Equifax Scandal: What Laws Were Broken?

what laws did equifax break

In 2017, Equifax suffered a data breach that compromised the personal information of 143 million Americans. The company failed to safeguard the names, addresses, dates of birth and SSNs of its customers, and then failed to act once aware of the breach. The breach exposed millions of people to the risk of identity theft and fraud. The US government has since indicted four members of China's military on charges of hacking Equifax. In the wake of the breach, there have been calls for stronger data privacy laws and for federal agencies to take action against Equifax.

Characteristics Values
Number of people affected 143 million (some sources state 147 million or 150 million)
Type of data compromised Names, addresses, dates of birth, SSNs
Action taken by Equifax Failed to act once aware of the breach
Action taken by federal agencies None
Action taken by the U.S. government Indicted four members of China's military on charges of hacking Equifax
Settlement Equifax agreed to pay at least $575 million, and potentially up to $700 million

Explore related products

The Data Protection Guidebook: A Survey of U.S. Federal and State Laws, Statutes, and Regulations Governing Data Breach Notification, Biometric Information, Cybersecurity, and Data Privacy
The Data Protection Guidebook: A Survey of U.S. Federal and State Laws, Statutes, and Regulations Governing Data Breach Notification, Biometric Information, Cybersecurity, and Data Privacy

$44.99

The Data Protection Guidebook: A Survey of U.S. Federal and State Laws Statutes, and Regulations Governing Data Breach Notification, Biometric Information, Cybersecurity, and Data Privacy
The Data Protection Guidebook: A Survey of U.S. Federal and State Laws Statutes, and Regulations Governing Data Breach Notification, Biometric Information, Cybersecurity, and Data Privacy

$39.99

Data Security Breaches: Notification Laws, Legislation and Identity Theft (American Political, Economic, and Security Issues)
Data Security Breaches: Notification Laws, Legislation and Identity Theft (American Political, Economic, and Security Issues)

$35 $160

Data Breach Preparation and Response: Breaches are Certain, Impact is Not
Data Breach Preparation and Response: Breaches are Certain, Impact is Not

$52.46 $69.95

The Data Protection Guidebook: A Survey of U.S. Federal and State Laws Statutes, and Regulations Governing Data Breach Notification, Biometric Information, Cybersecurity, and Data Privacy
The Data Protection Guidebook: A Survey of U.S. Federal and State Laws Statutes, and Regulations Governing Data Breach Notification, Biometric Information, Cybersecurity, and Data Privacy

$39.99

Data Breach Disclosure Laws, 3rd Edition: A State-by-State Perspective
Data Breach Disclosure Laws, 3rd Edition: A State-by-State Perspective

$27.97 $95

What You'll Learn

lawshun

Equifax failed to safeguard personal data

The 2017 data breach was one of the largest in US history, compromising the personal data of 143 million Americans. Equifax has agreed to pay at least $575 million, and potentially up to $700 million, as part of a global settlement with the Federal Trade Commission, the Consumer Financial Protection Bureau (CFPB), and 50 U.S. states and territories.

The U.S. government has also indicted four members of China's military on charges of hacking Equifax to exploit the personal data of 150 million Americans. They allegedly conspired to hack into Equifax's computer networks, maintain unauthorized access to those computers, and steal sensitive, personally identifiable information of nearly half of all American citizens.

The failure of Equifax to safeguard personal data has had significant implications for the privacy and security of Americans, highlighting the need for stronger data protection measures and enforcement of existing laws.

Who Breaks the Law? Political Party and Crime

You may want to see also

Explore related products

Blue Paper on Data Protection - A Data Breach Accountability Framework: How to reduce the risk of GDPR sanctions (Professional Publication)
Blue Paper on Data Protection - A Data Breach Accountability Framework: How to reduce the risk of GDPR sanctions (Professional Publication)

$12.9

Data Breaches: Case Studies of Corporate Catastrophes
Data Breaches: Case Studies of Corporate Catastrophes

$6.49 $13.99

Swiping Rights: When Data Breaches Put You Out of the Closet
Swiping Rights: When Data Breaches Put You Out of the Closet

