WASHINGTON – If you’re among the 147 million Americans whose credit data was compromised in the 2017 Equifax data breach, read on. You may be eligible for compensation.
The Federal Trade Commission ruled Monday, July 22 that credit reporting agency Equifax will have to pay up to $700 million in individual compensation and civil penalties because of the hack.
According to the commission’s online claims process, those whose personal information was exposed can get free credit monitoring for 10 years: four years via the three major credit bureaus (Equifax, Experian and TransUnion) and six years specifically through Equifax.
if you already have credit monitoring, you can choose to receive $125.
For those who had to spend time and money as a result of the breach, Equifax can provide larger sums, up to $20,000.
According to the FTC, those losses can include unauthorized charges on your accounts, attorney or accountant fees, the cost of freezing or unfreezing your credit report, or the cost of credit monitoring.
If you can provide documentation about your time spent grappling with the fallout of the data breach, you can get paid $25 per hour for up to 20 hours of personal time spent.
The deadline to exclude yourself or opt out of the settlement process is November 19, and all claims need to be filed by January 22.
The data breach was the largest in history
In September 2017, Equifax disclosed that hackers had exploited a security flaw to gain access to the company’s customer data.
Sensitive information was exposed, including names, birthdates, driver’s license numbers, Social Security numbers and addresses.
According to the settlement, Equifax will have to pay between $300 million and $425 million to the people whose data was exposed and another $275 million in civil penalties to 48 states, Washington, Puerto Rico and the Consumer Finance Protection Bureau.
“Companies that profit from personal information have an extra responsibility to protect and secure that data,” FTC Chairman Joe Simons said in a statement. “Equifax failed to take basic steps that may have prevented the breach.”