Breakthrough Web Design - 515-897-1144 - Web sites for businesses
News & Entertainment for Mason City, Clear Lake & the Entire North Iowa Region

Founded October 1, 2010

Victims of Equifax data breach can claim settlement

This news story was published on July 31, 2019.
Advertise on NIT Subscribe to NIT

DES MOINES — Attorney General Tom Miller announced that a coalition of 50 attorneys general has reached a proposed settlement with Equifax as the result of an investigation into a massive 2017 data breach. The investigation found that Equifax’s failure to maintain a reasonable security system enabled hackers to penetrate its systems, exposing the data of 56 percent of American adults — the largest-ever breach of consumer data.

The attorneys general secured a settlement with Equifax that includes a Consumer Restitution Fund of up to $425 million, a $175 million payment to the states, and injunctive relief, which also includes a significant financial commitment. This is the largest data breach enforcement action in history.

Iowa’s share of the state settlement is $1,347,721, which will go into the Consumer Education and Litigation Fund. Miller’s office filed a petition against the company, and Equifax agreed to a consent judgment, which is pending in Polk County District Court.

“This data breach was astonishing, not only because of the number of consumers affected, but also because of the key personal information that it exposed,” Miller said. “This agreement offers financial reimbursement for victims and will help protect against another breach.”

On Sept. 7, 2017, Equifax, one of the largest consumer reporting agencies in the world, announced a data breach affecting more than 147 million consumers— nearly half of the U.S. population. Breached information included Social Security numbers, names, dates of birth, addresses, credit card numbers, and in some cases, driver’s license numbers.

Shortly after, Miller and a coalition that grew to 48 states, the District of Columbia, and the Commonwealth of Puerto Rico launched a multi-state investigation into the breach. The investigation found that the breach occurred because Equifax failed to implement an adequate security program to protect consumers’ highly sensitive personal information. Despite knowing about a critical vulnerability in its software, Equifax failed to fully patch its systems. Moreover, Equifax failed to replace software that monitored the breached network for suspicious activity. As a result, the attackers penetrated Equifax’s system and went unnoticed for 76 days.

Under the terms of the settlement, Equifax agreed to provide a single Consumer Restitution Fund of up to $425 million — with $300 million dedicated to consumer redress. If the $300 million is exhausted, the fund can increase by up to an additional $125 million. The company will also offer affected consumers extended credit-monitoring services for a total of 10 years.

Equifax has also agreed to take several steps to assist consumers who are either facing identity theft issues or who have already had their identities stolen including, but not limited to, terms:

  • making it easier for consumers to freeze and thaw their credit;
  • making it easier for consumers to dispute inaccurate information in credit reports; and
  • requiring Equifax to maintain sufficient staff dedicated to assisting consumers who may be victims of identity theft.

Equifax has also agreed to strengthen its security practices going forward, including:

  • reorganizing its data security team;
  • minimizing its collection of sensitive data and the use of consumers’ Social Security numbers;
  • performing regular security monitoring, logging and testing;
  • employing improved access control and account management tools;
  • reorganizing and segmenting its network; and
  • reorganizing its patch management team and employing new policies regarding the identification and deployment of critical security updates and patches.

Consumers who are eligible for redress will be required to submit claims online, by mail, or by phone. Consumers will be able to obtain information about the settlement, check their eligibility to file a claim, and file a claim by phone or online. To receive email updates regarding the launch of the Equifax Settlement Breach online registry, consumers can sign up at

Consumers can also call 1-833-759-2982 for more information. The program to pay restitution to consumers will be conducted in connection with settlements that have been reached in the multi-district class actions filed against Equifax, as well as settlements that were reached with the Federal Trade Commission and Consumer Financial Protection Bureau.

In addition to Iowa, other attorneys general participating in this settlement include Alabama, Alaska, Arizona, Arkansas, California, Colorado, Connecticut, Delaware, Florida, Georgia, Hawaii, Idaho, Illinois, Kansas, Kentucky, Louisiana, Maine, Maryland, Michigan, Minnesota, Mississippi, Missouri, Montana, Nebraska, Nevada, New Hampshire, New Jersey, New Mexico, New York, North Carolina, North Dakota, Ohio, Oklahoma, Oregon, Pennsylvania, Rhode Island, South Carolina, South Dakota, Tennessee, Utah, Vermont, Virginia, Washington, Wisconsin, Wyoming, and the District of Columbia. Also joining are Texas, West Virginia and the Commonwealth of Puerto Rico.

Leave a Reply

Your email address will not be published.

 characters available

5 Responses to Victims of Equifax data breach can claim settlement

  1. Eric Swift Reply Report comment

    May 3, 2021 at 9:55 pm

    I am just a small investor. bought $8K USD ($8000) of EFX stock on BMGEX Global. They have vanished with my 8K but I presume I still own the stock. I want my money back. How do I get it back?

  2. GOVERNMENT CORRUPTION Reply Report comment

    August 1, 2019 at 8:09 am

    What? 50 states “Attorney General’s” make a settlement on behalf of me! Really? I didn’t ask or know anything about this. Then it appears each state gets millions to put into STATE coffers.

    I had to my identity stolen due to the Equifax breach! Equifax did not contact me but Credit Karma did regarding this settlement,

    I received the following E-mail from Credit Karma,

    “Hi Larreyl,

    Equifax has reached a settlement with the government over their 2017 breach. These things can be pretty confusing, so we want to make sure you understand your options. Equifax is offering up to $125 or up to 10 years of free credit monitoring to people affected by the breach.”

    This is Government corruption and totally screwing over all of us that were impacted by having our identity stolen and used.

    Wrong at every level. When you get right down to it, the Government stole my identity again and went to court and represented me without my consent!

  3. Anonymous Reply Report comment

    August 1, 2019 at 7:53 am

    Class Action? You don’t get the right to vote, and lawyers are the real winners. Personal claim? I’m no lawyer, but don’t accept it!

  4. Anonymous Reply Report comment

    August 1, 2019 at 7:53 am

    Equifax has reached a settlement with the government over their 2017 breach. These things can be pretty confusing, so we want to make sure you understand your options.” Get this, the “government” reached a settlement for me without my consent. What kind of shxt is this? Equifax is offering up to $125 or up to 10 years of free credit monitoring to people affected by the breach. That is the settlement, unbelievable! I have had my American Express reproduced and used in California and New Jersey. They offer me $125.00 lousy dollars for my grief. Whop-ti-do!!! This is a total head shaker!

    • Anonymous Reply Report comment

      August 3, 2019 at 1:26 am

      Try reading the facts before complaining. In addition to the 125 dollars, you can also claim up to 20,000 dollars in damages. The 125 is for your information being breached, whether or not it was used illegally. If your information was used by the criminals, you can get more money from Equifax. People love to complain but I wonder if the complainers would take Equifax to court on the issue individually. Hire a lawyer and wait for your day in court, then present your case. Maybe some people would have. But 147 million individuals? Imagine how long it would be to get your day in court. Also, you do not have to accept the decision. Go ahead and refuse to accept and take on Equifax by yourself. I’m fine with the government doing the work it took to get to a settlement. I also submitted what damage I had personally because of the breach. I will be glad to get the money in the next year and to not be waiting for a court date years from now. Complaining just comes naturally for a lot
      of people. Sometimes complaining without really knowing the facts makes you look stupid. But it also spreads like fire to other uninformed people. By the way, often in class action lawsuits, the money that goes unclaimed is divided up and paid out to the people that did make a claim. I don’t know if that applies here. Go ahead and refuse to accept the offer, the rest of us will gladly take your share if it does.