a worker with a drill in an orange helmet installs a door in the house...
Price's Guaranteed Doors

Home improvement tip: Increase the value of your home by weatherproofing doors

Make sure your home is comfortable before the winter! Seasonal maintenance keeps your home up to date. Read our tips on weatherproofing doors.
Curb Appeal...
Price's Guaranteed Doors

How to have the best of both worlds for your house | Home security and curb appeal

Protect your home and improve its curb appeal with the latest security solutions like beautiful garage doors and increased security systems.
A paper reading IRS, internal revenue service is pictured...
Jordan Wilcox

The best strategies for dealing with IRS tax harassment | You have options!

Learn how to deal with IRS tax harassment. This guide will teach you how to stop IRS phone calls and letters, and how to handle an IRS audit.
spend a day at Bear Lake...
Bear Lake Convention and Visitors Bureau

You’ll love spending the day at Bear Lake | How to spend a day at Bear Lake

Bear Lake is a place that needs to be experienced. Spend a day at Bear Lake.
Equifax will pay up to $700 million to settle data breach hack investigation