UPDATE August 2, 2019: The US Federal Trade Commission has warned consumers that, due to the high number of claims made for a cash payout regarding the Equifax data breach, the actual value that will be paid out might be "far less" than the originally-stated $125. You can read the FTC's full statement here.
Our original blog follows below:
Following the enormous data breach of Equifax in 2017—in which roughly 147 million Americans’ suffered the loss of their Social Security numbers, addresses, credit card and driver’s license information, birthdates, and more—the company has agreed to a settlement with the US Federal Trade Commission, in which it will pay at least $650 million.
Much of that settlement—up to $425 million—is reserved for you, the consumers. Here’s how you can see if you’re eligible for a payment.
First, you can check if your sensitive data was compromised during the 2017 data breach by going to Equifax’s new settlement website:
It’s important to quickly note here that this website, which does not look like Equifax’s regular website, is a reported improvement from the last time Equifax tried to set up its own response, which, in the immediate aftermath of the 2017 breach, was described as “completely broken at best, and little more than a stalling tactic or sham at worst.”
Back to that settlement money: By inputting your last name and the last six digits of your Social Security Number (which is too many numbers, we should say), you can find out if you’re eligible for a claim of, at the very least, either 10 years of free credit monitoring or $125 paid through either a check or a pre-paid card.
You can file a claim at Equifax’s web portal here:
Depending on how the 2017 data breach affected you, you may be eligible for more payments.
For example, if you spent time trying to recover from identity theft or fraud that stemmed from Equifax’s data breach, you can be paid $25 per hour for each hour you spent on that work. That work includes placing and removing credit freezes and purchasing credit monitoring services.
Further, if you actually lost money from identity theft or fraud caused by the breach, you can make a claim to be reimbursed for up to $20,000. Documented evidence must be provided.
Beware the scams
Another corporate data breach settlement with the US government means another moment for heightened cybersecurity vigilance.
Equifax’s extremely broad settlement is, if you’ll pardon our stretched metaphor, akin to a dead whale in the open ocean: Sharks are coming.
As with any major news in America, especially news that affects more than 100 million people, the opportunity for cybercriminal attack is high. For example, after the European Union’s General Data Protection Regulation (GDPR) came into effect, countless company emails flooded Americans’ inboxes. Cybercriminals were not far behind, and they sent their own phishing emails that masqueraded as legitimate notices.
The same could happen with the Equifax settlement.
Remember, there is only one website right now to check if you’re eligible for a claim, and it's the one we’ve listed above.
With the breach once again in everyone’s minds, it’s also a good time to remember how to protect yourself from identity theft. Revisit our blog from 2017 that covers various safety precautions, including obtaining credit monitoring, refusing to reply to texts and calls from unknown phone numbers, and stepping up your password protocol (don’t repeat passwords, make them complex). And for even more in-depth information on identity theft, take a look at this comprehensive article in our cybersecurity basics hub.
Stay safe, everyone.