EAST PROVIDENCE, R.I. (WPRI) — Equifax will spend more than half a billion dollars to settle claims that it failed to protect the personal information of 147 million consumers.
In 2017, the company acknowledged a massive data breach that exposed information including names, dates of birth, Social Security numbers, and addresses.
Equifax reached a settlement with the Federal Trade Commission (FTC), the Consumer Financial Protection Bureau (CFPB), and 50 U.S. states and territories, according to an announcement Monday morning.
The settlement could range between $575 million and $700 million depending on how many claims are filed. Here’s how the settlement money breaks down:
- $300-$425 million for consumer compensation and credit monitoring
- $175 million to 48 states, the District of Columbia and Puerto Rico
- $100 million to the CFPB in civil penalties
Rhode Island’s share of civil penalties levied against Equifax is $1 million, according to Kristy dosReis, a spokesperson for the R.I. Attorney General’s office.
“Under current statute, that money will go to the state,” dosReis told Call 12 for Action. “It is our hope that the money will be used for consumer protection purposes.”
The settlement still needs court approval.
Consumers affected by the breach are eligible to receive up to $20,000 for losses resulting from the breach. Consumers can also get free credit monitoring services or a $125 payment if they already have credit monitoring.
Beginning in January 2020, Equifax will also provide all U.S. consumers with six free credit reports each year for seven years.
In a statement, FTC Chairman Joe Simons said Equifax failed to take basic steps that may have prevented the data breach.
“Companies that profit from personal information have an extra responsibility to protect and secure that data,” Simons said. “This settlement requires that the company take steps to improve its data security going forward, and will ensure that consumers harmed by this breach can receive help protecting themselves from identity theft and fraud.”
Consumer Financial Protection Bureau Director Kathleen Kraninger said protecting consumers’ personal information is an ongoing concern.
“The incident at Equifax underscores the evolving cybersecurity threats confronting both private and government computer systems and actions they must take to shield the personal information of consumers,” Kraninger said. “Too much is at stake for the financial security of the American people to make these protections anything less than a top priority.”
In a statement, Equifax CEO Mark Begor said the settlement is a positive step for consumers.
“The consumer fund of up to $425 million that we are announcing today reinforces our commitment to putting consumers first and safeguarding their data – and reflects the seriousness with which we take this matter,” Begor said.