The 2017 Equifax data hack affecting more than 143 million people worldwide will cost the company about $700 million.
The credit reporting company is close to a deal to settle data breach probes, The Wall Street Journal reported July 19, citing people familiar with the matter.
The payment is part of a settlement with U.S. and state regulators, although the dollar amount could change depending on how many people file claims, the WSJ article said. A fund will be established to compensate consumers, along with a special website and phone line for claims. Equifax will also have to further improve how it protects and handles consumer data.
Equifax said it had no comment on the WSJ report.
Among the biggest hacks in history, the impacted data included names, Social Security numbers, birth dates, addresses and, in some instances, driver’s license numbers. In addition, 209,000 consumer accounts were accessed, as well as certain dispute documents with personal data for approximately 182,000 consumers.
A December 2018 report by the House Oversight Committee found that the massive data breach from mid-May through July 2017 could have been easily prevented if the company’s security practices and policies were up to par.
Jun Ying, the former chief information officer (CIO) of Equifax, was sentenced to federal prison in June for insider trading in connection with the breach. The Justice Department discovered that Ying knew about the data breach before it was public and exercised all of his stock options. He sold 6,815 shares of Equifax stock a month before the breach was made public on Sept. 7, 2017. The announcement caused the stock price to plummet.
Investigators were unable to find the stolen data on digital black markets, leading to suspicions that spies, not fraudsters, were ultimately behind the breach.