Consumers can now file restitution claims in Equifax breach
More than 5 million Illinoisans could be eligible for cash payouts
By JERRY NOWICKI
Capitol News Illinois
Consumers affected by a 2017 data breach of the credit reporting agency Equifax can now file claims for restitution, Illinois Attorney General Kwame Raoul announced this week.
The Federal Trade Commission is operating a website, www.EquifaxBreachSettlement.com, where consumers can file claims and find out if their data was affected by the 2017 breach which affected 147 million Americans including 5.4 million Illinoisans. Valid claims will be reimbursed from a special consumer restitution fund containing up to $425 million.
Those who were affected might be eligible for free credit monitoring or a $125 cash payment, while victims of identity theft or fraud resulting from the breach could be eligible for other cash payments up to $20,000.
That money would cover time spent remedying the fraud up to 20 total hours at $25 per hour; out-of-pocket costs resulting from the data breach; and up to 25 percent of the cost of Equifax credit or identity monitoring products paid for in the year prior to the data breach announcement.
Consumers have until Jan. 1, 2020, to file initial claims, followed by an additional four-year period to file claims for out-of-pocket losses that can be traced to the breach, according to Raoul’s office.
“The millions of Illinois residents impacted by the Equifax data breach have until next year to file claims to receive restitution, so I encourage them to visit the new website to learn about applying,” Raoul said in a statement. “The Equifax breach is proof that even entities tasked with protecting our personal information can be compromised, so I urge all Illinoisans to be vigilant about protecting their credit by reviewing their free credit reports annually and regularly monitoring financial account statements.”
The data breach occurred from mid-May through July 2017, but Equifax did not publicly disclose it until September 2017. The stolen data included names, addresses, dates of birth, credit card numbers, Social Security numbers and driver’s license numbers, according to Raoul’s office.
Former Illinois Attorney General Lisa Madigan’s office filed one of the first class action lawsuits against Equifax in state court, and similar suits were eventually rolled into one federal case in the Northern District of Georgia. Raoul’s office took over the case after he was sworn in as attorney general in January.
Raoul’s office said an investigation found the breach occurred because Equifax failed to implement an adequate security program to protect consumers’ personal information and failed to patch its systems fully despite known vulnerabilities.
Because the company failed to replace software that monitored the breached network for suspicious activity, Raoul’s office said, attackers were able to penetrate Equifax’s system for 76 days.
As part of the settlement, Equifax has also agreed to take several steps to strengthen its security practices. It must also make it easier for consumers to freeze and thaw their credit and to dispute inaccurate information in credit reports.