The FTC just slammed Equifax with a $700M fine for that 2017 data breach

Just a heads up, if you buy something through our links, we may get a small share of the sale. It’s one of the ways we keep the lights on here. Click here for more.

Remember back in 2017 when Equifax got hacked and lost the intimate financial details of almost 150 million Americans? Well, the Federal Trade Commission (FTC), the Consumer Financial Protection Bureau (CFPB), and all the states just reached a settlement with the credit monitoring bureau, to the tune of almost $700 million.

That settlement also includes a bunch of security measures that Equifax needs to adhere to, including third-party audits every two years.

Equifax will pay out up to $700 million in fines and other restitution

This is the largest settlement in FTC history, dwarfing the fine given to Uber after its own data breach in 2016. The hackers got into the system via unpatched software, which hadn’t been properly updated in the months prior to the breach. Before he retired, Equifax’s former chief executive, Richard Smith, blamed the lack of patching on a single employee.

Here’s the settlement by the numbers:

• 147 million Americans affected by the breach
• $100 million dollars paid to the Consumer Financial Protection Bureau (CFPB) in civil penalties
• $300 million paid into a fund to provide credit monitoring for those affected. An additional $125 million will be added if this fund isn’t enough
• $175 million split between 48 states, the District of Columbia and Puerto Rico
• The fine, the largest in the FTC’s history, amounts to nearly 20% of Equifax’s 2018 revenue of $3.41 billion
• U.K. authorities already issued its maximum penalty of £500,000 — about $624,000

Even though this was a record fine, it still seems like business as usual for Equifax. Maybe we should rethink how the credit agencies are regulated, so that breaches like this have less likelihood of happening.

If you want to read the rest of the statements put out, you can find the FTC’s one here, and Equifax’s here.

What do you think? Is the fine proper punishment for Equifax? Let us know down below in the comments or carry the discussion over to our Twitter or Facebook.

Editors’ Recommendations:

• DoorDash is straight-up ripping off its drivers’ tips
• The Orlando Police is ditching Amazon’s facial recognition tech because it kept fucking up
• Turns out, social media and not video games is why teens are depressed
• Facebook and Google know exactly what porn you watch – even if you use incognito mode

Joe Rice-Jones

Maker, meme-r, and unabashed geek with nearly half a decade of blogging experience at KnowTechie, SlashGear and XDA Developers. If it runs on electricity (or even if it doesn't), Joe probably has one around his office somewhere, with particular focus in gadgetry and handheld gaming. Shoot him an email at joe@knowtechie.com.