The settlement also requires the company to obtain third-party assessments of its information security program every two years. $300 million of that will go to a fund providing affected consumers with credit monitoring services (another $125 million will be added if the initial payment is not enough to compensate consumers), $175 million will go to 48 states, the District of Columbia and Puerto Rico, and $100 million will go to the CFPB. states and territories over the company’s "failure to take reasonable steps to secure its network." In July 2019 the credit agency agreed to pay $575 million - potentially rising to $700 million - in a settlement with the Federal Trade Commission, the Consumer Financial Protection Bureau (CFPB), and all 50 U.S.
#Equifax data breach Patch
The company had failed to fix a critical vulnerability months after a patch had been issued and then failed to inform the public of the breach for weeks after it been discovered. Equifax: (At least) $575 MillionĢ017 saw Equifax lose the personal and financial information of nearly 150 million people due to an unpatched Apache Struts framework in one of its databases. Amazon is said to be appealing the fine, with a spokesperson stating, “There has been no data breach, and no customer data has been exposed to any third party.” 3.
#Equifax data breach full
According to a blog post by cybersecurity vendor Tessian, the full reasons behind the fine haven’t yet been confirmed, but it is believed to involve cookie consent. In summer 2021, retail giant Amazon’s financial records revealed that officials in Luxembourg issued a €746 million ($877 million) for breaches of the GDPR. In a statement, Didi Global said it accepted the cybersecurity regulators' decision, which came after a year-long investigation into the firm over its security practices and “suspected illegal activities.” 2. Didi Global: $1.19 billionĬhinese ride-hailing firm Didi Global was fined 8.026 billion yuan ($1.19 billion) by the Cyberspace Administration of China after it decided that the company violated the nations’ network security law, data security law, and personal information protection law. Here are the biggest fines and penalties assessed for data breaches or non-compliance with security and privacy laws. Now, the Equifax fine has been eclipsed by the $1.19 billion fine levied against the Chinese firm Didi Global for violating that nation's data protection laws, and by the $877 million fine against Amazon last year for running afoul of the General Data Protection Regulation (GDPR) in Europe. Marriott was hit with a $124 million fine, later reduced, while Equifax agreed to pay a minimum of $575 million for its 2017 breach. Sizable fines assessed for data breaches since 2019 suggest that regulators are getting more serious about organizations that don’t properly protect consumer data.
0 kommentar(er)
