Equifax [EFX] is the latest casualty of a massive data breach. Equifax recently disclosed that a cybersecurity incident may have affected 143 million U.S. consumers. According to Equifax, the incident occurred between May and July 2017. The breached information included names, Social Security numbers, birth dates, addresses and, in some cases, driver’s license numbers. Around 209,000 credit card numbers and 182,000 dispute documents were also accessed.
Breaches of financial information and Social Security numbers can often be far more costly to remediate. Of the seven most costly public data breaches, four involved financial information and one involved Social Security numbers.
Historically, legal settlement costs associated with breaches have not been substantial. In 2016, Sony settled a class action for just $15 million associated with their massive 2014 breach. Additionally, Target paid just $67 million to settle three separate suits related to its 2013 breach of more than 100 million records.
However, Equifax’s breach may be more comparable to Anthem’s than Sony’s or Target’s. Both Anthem and Equifax lost enormous numbers of consumer Social Security numbers, along with other personally identifiable information. Earlier this year Anthem agreed to pay $115 million; the largest settlement ever for a data breach. And Equifax’s breach could be even more costly as they lost almost twice as many consumer records.
Audit Analytics tracks all public company cyber data breaches and is available for purchase as Exploratory Research. Our analysts engage in this research to help better understand current market conditions, and track the latest disclosure trends and regulations as they impact financial reporting.
For more information or to purchase any exploratory research, please email us at info@auditanalytics.com or call (508) 476-7007.