When Equifax announced up to $425 million global settlement with the FTC and that users affected by its data breach in 2017 can file a claim, the public response to this settlement was overwhelming. FTC says, “millions of people visited ftc.gov/Equifax and gone on to the settlement website’s claims form”.
The settlement announced last month included other benefits the consumers can claim free credit monitoring services or, alternatively, request cash payment if they already have credit monitoring. Yesterday, the FTC released a statement requesting consumers to choose 10 years’ free credit card monitoring services instead. Only those who certify that they already have credit monitoring are recommended to claim up to $125.
The FTC further explains this is because “the pot of money that pays for that part of the settlement is $31 million. A large number of claims for cash instead of credit monitoring means only one thing: each person who takes the money option will wind up only getting a small amount of money. Nowhere near the $125 they could have gotten if there hadn’t been such an enormous number of claims filed.”
FTC suggest customers to opt for the 10-year free monitoring services as, “the market value would be hundreds of dollars a year”. “it monitors your credit report at all three nationwide credit reporting agencies, and it comes with up to $1 million in identity theft insurance and individualized identity restoration services”, the FTC further adds.
Equifax just removed the $125 claim payout option after millions submitted claims. Now it’s offering credit monitoring. Don’t worry, Equifax says, this is really a “much better value.” https://t.co/DsBqg7oP1B pic.twitter.com/vLuFNXsENp
— Laura Sullivan (@LauraSullivaNPR) July 31, 2019
The FTC is now attempting to influence users into believing why a 10-year free credit card monitoring by a company that is lax with its security measures is a better bet than claiming the low risk yet paltry sum of $125. This when users seek to discontinue their services with the company, makes one question who the FTC is protecting – the people, victims of the data breach or Equifax, whose irresponsible data and security practices have exposed millions to risk.
Explain to me why I should take the “product” of a company that allowed my data to get stolen? We gotta get some bricks and put em through the windows.
— ScottFeldman (@ScottFeldman) July 31, 2019
FTC says there is still money available; however, it’s to “reimburse people for what they paid out of their pocket to recover from the breach. Say you had to pay for your own credit freezes after the breach, or you hired someone to help you deal with identity theft. The settlement has a larger pool of money for just those people. If you’re one of them, use your documents to submit your claim.” CNBC reports, “Equifax could not immediately be reached for comment.”
Many consumers are highly infuriated over this revised decision and also surprised that FTC has fined just $31m for compromising millions of user data.
Andy Baio, a former CTO of Kickstarter, tweeted, “If any more than 248,000 people request cash settlements instead of credit monitoring, the payout starts shrinking. If a million people ask for cash, for example, the settlement goes down to $31.”
So, I missed this important fine print. If any more than 248,000 people request cash settlements instead of credit monitoring, the payout starts shrinking. If a million people ask for cash, for example, the settlement goes down to $31. https://t.co/oQh6d9uwsF
— Andy Baio (@waxpancake) July 26, 2019
A user on Reddit questions how Equifax is “only being fined $31 million for exposing sensitive data of half the nations population? That’s less than $0.19 per person whose data was hacked”.
Another user on HackerNews writes, “It seems absurd that they only need to allocate $31 million for “alternative payments” while the old CEO leaves with close to $20 million in bonuses, while the rest of the money in the settlement is basically reserved for them to pay themselves for their “free” credit monitoring.”
He further adds, “This whole situation was a good opportunity to set a precedent for companies not taking data security seriously. But they’ve instead shown everyone that you can really just ignore all of that and hope it’s never discovered – even if it is, it’s really just a light slap on the wrist. Combining this with the recent Facebook fine, it really makes me think that the FTC has become a complete joke.”
Another furious user wrote on HackerNews, “$31 million is a laughably small amount of money to set aside for direct settlements in the biggest hack in all of history. Add three zeroes to that, probably still not enough.”
“I spent three days figuring out this nightmarish credit reporting system and helping friends and family place freezes, as well as educating them to avoid all the horrible dark patterns on Equifax’s site. What I want is about $2000 and the ability to opt-out of them owning and reselling my personal data completely. I don’t need credit monitoring, I don’t need credit period anymore, why am I forced into accepting the unlimited risk of them owning all my data so that this private company can keep operating?”, the user further added.
ah, too bad. no other option then except to dissolve the company and distribute its assets equally among all its data breach victims https://t.co/IrFGjgygBo
— ryan cooper (@ryanlcooper) July 31, 2019
To know more about this news in detail, head over to FTC’s official statement.
*** This is a Security Bloggers Network syndicated blog from Security News – Packt Hub authored by Savia Lobo. Read the original post at: https://hub.packtpub.com/equifax-breach-victims-may-not-even-get-the-promised-125-ftc-urges-them-to-opt-for-10-year-free-credit-monitoring-services/