Equifax set to pay around $700 mn for 2017 data breach
San Francisco - US-based credit-reporting firm Equifax Inc is reportedly close to reaching an agreement with authorities for a $700 million fine over a 2017 data breach.
Equifax is about to reach an agreement with the US Federal Trade Commission, the Consumer Financial Protection Bureau and most state attorneys general, Sputnik news agency reported on Saturday citing a report in The Wall Street Journal.
The settlement may be announced as soon as Monday, sources familiar with the matter told WSJ. The exact amount of money Equifax will have to pay may change, depending on the number of consumer claims filed.
According to Wall Street Journal sources, the settlement will establish a fund to compensate consumers for harm caused by the breach. A website and a phone line will be created to process claims filed by the victims.
The settlement will also oblige the company to overhaul its security network, a task estimated to cost the company an additional $1.25 billion, the report said.
The 2017 hack exposed nearly 150 million US citizen names, Social Security numbers, birth dates and addresses.
According to the report, hackers were able to rummage undetected through the company's network for months.
Equifax did not report the breach for a period of six weeks after it was initially detected.
The scandal led to the resignation of the company CEO and to a Congressional hearing during which lawmakers grilled executives about the company's handling of consumer data and its inability to report the breach in a timely fashion.