Banks Get Payout From Equifax Hack While Consumers Still Wait For Compensation
from the performative-fluff dept
We've noted several times that the FTC's settlement over the Equifax hack that exposed the public data of 147 million Americans was little more than a performative joke. While much was made of the historic fine levied against the company, the FTC's settlement failed to provide impacted victims much of anything outside of a sad chuckle.
The agency originally promised that impacted users would be able to nab 10 years of free credit reporting or a $125 cash payout if users already subscribed to a credit reporting service. But it didn't take long for the government to backtrack, claiming it was surprised by the number of victims interested in modest compensation, while admitting the settlement failed to set aside enough money to pay even 248,000 of the hack's 147 million victims. Even the credit reporting was relatively useless given such offers have been doled out the last seventy times consumers were impacted by a company's shaky security and privacy standards.
While consumers didn't see their promised compensation, US banks are facing no such hurdles. The company this week agreed to shell out $5.5 million to thousands of banks and credit unions who say they were harmed by the targeted hack of Equifax customers. The full agreement with the banks also doles out an additional $25 million to help beef up security, with Equifax also covering the banks' administrative costs, attorney fees, and assorted expenses.
But while the banks are now covered, the actual victims of the hack attack remain lost in the bureaucratic mire:
"It’s been more than two-and-a-half years since the biz was thoroughly hacked, and just under a year since the $700m settlement was agreed, so it’s perhaps surprising that not a cent appears to been given to the people directly impacted by the cyber-break-in.
Even now, with a final settlement approved in December 2019 and a deadline to apply for the money of January 22, 2020 – four months ago – Equifax still apparently hasn’t sent out any checks and still hasn’t given a firm date for when it will do. Questions from The Register on the topic have gone unanswered."
That again falls on the back of the FTC and the original settlement, which received a lot of initial gushing press adoration for being "historic," but doesn't appear to have lived up to any of its original promises. After not providing enough money to live up to that $125 cash payout offer, victims were forced to jump through hoop after hoop to try and get the funds, which won't wind up being anywhere close to $125 whenever the checks do arrive. The entire process is now bogged down in the courts after victims fought for a more equitable settlement for the hack.
It's another example of how headline-grabbing fines usually tend to be performative. There's no genuine compensation coming for most victims of Equifax's lax security, and efforts to actually craft meaningful penalties for companies (like say, an actual US privacy law) remain bogged down in partisan bickering. As a result we see scandal after scandal, followed by pseudo-punitive tap dances where the actual victims are lucky to see a dime. Rinse, wash, repeat.
Filed Under: banks, ftc, hack, leaks, security, settlement
Companies: equifax