The Long-Term Executive Effect Of The Equifax Breach.
Many of you may be aware of the 2017 Equifax data breach, which resulted in the divulgence of the financial and personal information of approximately 148 million individuals. Due to this data breach, Equifax recently announced a settlement that necessitates they spend at least $1.38 billion in order to resolve the claims of consumers. This money will result in a non-reversionary fund that pays out benefits to the consumers that had their data exposed and were harmed due to the breach.
Another requirement of this settlement is that $125 million is spent on cash compensation. This amount can even increase should the number of class members that sign up for credit monitoring surpass 7 million. Additionally, another $100 million will be allocated to the resolution of probes conducted by the Federal Trade Commission and the Consumer Financial Protection Bureau. To go even further, $175 million in fines will be needed to settle the general investigations of state attorneys. The final piece of this settlement requires that $1 billion is spent by Equifax over the next five years as a way to improve data security.
In June of this year the former vice president and international CIO of Equifax, Jun Ying, received a four-month prison sentence, a $117,000 restitution and $55,000 in fines for the act of insider trades. These trades were conducted between the time of the data breach discovery and the announcement made to the public. Jun Ying was not alone in his sentencing and fines, as Sudhakar Reddy Bonthu, a former engineer from the company, was sentenced and fined as well.
For the first time in history, Moody's investor ratings for a company were dropped from stable to negative due to a cyberattack. The United States was joined in the act of sanctioning Equifax by the UK, as the Information Commissioner’s Office (ICO) fined the company on behalf of the 15 million British citizens affected.
Despite these unprecedented repercussions for Equifax, there are still C-suite executives at similar organizations that aren’t designating adequate focus to cybersecurity in order to avoid the same fate. There are still questions as to whether the mainstream visibility of the Equifax breach and its legal and financial repercussions will inspire corporations to look towards improved security measures. Historically, publicly visible data breaches lead to a short-term rise in cybersecurity spending, only to be scaled down after a year or two.
What Does This Mean for Executives?
The Equifax breach and its repercussions should be internalized and acted upon by all executives around the world. If lessons aren’t learned from this security failure, history will repeat itself and more organizations will experience the same failures and lawsuits as Equifax. A major takeaway from the settlement is that consumers are not going to simply accept that data breaches are just a normal occurrence.
If you are an organization that turns a profit off of data acquired through its customers, then you should be doing your absolute best to protect that data.
Data security is extremely important to us, and we love to discuss it with executives and security professionals alike. If you’d like to explore ways to improve your data security, reach out to us today at 630-769-8700 or fill the contact form below.