![]() ![]() Under the terms of the proposed settlement, Equifax will pay a $18.2 million penalty to Massachusetts, a portion of which the AG’s Office will use to support local consumer aid programs. According to the AG’s complaint, Equifax knew about the breach around July 29, 2017, yet did not notify the AG’s Office or consumers until Sept. The complaint further alleged that Equifax violated Massachusetts law by delaying notice of the breach. The complaint alleges Equifax lacked sufficient safeguards to protect consumers’ personal data in its system. According to the AG’s complaint, unauthorized third parties infiltrated Equifax’s computer system through its website for months without the company detecting them and stole sensitive and personal consumer information. Within days, the AG’s Office sued Equifax under Massachusetts consumer protection and data privacy laws. When Equifax announced the data breach in early September 2017, AG Healey immediately launched an investigation to determine the risk to consumers and whether the company had proper safeguards in place to protect consumer information. The company will implement stringent measures to strengthen its security practices and keep our data safe.” “Our office secured a significant penalty from Equifax to ensure accountability for this inexcusable conduct. “Equifax had a duty to protect the private information of our consumers and it failed massively – leading to the worst data breach in history,” said AG Healey. The consent judgment, approved by a Suffolk Superior Court judge on April 13, resolves the AG’s 2017 lawsuit alleging that Equifax failed to patch a known vulnerability in its network, allowing hackers to infiltrate its systems and access the sensitive personal information of least 147 million consumers nationwide. ![]() The settlement must still be approved by the federal district court in the northern district of Georgia.Boston - One of the largest consumer credit reporting agencies in the country has agreed to pay $18.2 million and undertake significant injunctive relief following a massive data breach in 2017 that compromised the personal information of nearly three million Massachusetts residents, Attorney General Maura Healey announced today. The company said earlier this year that it had set aside around $700m to cover anticipated settlements and fines. The announcement confirms a report by the Wall Street Journal that the credit reporting agency had reached a deal with the US. This settlement requires that the company take steps to improve its data security going forward, and will ensure that consumers harmed by this breach can receive help protecting themselves from identity theft and fraud.” “Equifax failed to take basic steps that may have prevented the breach that affected approximately 147 million consumers. “Companies that profit from personal information have an extra responsibility to protect and secure that data,” said the FTC chairman, Joe Simons. ![]() Consumers must submit a claim in order to receive free credit monitoring or cash reimbursements. If consumers choose not to enroll in the free credit monitoring product available through the settlement, they may seek up to $125 as a reimbursement for the cost of a credit-monitoring product of their choice. Compromised data included social security numbers, birth dates, addresses, driver license numbers, credit card numbers and in some cases data from passports.Īffected consumers may be eligible to receive money by filing one or more claims for conditions including money spent purchasing credit monitoring or identity theft protection after the breach and the cost of freezing or unfreezing credit reports at any consumer reporting agency.Īll affected consumers would be eligible to receive at least 10 years of free credit-monitoring, at least seven years of free identity restoration services and, starting on 31 December and extending seven years, all US consumers may request up to six free copies of their Equifax credit report during any 12-month period. The consumer reporting agency, based in Atlanta, did not detect the attack for more than six weeks. ![]() The breach was one of the largest ever to threaten the private information. The settlement with the US Consumer Financial Protection Bureau (CFPB) and the Federal Trade Commission (FTC), as well as 48 states and the District of Columbia and Puerto Rico, would provide up to $425m in monetary relief to consumers, a $100m civil money penalty and other relief. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |