Stories
Slash Boxes
Comments

SoylentNews is people

Submission Preview

Link to Story

Equifax Settles Class-Action Breach Lawsuit for $380.5M

Accepted submission by exec at 2020-01-16 04:05:50
News

"exec" writes:

Story automatically generated by StoryBot Version 0.2.2 rel Testing.
Storybot ('Arthur T Knackerbracket') has been converted to Python3

Note: This is the complete story and will need further editing. It may also be covered
by Copyright and thus should be acknowledged and quoted rather than printed in its entirety.

FeedSource: [Threatpost]

Time: 2020-01-15 18:00:49 UTC

Original URL: https://threatpost.com/equifax-settles-class-action-lawsuit/151873/ [threatpost.com] using UTF-8 encoding.

Title: Equifax Settles Class-Action Breach Lawsuit for $380.5M

--- --- --- --- --- --- --- Entire Story Below --- --- --- --- --- --- ---

Equifax Settles Class-Action Breach Lawsuit for $380.5M

Arthur T Knackerbracket has found the following story [threatpost.com]:

Join thousands of people who receive the latest breaking cybersecurity news every day.

The administrator of your personal data will be Threatpost, Inc., 500 Unicorn Park, Woburn, MA 01801. Detailed information on the processing of personal data can be found in the privacy policy [threatpost.com]. In addition, you will find them in the message confirming the subscription to the newsletter.

The administrator of your personal data will be Threatpost, Inc., 500 Unicorn Park, Woburn, MA 01801. Detailed information on the processing of personal data can be found in the privacy policy [threatpost.com]. In addition, you will find them in the message confirming the subscription to the newsletter.

Class members have until Jan. 22, next week, to claim benefits.

A Georgia court granted final approval for an Equifax settlement in a class-action lawsuit, after the credit-reporting agency was hit by its massive 2017 data breach.

Equifax will pay $380.5 million to settle lawsuits regarding the 2017 data breach [threatpost.com], the Atlanta federal judge reportedly [bloomberglaw.com] ruled this week. In addition, Equifax may be required to dole out an additional $125 million “if needed to satisfy claims for certain out-of-pocket losses.”

“We are pleased that the Court approved the settlement, which provides significant benefits for consumers whose information was impacted in the 2017 breach,” an Equifax spokesperson told Threatpost.

The $380.5 million will be placed into a fund for consumers affected [bloomberglaw.com] who are part of the class outlined in the lawsuit. The settlement cost will also cover attorneys’ fees, expenses and administration costs.

The $380.5 million for affected consumers is slightly more than the $300 million proposed previously  [threatpost.com] by the Federal Trade Commission (FTC) in July 2019. The July 2019 proposal was subject to the federal court’s Monday approval.

As part of the settlement, the company will also need to pay at least $1 billion for improved security, as well as $175 million to 48 states in the U.S and and $100 million in civil penalties to the Consumer Financial Protection Bureau (CFPB).

Equifax will also need to pay $1.4 billion in litigation expenses and $77.5 million as a percentage based fee, according to Bloomberg.

It should also be noted that of the 147 million affected by the data breach, approximately 15 million are part of the class action lawsuit. If all 147 million class members end up signing up for credit monitoring (or the equal cost of $125 each), Equifax may need to pay out $2 billion more, the settlement said.

Class members have until Jan. 22 (next week) to claim benefits.

Affected consumers can either sign up for 10 years of free credit monitoring (for the equal cost of $125) or apply for a cash payout, which would make them eligible for up to $20,000; [forbes.com] a cash payout would cover serious repercussions from the breach like losses from unauthorized charges to victims’ accounts or the cost of freezing their credit report.

Equifax, which handles data associated with more than 820 million customers and 91 million businesses worldwide, has been under public scrutiny since September 2017 when it disclosed [threatpost.com] the data breach. The attackers managed to access information [threatpost.com] containing Social Security numbers, birth dates, addresses, and some driver’s license numbers. Equifax said it discovered the intrusion on July 29, meaning attackers apparently had access to the company’s files for nearly 12 weeks.

“Companies that profit from personal information have an extra responsibility to protect and secure that data,” said FTC Chairman Joe Simons previously said in a statement [ftc.gov] after the July 2019 proposal was made (Threatpost has reached out to the FTC for comment regarding the final approval of the settlement). “Equifax failed to take basic steps that may have prevented the breach that affected approximately 147 million consumers. This settlement requires that the company take steps to improve its data security going forward, and will ensure that consumers harmed by this breach can receive help protecting themselves from identity theft and fraud.”

In the past year, a slew of fines and penalties have been imposed that were tied privacy and data breach incidents. Earlier in July, the FTC slapped [threatpost.com] a $5 billion fine on Facebook for privacy violations following its Cambridge Analytica incident. Also hit with security-related fines in July were Marriott [threatpost.com] ($123 million) and British Airways [threatpost.com] ($230 million).

Landry’s announced that more than 60 of its restaurants may be affected by payment processing system malware.

2019 was a banner year for data exposures, with billions of people affected by cloud misconfigurations, hacks and poor security practices in general. Here’s the Threatpost Top 10 for data-breach news of the year, featuring all the low-lights.

Cyber-disclosure statements noting how long a company can go without a breach can help customers understand the reality of cyber-incidents and their exposure to loss.

This site uses Akismet to reduce spam. Learn how your comment data is processed [akismet.com].

Join thousands of people who receive the latest breaking cybersecurity news every day.

2 hours ago

Get the latest breaking news delivered daily to your inbox.

Infosec Insider content is written by a trusted community of Threatpost cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.

Sponsored Content is paid for by an advertiser. Sponsored content is written and edited by members of our sponsor community. This content creates an opportunity for a sponsor to provide insight and commentary from their point-of-view directly to the Threatpost audience. The Threatpost editorial team does not participate in the writing or editing of Sponsored Content.

-- submitted from IRC

Original Submission