The Federal Trade Commission and Consumer Financial Protection Bureau have fined Equifax for around $700 million following a massive data breach in 2017 that leaked a massive amount of information of more than 143 million people in the U.S. alone.
According to the official reports, the proposed penalty could be between $650 and $700 million. It’s said that the final amount could vary depending on how many people file claims and their expected compensation.
On September 7, 2017, the Atlanta-based consumer credit reporting agency disclosed that its databases had been breached between May and June 2017, and hackers had gained access to Company data that potentially compromised sensitive information for 143 million American consumers, including Social Security numbers, credit card numbers and driver’s license numbers. Equifax discovered the breach on July 29, 2017, but had waited until after the close of trading nearly six weeks later to disclose the breach to consumers and Equifax’s investors, after hackers exfiltrated data for 76 days.
Earlier, Equifax was charged with a fine of £500,000 ($660,000) by the Information Commissioner Office (ICO) for failing to protect the personal and financial data of customers. The Information Commissioner’s Office, which carried out the investigation, stated that Equifax had been warned about vulnerabilities in its systems by the US Department of Homeland Security in March 2017. However, Equifax failed to take proper steps to fix the vulnerabilities.