Wednesday, April 24, 2024

Equifax to Pay Nearly $650 Million as Fine Over 2017 Data Breach

Equifax to pay a massive fine of around $650 million following to the 2017 data breach that exposes 145 million customers record. The exposed data includes names, addresses, driver license numbers, and Social Security numbers.

The company is expected to pay around $650 million to settle for Federal, state investigations and customer claims that associated with the data breach.

Equifax data breach happened in September 2017, hackers exploited a known vulnerability to harvest the customer’s data from Equifax servers.

According to the NYTimes report, “Equifax said it had set aside $690 million to cover the anticipated legal costs of the hacking. It has also spent hundreds of millions of dollars on improving its technology systems and on free credit report monitoring services.”

Equifax Fine

The ICO investigation found that Equifax data leak exposed UK customers, UK’s Information Commissioner’s Office said that “the UK arm of the company failed to take appropriate steps to ensure its American parent Equifax Inc, which was processing the data on its behalf, was protecting the information.”

The investigation was carried out according to the Data Protection Act 1998 and not with current GDPR act, because the new applied in the UK from 25 May 2018. ICO found that Equifax’s security measures in place were inadequate and ineffective.

“We are determined to look after UK citizens’ information wherever it is held. Equifax Ltd has received the highest fine possible under the 1998 legislation because of the number of victims, the type of data at risk and because it has no excuse for failing to adhere to its policies and controls as well as the law,” said Elizabeth Denham, Information Commissioner

ICO investigation also found that Equifax Inc was warned by DHS earlier in March 2017 to address the vulnerability, but the vulnerability was not properly patched.

“Multinational data companies like Equifax must understand what personal data they hold and take robust steps to protect it. Their boards need to ensure that internal controls and systems work effectively to meet legal requirements and customers’ expectations,” Ms. Denham added.

Earlier this month Marriott International and British Airways are fined under GDPR act for failure in protecting the customer data.

SponsoredFree GDPR Comics Book – Importance of Following General Data Protection Regulation (GDPR) to protect your Company Data and user privacy

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity updates also you can take the Best Cybersecurity course online to keep yourself updated.


Latest articles

Phishing Attacks Rise By 58% As The Attackers Leverage AI Tools

AI-powered generative tools have supercharged phishing threats, so even newbie attackers can effortlessly create...

Multiple MySQL2 Flaw Let Attackers Arbitrary Code Remotely

The widely used MySQL2 has been discovered to have three critical vulnerabilities: remote Code...

CoralRaider Hacker Evade Antivirus Detections Using Malicious LNK File

This campaign is observed to be targeting multiple countries, including the U.S., Nigeria, Germany,...

Spyroid RAT Attacking Android Users to Steal Confidential Data

A new type of Remote Access Trojan (RAT) named Spyroid has been identified.This...

Researchers Uncover that UK.GOV Websites Sending Data to Chinese Ad Vendor Analysts

Analysts from Silent Push, a data analytics firm, have uncovered several UK government websites...

Ransomware Victims Who Opt To Pay Ransom Hits Record Low

Law enforcement operations disrupted BlackCat and LockBit RaaS operations, including sanctions on LockBit members...

IBM Nearing Talks to Acquire Cloud-software Provider HashiCorp

IBM is reportedly close to finalizing negotiations to acquire HashiCorp, a prominent cloud infrastructure...
Guru baran
Guru baran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.


Mastering WAAP/WAF ROI Analysis

As the importance of compliance and safeguarding critical websites and APIs grows, Web Application and API Protection (WAAP) solutions play an integral role.
Key takeaways include:

  • Pricing models
  • Cost Estimation
  • ROI Calculation

Related Articles