[BreachExchange] Costs of Equifax data breach now pinned at $439m

[Audrey McNeil]

https://www.v3.co.uk/v3-uk/news/3027839/costs-of-equifax-
data-breach-now-pinned-at-usd439m

The estimated costs of the data breach of credit reference agency Equifax
has reached at least $439 million, according to new regulatory filings -
but the company's insurance won't pay-up more than $125 million, if that.

The news comes as the company admits to finding that a further 2.4 million
accounts were breached.

And according to Reuters, the company's insurance will only cover up to
$125 million of these losses - if they pay up.

Security expert Larry Ponemon suggested that the data breach could end up
going down in history - for the time being - as the biggest in corporate
history.

The breach, which was uncovered in September 2017, might have affected more
than 185 million accounts in the US, Canada and the UK.

In the UK, the company initially claimed that information of only around
400,000 people had been compromised, and that information, it claimed,
didn't include financially sensitive information.

It later admitted that some 14 million UK accounts had been compromised,
including all account data, and the figure according to some estimate may
be as high as 44 million.

Ponemon claims that the already-public costs could be higher than the $439
million figure taken from the company's filings. He believes that once
government and legal financial details are taken into account, the costs of
the breach could actually be "well over $600 million".

Nevertheless, last week the company revealed that it had achieved
better-than-expected fourth-quarter financial results.

Although Wall Street analysts expected Equifax to publish dire financial
results, the company managed to post revenues up five per cent to $838.5
million in its fourth quarter and a net income of $172.3 million.

The company's stock price is now higher before the cyber attack took place,
but the worst may yet be to come with regulators and consumer right groups
across the world preparing legal cases. Equifax has also spent millions on
belatedly upgrading its technology and security infrastructure.

In a statement, interim Equifax CEO Paulino do Rego Barros said: "This is
not about newly discovered stolen data. It's about sifting through the
previously identified stolen data, analysing other information in our
databases that was not taken by the attackers, and making connections that
enabled us to identify additional individuals."
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20180305/2c90148c/attachment.html>