$16.23 $16.23

EU Personal Data Protection in Policy and Practice (Information Technology and Law Series, 29)
EU Personal Data Protection in Policy and Practice (Information Technology and Law Series, 29)

$42.28 $89.99

Data Breach Notification Laws: A Fifty State Survey
Data Breach Notification Laws: A Fifty State Survey

$305

E-Commerce and Breach of Data Privacy: A Critical Study with Special Reference to Electronic Payment Method
E-Commerce and Breach of Data Privacy: A Critical Study with Special Reference to Electronic Payment Method

$9

lawshun

Equifax failed to act once aware of the breach

The breach was caused by a failure to take reasonable steps to secure its network. Equifax's network was hacked by four members of China's military who conspired to hack into Equifax's computer networks, maintain unauthorized access to those computers, and steal sensitive, personally identifiable information of nearly half of all American citizens. This placed American consumers at risk from foreign adversaries.

Despite the severity of the breach, no federal agency has taken action against Equifax. The company has, however, agreed to pay at least $575 million, and potentially up to $700 million, as part of a global settlement with the Federal Trade Commission, the Consumer Financial Protection Bureau (CFPB), and 50 U.S. states and territories. This settlement arose from the 2017 data breach that compromised personal data.

In the aftermath of the breach, EPIC President Marc Rotenberg testified before the House and the Senate about the Equifax breach. Rotenberg warned lawmakers and regulators that "the Equifax data breach is one of the most serious in the nation's history." He urged lawmakers to update federal privacy laws and also ensure that the CFPB pursues an effective investigation. Rep. Luetkemeyer (R-MO) has introduced a bill that would codify basic data breach notification standards for the financial services industry but would preempt stronger state laws.

Elizabeth Warren's Legal Troubles: What Laws Were Broken?

You may want to see also

Explore related products

A Practical Guide to Enforcing Data Protection Rights and Compensation for Data Breaches
A Practical Guide to Enforcing Data Protection Rights and Compensation for Data Breaches

$89.99

Blue Paper on Data Protection – A Data Breach Accountability Framework: How to reduce the risk of GDPR sanctions (Professional Publication, 2nd edition, HC)
Blue Paper on Data Protection – A Data Breach Accountability Framework: How to reduce the risk of GDPR sanctions (Professional Publication, 2nd edition, HC)

$20.9

Compliance [Blu-ray]
Compliance [Blu-ray]

$7.77

Compliance
Compliance

$3.69

How to Be a Wildly Effective Compliance Officer: Learn the Secrets of Influence, Motivation and Persuasion to become an In-Demand Business Asset
How to Be a Wildly Effective Compliance Officer: Learn the Secrets of Influence, Motivation and Persuasion to become an In-Demand Business Asset

$12.63 $15.99

Connections Over Compliance: Rewiring Our Perceptions of Discipline
Connections Over Compliance: Rewiring Our Perceptions of Discipline

$24 $26

lawshun

Equifax failed to secure its network

The breach was caused by Equifax's failure to take reasonable steps to secure its network. This included not implementing proper security measures, such as encryption and two-factor authentication, to protect the personal information stored on its network. As a result, hackers were able to gain unauthorised access to Equifax's computer networks and steal sensitive, personally identifiable information.

The company also failed to act once it became aware of the breach, which further compromised the personal data of its customers. This inaction led to criticism from EPIC President Marc Rotenberg, who testified before the House in 2018 and the Senate in 2017 about the Equifax breach. He warned lawmakers and regulators that "the Equifax data breach is one of the most serious in the nation's history" and urged them to update federal privacy laws and ensure an effective investigation by the CFPB.

The failure of Equifax to secure its network had far-reaching consequences, with the personal data of nearly half of all American citizens at risk. This highlighted the need for stronger data protection laws and enforcement to prevent similar incidents from occurring in the future.

