GRAND RAPIDS, Mich. - The Michigan Department of Attorney General announced that a settlement with Equifax which will bring $4.6 million into Michigan's general fund was received by the Department of Treasury Tuesday.
The 50-state settlement was the result of Equifax's massive 2017 data breach and is the largest data breach enforcement action in history.
The settlement was announced in July and the state of Michigan is receiving $4,639,247.70.
“This settlement is simply one example of the tireless work our department does each day to reimburse the people of our state who have sustained losses due to the illegal acts of businesses who are more concerned with their bottom line than their customers,” Nessel said. “Those who do business with Michigan residents should consider themselves on notice: The Department of Attorney General will continue to hold bad actors accountable and in doing so bring financial relief our state is owed.”
More than 147 million customers were affected in the 2017 data breach, and 50 attorney generals launched an investigation into the incident. They found that Equifax failed to implement a security program to protect consumers' highly sensitive personal information, which included social security numbers, birth dates, addresses, credit card numbers and, in some cases, driver's license numbers.
Equifax agreed to provide a single Consumer Restitution Fund of up to $425 million with $300 million dedicated to consumer redress. If the $300 million is exhausted, the fund can increase by up to an additional $125 million.
The company has agreed to take several steps to assist consumers who are either facing identity theft issues or who have already had their identities stolen, including:
- Making it easier for consumers to freeze and thaw their credit;
- Making it easier for consumers to dispute inaccurate information in credit reports; and
- Requiring Equifax to maintain sufficient staff dedicated to assisting consumers who may be victims of identity theft.
Equifax has also agreed to strengthen its security practices going forward, including:
- Reorganizing its data security team;
- Minimizing its collection of sensitive data and the use of consumers’ Social Security numbers;
- Performing regular security monitoring, logging and testing;
- Employing improved access control and account management tools;
- Reorganizing and segmenting its network; and
- Reorganizing its patch management team and employing new policies regarding the identification and deployment of critical security updates and patches.
For more information about the settlement, click here.
Other headlines from 13 ON YOUR SIDE:
RELATED VIDEO:
►Make it easy to keep up to date with more stories like this. Download the 13 ON YOUR SIDE app now.
Have a news tip? Email news@13onyourside.com, visit our Facebook page or Twitter. Subscribe to our YouTube channel.
