Equifax Agrees To Pay Data Breach Victims Up To $20,000 For Their Troubles REPACK
Identity theft is an enormous problem for consumers. The Federal Trade Commission reported 399, 225 cases of identity theft in the United States in 2016. Of that number, 29% involved the use of personal data to commit tax fraud. More than 32% reported that their data was used to commit credit card fraud, up sharply from 16% in 2015. A 2015 report from the Department of Justice found that 86% of the victims of identity theft experienced the fraudulent use of existing account information, such as credit card or bank account information. The same report estimated the cost to the U.S. economy at $15.4 billion.
Equifax Agrees to Pay Data Breach Victims Up to $20,000 for Their Troubles
Third, consumers affected by data breaches should have a private right of action. Companies often require consumers to agree to contracts with arbitration clauses that block consumers from bringing lawsuits. Credit reporting agencies and other financial institutions should be prohibited from using these arbitration agreements to block consumer actions for breach, improper disclosure, or misuse of their personal data. And a breach of personal data should be sufficient harm to provide a cause of action.
To get more information about how to protect yourself if someone steals your identity or what to do after your personal information is compromised in a data breach, go to Identitytheft.gov and Identitytheft.gov/databreach. Identitytheft.gov is the federal government's primary resource for identity theft victims. If you're a victim of identity theft, you can get a personal recovery plan, find sample letters to send to your creditors, and get an Identity Theft Report.
Ideally, everyone affected by the Equifax breach will get a $125 payout for their trouble. If that sounds too good to be true, it might be. As the FTC wrote in a Wednesday blog post(Opens in a new window), "the public response to the settlement has been overwhelming," so the pot of money available to victims grows smaller with each claim. The agency is thus recommending that people opt for 10 years of free credit monitoring instead of cash.
Here's a trick. Those who have had their data breached can get up to $125 for their trouble. But you can get even more if you've spent time trying to recover from fraud or identity theft resulting from the Equifax breach.
Significant data breaches are often reported on in the news. In addition, companies who are aware a data breach has occurred with their data may reach out to you directly informing you that your information may have been compromised.
Shown facts from as many as three breaches that involved their personal data, 413 people were aware of only 74 percent of the breaches, according to a study released in 2021 by the University of Michigan, George Washington University and the Karlsruhe Institute of Technology.
Equifax will also pay up to $20,000 per person to compensate people who paid out-of-pocket expenses or suffered other harm after the data breach. People can be reimbursed if they were hit with unauthorized charges to their accounts after the data breach, or if they paid for credit monitoring or credit freezes, or perhaps if they incurred fees from attorneys or accountants related to the breach or identity theft.
You can even get compensated for the time you personally spent making phone calls or dealing with the data breach or identity theft in other ways. Affected individuals will get paid $25 per hour of their time, for up to 20 hours.
On September 7th of 2017, six weeks after its discovery, Equifax issued a public announcement their networks had suffered a data breach that exposed the personal information of 143 million consumers (Equifax later discovered an additional 4 million affected consumers). Initially many expected the breach would result in widespread identity theft and fraud. Ultimately, investigators came to believe the breach was executed by Chinese state-sponsored hackers as part of a government operation to collect American data (Fruhlinger).
On November 8, 2021, Robinhood, the American stock trading platform, disclosed a data breach after their systems were hacked. A threat actor gained access to the personal information of around 7 million customers.
On June 12, 2021, Intuit, an American financial software company, notified TurboTax customers that some of their personal and financial data has been compromised in account takeover attacks. Criminals gained access to victims' account using credentials stolen from previously breached online services.
On February 19, 2021, Sequoia Capital informed its investors of a data breach jeopardizing some of their personal and financial information. The company claimed to have been a victim of a phishing attack.
On March 25, 2020, Square Milner, one of the largest accountancy firms in the US, experienced a possible data breach. According to Squar Milner, the data breach may have included names, addresses, Social Security numbers or Tax ID numbers. It appears client data was accessed via credential stuffing but an actual data breach of their systems is yet to be ruled out.
On December 10, 2019, Wawa Inc., a U.S.-based convenience store chain, discovered that its payment card processing systems had been breached for a 9-month long period in which customers in any of its worldwide locations could have had their card data stolen.
On December 10, 2019, Wawa Inc., a U.S.-based convenience store chain, discovered that its payment card processing systems had been breached for a 9-month long period in which customers in any of its worldwide locations could have had their card data stolen. On January 27, 30 million card details believed to be part of the breach posted for sale online, including card numbers and expiration dates. Pins and CVV records were not exposed.
In February 2018, it was revealed that thirty-six people from seven countries had been indicted in the United States for their alleged involvement in the Infraud Organization, which law enforcement officials say sells stolen personal and financial information. More than half a billion dollars was lost by the victims, the U.S. Department of Justice said, with a trail going back to October 2010. The organization was said to have more than 10,000 registered members who bought and sold illicit products including malware, data from credit card dumps, and information needed for identity fraud.
In July 2014, the European Central Bank (ECB) announced that hackers had breached the security of a database holding email addresses and other contact data submitted by people registering for events at the bank. The ECB said most of the stolen data was encrypted, and no internal systems or sensitive market data had been compromised as the database was separate to those systems. Approximately 20,000 people had their information exposed in non-encrypted form.
Toward the end of 2008, Atlanta-based credit card processing company RBS WorldPay was breached by an international crime ring. The group used sophisticated hacking techniques to break the encryption used by RBS WorldPay to protect customer data on payroll debit cards. Once bypassed, the group created counterfeit payroll debit cards and raised their account limits. The group employed a network of individuals to use the cards to withdraw over $9 million from more than 2,100 ATMs in at least 280 cities worldwide. The investigation of the incident identified over 1.5 million customers whose confidential information was compromised. Individuals in Russia, Moldova, Nigeria, and Estonia were indicted from the hack in 2009. To date, U.S. authorities have charged fourteen men.
But the fines take very different forms. Almost half of the Equifax settlement is going to consumers harmed by the breach, who are eligible for at least $125; some will get as much as $20,000 for time and money spent protecting their identity in the wake of the violation. The entirety of the Facebook fine, by contrast, goes to the U.S. Department of the Treasury.
In the Equifax case, consumers allegedly lost time and money by trying to protect their personal information in the wake of the data breach. Under the Fair Credit Reporting Act, which regulates Equifax and other credit reporting agencies, the federal government can require that those consumers be compensated.