In what should be seen as a lesson in the price for not properly securing data, Equifax signed a settlement today with the US Federal Trade Commission (FTC), state attorneys, and a class-action case relating to the firm’s 2017 data breach. ZD Net brought this news to us in their article, “Equifax, regulators sign $700m deal to settle data breach lawsuits.”

The security incident was caused by a failure to resolve a known security flaw in Apache Struts, despite a patch being made available two months prior to the breach. This permitted a hacker to access the credit monitoring company’s systems, leading to the theft of records belonging to over 146 million users.

The cost of this breach? Under the terms of the deal, Equifax will reportedly pay at least $575 million, and potentially up to $700 million in damages.

Sometimes the cost is not in just dollars. Equifax also agreed that starting with January 2020 to provide consumers with six free credit reports each year for seven years. This will add to the existing free credit report that all consumers are entitled to receive.

Melody K. Smith

Sponsored by Access Innovations, the world leader in taxonomies, metadata, and semantic enrichment to make your content findable.