Martial Law Violation: Understanding the Unthinkable Consequences

You may want to see also

Explore related products

Insider's Guide to Compliance: Real World Advice for Building a Successful Compliance Program
Insider's Guide to Compliance: Real World Advice for Building a Successful Compliance Program

$29.99

Compliance
Compliance

$6.99

Compliance Officer: Dictionary Definition Blank Lined Journal Notebook
Compliance Officer: Dictionary Definition Blank Lined Journal Notebook

$6.99

CCEP Study Guide: UPDATED All-in-One CCEP Compliance Review + 300 Practice Questions with Detailed Answer Explanations for the Certified Compliance & ... Exam(Includes 3 Full-Length Tests)
CCEP Study Guide: UPDATED All-in-One CCEP Compliance Review + 300 Practice Questions with Detailed Answer Explanations for the Certified Compliance & ... Exam(Includes 3 Full-Length Tests)

$19.99

Compliance Management: A How-to Guide for Executives, Lawyers, and Other Compliance Professionals
Compliance Management: A How-to Guide for Executives, Lawyers, and Other Compliance Professionals

$41 $54

The Fundamentals of Compliance
The Fundamentals of Compliance

$6.99 $14.99

lawshun

Equifax exposed millions of names and addresses

The breach was caused by Equifax's failure to take reasonable steps to secure its network, leading to a breach that exposed millions of names and other personal information. This information could be used for identity theft and fraud. In addition to the financial settlement, Equifax also faced criticism and calls for updated federal privacy laws to prevent similar incidents from occurring in the future.

The US government has also indicted four members of China's military on charges of hacking Equifax to exploit the personal data of 150 million Americans. They allegedly conspired to hack into Equifax's computer networks, maintain unauthorized access, and steal sensitive, personally identifiable information.

While federal laws did not adapt specifically in response to the Equifax breach, state laws did change. New York added strict cybersecurity controls for credit bureaus operating in the state, and the European Union implemented its General Data Protection Regulation.

Sam Bankman-Fried: Lawbreaker or Misguided Crypto Maverick?

You may want to see also

Explore related products

Building a World-Class Compliance Program: Best Practices and Strategies for Success
Building a World-Class Compliance Program: Best Practices and Strategies for Success

$32.19 $55

Law of Governance, Risk Management and Compliance: [Connected Ebook] (Aspen Casebook)
Law of Governance, Risk Management and Compliance: [Connected Ebook] (Aspen Casebook)

$200 $351

Governance, Risk Management, and Compliance: It Can't Happen to Us--Avoiding Corporate Disaster While Driving Success
Governance, Risk Management, and Compliance: It Can't Happen to Us--Avoiding Corporate Disaster While Driving Success

$30.37 $52

Living Your Best Compliance Life: 65 Hacks and Cheat Codes to Level up Your Compliance Program
Living Your Best Compliance Life: 65 Hacks and Cheat Codes to Level up Your Compliance Program

$18.69 $19.99

Wildly STRATEGIC Compliance Officer Workbook: Learn the secrets of strategy and planning to become an in-demand business asset
Wildly STRATEGIC Compliance Officer Workbook: Learn the secrets of strategy and planning to become an in-demand business asset

$26.5 $26.5

lawshun

Equifax exposed other personal information that could lead to identity theft and fraud

The 2017 data breach is one of the most serious in US history, compromising the authenticating details of over 100 million Americans. Equifax has agreed to pay at least $575 million, and potentially up to $700 million, as part of a global settlement with the FTC, the Consumer Financial Protection Bureau (CFPB), and 50 US states and territories.

The US government has also indicted four members of China's military on charges of hacking Equifax to exploit the personal data of 150 million Americans. They allegedly conspired to hack into Equifax's computer networks, maintain unauthorized access to those computers, and steal sensitive, personally identifiable information of nearly half of all American citizens.

The failure of Equifax to safeguard the personal data of Americans has placed American consumers at risk from foreign adversaries. The company's authentication services were clearly inadequate, and its failure to act once aware of the breach is a serious concern. The settlement with Equifax is a step towards holding the company accountable for its negligence and ensuring that such a breach does not occur again.

Discrimination: Walking the Fine Line Without Breaking the Law

You may want to see also

Frequently asked questions

Equifax broke federal privacy laws.

The company agreed to pay at least $575 million, and potentially up to $700 million, as part of a global settlement with the Federal Trade Commission, the Consumer Financial Protection Bureau (CFPB), and 50 U.S. states and territories.

The personal information of 147 million people, including names, addresses, dates of birth, and SSNs.

Written by
Reviewed by
Share this post
Print
Did this article help you?

Leave a comment