Equifax data breach victims should expect ‘far less’ than $125 payout offered: FTC

Equifax customers affected by the company suffering a major data breach in 2017 should expect far less than the $125 being offered, the Federal Trade Commission said Wednesday.

An “unexpected” number of claims have been filed since the FTC revealed the details last week of a settlement reached over the breach between Equifax and federal regulators, the assistant director of the agency’s privacy and identity protection division said in a blog post.

The FTC had announced that victims of the breach would be eligible to receive either free credit monitoring or $125, but now the agency is acknowledging that the actual payout could be significantly less.

While the terms of the settlement covered all 147 million people affected by the Equifax breach, it only allocated $31 million to be divvied among victims requesting compensation.

“A large number of claims for cash instead of credit monitoring means only one thing: each person who takes the money option will wind up only getting a small amount of money,” Robert Schoshinski wrote in the blog post. “Nowhere near the $125 they could have gotten if there hadn’t been such an enormous number of claims filed.”

The FTC is accordingly encouraging victims of the breach to request complimentary credit monitoring rather their share of the $31 million.

“You can still choose the cash option on the claim form,” the FTC now says on its website, “but you will be disappointed with the amount you receive and you won’t get the free credit monitoring.”

Initially disclosed in September 2017, Equifax said that a website vulnerability was exploited to result in the unauthorized access of personal data for about 147 million people, mostly U.S. consumers, including names, Social Security numbers, birthdates and addresses, in addition to some driver’s license numbers and credit card numbers.

Equifax is expected to pay between $575 million and $700 million under the terms of the proposed settlement announced by the FTC last week, including up to $425 million toward a fund that will provide victims with credit monitoring services, $175 million towards states that sued over the breach and $100 million in civil penalties.