![]() ![]() Free credit monitoring for 10 years will be allocated to affected consumers.Breaking down the Equifax breachĪ spokesperson for the US Federal Trade Commission (FTC) offered The Daily Swig a breakdown of how the primary $300 million consumer fund will be distributed: The credit reference agency further agreed, if necessary, to pay up to $125 million more in a supplementary fund to reimburse consumers for out-of-pocket losses resulting from the data breach. Under the terms of the under-reported final settlement, Equifax agreed to pay at least $300 million to a consumer fund to help affected by the breach recover from the incident. The credit reference agency was faulted for a “failure to take reasonable steps to secure its network”, shortcomings in attack detection controls, admin credentials stored in plain text, and inadequate encryption of sensitive customer data. In July 2019, Equifax agreed to pay $175 million to 48 US states, the District of Columbia and Puerto Rico, as well as $100 million to the Consumer Financial Protection Bureau. Legal ruckusĪfter the massive breach was made public in September 2017, lawsuits and enforcement action followed. The key Apache Struts update was published in March 2017. The breach exposed names and dates of birth, Social Security numbers, physical addresses, and other personal information that could lead to identity theft and fraud.Ĭredit card numbers for around 209,000 US consumers and US driving licences details of more than 10 million people were also exposed.Įquifax’s systems were exposed for weeks between May and July 2017 before the problem was detected and remedial action was carried out. Potential claimants would face an ‘uphill battle in order to establish standing’, says US privacy law expertĪNALYSIS The 2017 Equifax mega-breach was arguably the worst data breach that consumers have ever endured, but details of the final settlement reveal that most individuals have little chance of getting any recompense.Īttackers took advantage of a known vulnerability in Apache Struts to break into the credit reference agencies database through its dispute resolution portal before siphoning off the credit records of more than 147 million US citizens and an estimated 15 million UK residents.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |