CFPB, FTC, and State AGs Settle with Equifax over 2017 Data Breach

Today, the Consumer Financial Protection Bureau (CFPB), the Federal Trade Commission (FTC) and a large group of state attorneys general announced that they reached a global settlement with Equifax over its 2017 data breach. Among other relief, the $700 million settlement includes $450 million in monetary relief to consumers and $100 million in civil penalties.

The Equifax data breach, which spanned from May to July of 2017, compromised the sensitive data of 147 million consumers. The CFPB’s complaint against Equifax alleged that the credit reporting agency engaged in unfair and deceptive practices, including not having reasonable security measures for mass quantities of sensitive data and the company’s privacy policy deceiving consumers about the strength of its data security programs.

The monetary relief portion of the settlement aims to reimburse consumers for lost time related to credit monitoring, protecting their personal information, and costs related to identity theft of affected consumers. Affected consumers will also receive at least 10 years of free credit monitoring and 7 years of identity-restoration services. Additionally, for 7 years, all U.S. consumers may request up to 6 free copies of their Equifax credit report per year in addition to any free credit reports they are already entitled to.

View this content by subscribing

Please register to unlock this content

I already have an account. Log in