In another example of how regulators increasing aren’t tolerant with companies that make basic errors that lead to data breaches, the U.S. Federal Trade Commission has come to a multi-million dollar settlement with Equifax Inc. over a 2017 incident that exposed the personal information of some 147 million people.
Equifax has agreed to pay at least $575 million (U.S), and potentially up to $700 million, as part of a global settlement with the FTC, the U.S. Consumer Financial Protection Bureau, and 50 U.S. states and territories, which alleged that the credit reporting company’s failure to take reasonable steps to secure its network led to the breach.
“Equifax failed to take basic steps that may have prevented the breach that affected approximately 147 million consumers,” said FTC chair Joe Simons. “This settlement requires that the company take steps to improve its data security going forward, and will ensure that consumers harmed by this breach can receive help protecting themselves from identity theft and fraud.”
The proposed settlement, announced Monday, still has to be approved by a U.S. District Court.
In April, Canada’s federal privacy commissioner Daniel Therrien found that despite spending millions a year on cyber security the company had poor security safeguards; retained information too long; had inadequate consent procedures; suffered from a lack of accountability for Canadians’ information and provided limited protection measures offered to affected individuals after the breach. Information on about 19,000 Canadians was exposed in the breach.
Therrien also complained Equifax Canada didn’t offer Canadian victims the same credit-monitoring protection U.S. victims receiv ..
Support the originator by clicking the read the rest link below.
