Equifax’s disastrous 2017 data breach – which affected up to 185 million accounts in the US, Canada and the UK – could end up being the most expensive hack in corporate history, with claims that the final bill could top a staggering $600m (£432m), once regulatory and legal action is completed.
The breach has already triggered the departure of chairman and chief executive Richard Smith, as well as chief information officer Susan Mauldin and chief security officer David Webb.
And in regulatory filings in the US, the data giant said that costs have reached at least $439m (£316m), including spend on technology and security upgrades, legal fees and free identity theft services to consumers whose data was stolen. However, it believes its insurance will cover up to $125m (£90m) of these losses – if it does eventually pay up.
But there could be more to come, according to security expert Larry Ponemon, with authorities on both sides of the Atlantic yet to conclude their investigations, a raft of class actions and consumer right groups across the world preparing legal cases.
Ponemon told Reuters: “It looks like this will be the most expensive data breach in history,” adding that the total costs of the breach, could be “well over $600m”.
Even so, despite an initial drop in its stock price, this is now higher than it was before the attack. And last week the company revealed that it had achieved better-than-expected fourth-quarter financial results; revenues were up 5% to $838.5m (£604m) in its fourth quarter and a net income of $172.3m (£124m).
Equifax can’t find addresses for 14 million customers
FCA launches investigation into Equifax breach farce
The farce continues: Equifax now says 694,000 Brits hit
Equifax chief ‘misled Congress over mass data breach’
Equifax: Oops we’ve found another 2.5m stolen records
Equifax CEO is ‘retired’ as company reels from breach
Equifax blunders on after sending users to fake website
Equifax admits that 400,000 Brits hit by US breach
Flaw on Equifax system was exposed over 6 months ago