Equifax to Pay $575 Million as Part of Settlement with FTC, CFPB, and States Related to 2017 Data Breach
Data Breach (Unsecure Network)
The FTC Act’s prohibition against unfair and deceptive practices and the Gramm-Leach-Bliley Act’s Safeguards Rule
Why it Matters & To Whom it Applies
In its complaint, the FTC alleges that Equifax failed to secure the massive amount of personal information stored on its network, leading to a breach that exposed millions of names and dates of birth, Social Security numbers, physical addresses, and other personal information that could lead to identity theft and fraud.
Equifax Inc. has agreed to pay at least $575 million, and potentially up to $700 million, as part of a global settlement with the Federal Trade Commission, the Consumer Financial Protection Bureau (CFPB), and 50 U.S. states and territories, which alleged that the credit reporting company’s failure to take reasonable steps to secure its network led to a data breach in 2017 that affected approximately 147 million people.