$700 million dollar settlement ordered

Equifax is one of the three credit reporting firms in the US that suffered a massive data breach in 2017 that exposed the personal and financial state of literally half the country (more than 150 million people). As a result, Equifax was ordered to pay a hefty $700 million fine to settle a series of Federal and State investigations. While the size of the fine sounds impressive, digging a bit deeper reveals it to be a bit underwhelming.

Only $425 million of that fine will go into a fund designed to actually reimburse impacted customers. However, Equifax will be allowed to earmark an unspecified portion of that to provide free credit monitoring services to anyone who was impacted by the breach.

Here's the problem

Free Credit Monitoring is actually a money-maker for Equifax because of the way the "free" service is offered.  It's free for a year, and then automatically converts to a paid service.  Given that most people don't pay close attention to that sort of thing, a significant percentage of customers will continue paying Equifax for their credit monitoring service, which essentially sees the company profiting from their own data breach.

In any case, impacted customers will be eligible for a small amount of money from Equifax if their data was compromised. The company is on the hook for paying some $300 million in fines and civil penalties across 50 states and to the Consumer Financial Protection Bureau (CFPB).

On top of that, the company has been ordered to provide all American consumers, (whether they were impacted by the breach or not), six free credit reports each for the next seven years. This is in addition to the one free annual credit report they already get beginning in January 2020.

Our perspective

It's a decent settlement, but it lets Equifax off the hook too easily. That is especially true given that they can turn one of the largest data breaches in American history into a profit center.  The CFPB could have and should have demanded more.

Meanwhile, check out this report

This free executive report may give you insights into how to build your business with safe IT environments: 10 Hidden IT Risks That Might Threaten Your Business and 1 Easy Way to Find Them

The author

Thanks for reading this short post. For more tips on thriving with small business technology, check out the other blog posts at DWPia Blogs. I am also available on LinkedIn, Facebook, and Twitter.

Cybersecurity Expert, Small Business Technology Consultant, Managed Services Provider, Managed IT SupportI am Denis Wilson, President and Principal Consultant for DWP Information Architects. I help professionals grow their business by building a foundation of rock-solid information solutions for smaller healthcare, insurance, financial, legal, and nonprofits firms in Ventura County and San Fernando Valley. And have created cost-effective IT solutions, for over 20 years, specializing in cybersecurity and regulatory compliance. I am also a published author and speaker, working extensively with a variety of organizations, as well as providing small business technology education programs through business and professional associations. This just in: I will be speaking regularly at California Lutheran University's Center for Nonprofit Leadership starting in September.

Contact me if you would like me to speak at your association.