The credit company
Equifax, the credit report and online credit score agency, has agreed to pay a $700 million settlement following a data breach which occurred in 2017. Last week the Federal Trade Commission (FTC) said that the Atlanta-based company failed to take sensible and logical actions to secure its network, and the fine would help compensate victims of hackers who stole personal data.
The data breach
The breach took place on 7th September 2017, when Equifax revealed that there had been illegitimate access to its credit report databases. This led to the breach of records and personal information of 143 million customers. To make matters worse, much of the sensitive information had been stored unencrypted in plain text.
The data breach affected both US and UK customers. As a result of the breach, the UK’s Information Commissioner’s Office has issued the credit company with a £500,000 fine for failing to protect the personal information of up to 15 million UK customers during the same attack.
As part of the settlement, the US Federal Trade Commission has ordered Equifax to agree with the following terms:
- Carry out its own annual audit of security risks
- Submit an external assessment of its security efforts once every two years
- Ensure that third-parties are given access to personal data stored by the firm also have adequate data protection measures in place
Were you affected by the Equifax data breach? Let us know your thoughts in the comments below or Tweet us at @Hyve!