Today, the Consumer Financial Protection Bureau (CFPB), the Federal Trade Commission (FTC) and a large group of state attorneys general announced that they reached a global settlement with Equifax over its 2017 data breach. Among other relief, the $700 million settlement includes $450 million in monetary relief to consumers and $100 million in civil penalties.
The monetary relief portion of the settlement aims to reimburse consumers for lost time related to credit monitoring, protecting their personal information, and costs related to identity theft of affected consumers. Affected consumers will also receive at least 10 years of free credit monitoring and 7 years of identity-restoration services. Additionally, for 7 years, all U.S. consumers may request up to 6 free copies of their Equifax credit report per year in addition to any free credit reports they are already entitled to.
The Equifax data breach was undoubtedly one of the larger data security events to hit the financial services industry. While not nearly at the same scale as the Equifax breach, the AMCA breach is one of the larger breaches to be reported in the ARM industry. While it might seem that these two events are worlds apart, the two breaches occurred roughly a year apart—mid-2017 for Equifax, late 2018 and early 2019 for AMCA. Data security has always been an important factor in the ARM and financial services industries, and these two data breaches only accentuate how vital it is to be on top of data security measures.