Equifax faces significant fines from representative authorities from the U.S. and the U.K. Because the breach was preventable, it was ruled that Equifax was at fault for the release of the private information of their clients. A settlement of $575 million was reached between the Federal Trade Commission, fifty other attorneys, and Equifax (Jaeger, 2019). The settlement may reach $700 million, and U.K. Information Commissioner’s Office has fined Equifax £500,000. Though Equifax has not taken the blame for the breach, the settlement proved as a form of legal compliance with a preventable error. Though Equifax’s decision to leave insiders and clients uninformed about the initial insecurity may not have been illegal, it was unethical.
Equifax has acted immorally on multiple counts, opposing its corporate code of ethics. Firstly, the potential security vulnerability was not a secret to the company before the breach, though Equifax did not take the portal or entire software down due to this discovery. Taking down access to the information and fixing the vulnerability and only then returning it would have been beneficial, safe, and adhering to their values. Equifax’s current competitors include TransUnion, Experian, Thomson Reuters, Dun & Bradstreet, and LendingClub. The negative coverage of Equifax harmed its competitors as well, likely because many of these companies rely on similar strategies and technology. Currently, Equifax is expected to provide credit-related services for ten years to affected clients as well as pay their settled fine with the Federal Trade Commission and other attorneys. Though the services and settlements offered to the clients are deemed appropriate by some, the actual pay-outs have not come in a reasonable time. Equifax had the responsibility to assess and fix the software issue at its initial discovery, inform all covered insiders about selling during the decrease in security, and notify the customer’s about the breach during its first appearance. They have failed to do so and should properly compensate the affected parties.
Reference
Jaeger, J. (2019). Lesson from Equifax penalty (at least $575M): Breach ‘entirely preventable’.Compliance Week. Web.