An Equifax cyber hack fine has been avoided in the US as the company struck a deal with regulators to change their ways and avoid a repeat of the incident.
The massive Equifax data breach that took place in 2017 was entirely preventable given it was caused by their failure to patch a known security vulnerability, and the fact that their own systems failed to identify the continuing vulnerability. As such, the avoidance of an Equifax cyber hack fine in the US has come as somewhat of a surprise, but this doesn’t mean that they won’t be fined here in the UK.
We’re acting for a group of victims of the Equifax breach here in the UK who are claiming compensation as a result of the incident.
Equifax cyber hack fine avoided in US as firm strikes deal
An Equifax cyber hack fine has been avoided in the US on the premise of a number of things the organisation has reportedly promised to do in order to change their ways and ensure there is no repeat of what has been one of the biggest data breaches in history; affecting some 145 million people worldwide, with 700,000 of those victims right here in the UK.
Equifax must ensure that they now have a detailed assessment of cyber threats, an improved system for ensuring patches for security vulnerabilities are in place, and they must ensure the board doesn’t fall foul of such an oversight again. It’s understood that Equifax has already accomplished a number of these things, but it doesn’t mean the buck should stop there.
Will there be an Equifax cyber hack fine in the UK?
There may still be an Equifax cyber hack fine in the UK. In fact, we would be incredibly surprised if there isn’t one. Just because a deal has been reached in the US doesn’t mean our own data watchdog, the Information Commissioner’s Office (ICO), will not issue a fine.
The fact that an Equifax cyber hack fine has been avoided in the US potentially makes for an unsettling precedent. Fines and legal claims are a solid way of ensuring an organisation is punished where it hurts (i.e. the pocket) when they fall short of their important duty to safeguard the data they hold. If organisations can be allowed to get away with such behaviour by simply agreeing to change their ways, what kind of message does this send out?
Action in the UK
Irrelevant of whether or not we will see an Equifax cyber hack fine issued here in the UK, we are representing a number of victims of the breach who are claiming for data breach compensation.
For help and advice about joining our group, please contact the team.