The Consumer Financial Protection Bureau (Bureau), the Federal Trade Commission (FTC), and 48 states, the District of Columbia and Puerto Rico announced a global settlement today with Equifax that would provide up to $700 million in monetary relief and penalties. In a complaint and proposed stipulated judgment filed in federal district court in the Northern District of Georgia, the Bureau alleges that Equifax engaged in unfair and deceptive practices in connection with the 2017 data breach of Equifax’s systems that impacted approximately 147 million consumers. The proposed settlement with the Bureau, if approved by the court, will provide up to $425 million in monetary relief to consumers, a $100 million civil money penalty, and other relief. The Bureau coordinated its investigation with the FTC and attorneys general from across the country. In total, the settlements with these entities would impose up to $700 million in relief and penalties.
“Today’s announcement is not the end of our efforts to make sure consumers’ sensitive personal information is safe and secure. The incident at Equifax underscores the evolving cyber security threats confronting both private and government computer systems and actions they must take to shield the personal information of consumers. Too much is at stake for the financial security of the American people to make these protections anything less than a top priority,” said CFPB Director Kathleen L. Kraninger.
“For consumers impacted by the Equifax breach, today’s settlement will make available up to $425 million for time and money they spent to protect themselves from potential threats of identity theft or addressing incidents of identity theft as a result of the breach. We encourage consumers impacted by the breach to submit their claims in order to receive free credit monitoring or cash reimbursements,” concluded Director Kraninger.