LANSING, Mich. (WLUC) - The Michigan Department of Attorney General has announced that a settlement with Equifax that was to bring $4,639,247.70 into Michigan’s general fund was received by the Department of Treasury Tuesday.
The 50-state settlement, announced in July, is the result of Equifax’s massive 2017 data breach and is the largest data breach enforcement action in history.
“This settlement is simply one example of the tireless work our department does each day to reimburse the people of our state who have sustained losses due to the illegal acts of businesses who are more concerned with their bottom line than their customers,” Nessel said. “Those who do business with Michigan residents should consider themselves on notice: The Department of Attorney General will continue to hold bad actors accountable and in doing so bring financial relief our state is owed.”
Two years ago, Equifax, one of the largest consumer reporting agencies in the world, announced a data breach affecting more than 147 million consumers. Fifty attorneys general launched an investigation into the breach that determined it occurred because Equifax failed to implement an adequate security program to protect consumers’ highly sensitive personal information – including social security numbers, dates of birth, addresses, credit card numbers and, in some cases, driver’s license numbers. Equifax knew about a critical vulnerability in its software but failed to address it.
Under the terms of the settlement, Equifax agreed to provide a single Consumer Restitution Fund of up to $425 million—with $300 million dedicated to consumer redress. If the $300 million is exhausted, the Fund can increase by up to an additional $125 million. The company will also offer affected consumers extended credit-monitoring services for a total of 10 years.
Equifax has also agreed to take several steps to assist consumers who are either facing identity theft issues or who have already had their identities stolen including, but not limited to:
• making it easier for consumers to freeze and thaw their credit;
• making it easier for consumers to dispute inaccurate information in credit reports; and
• requiring Equifax to maintain sufficient staff dedicated to assisting consumers who may be victims of identity theft.
Equifax also agreed to strengthen its security practices going forward, including:
• reorganizing its data security team;
• minimizing its collection of sensitive data and the use of consumers’ Social Security numbers;
• performing regular security monitoring, logging and testing;
• employing improved access control and account management tools;
• reorganizing and segmenting its network; and
• reorganizing its patch management team and employing new policies regarding the identification and deployment of critical security updates and patches.
Consumers who are eligible for redress will be required to submit claims online or by mail. Paper claims forms can also be requested over the phone. Consumers will be able to obtain information about the settlement, check their eligibility to file a claim, and file a claim on the Equifax Settlement Breach online registry at www.equifaxbreachsettlement.com.
Consumers can also call the settlement administrator at 1-833-759-2982 for more information. The program to pay restitution to consumers will be conducted in connection with settlements that have been reached in the multi-district class actions filed against Equifax, as well as settlements that were reached with the Federal Trade Commission and Consumer Financial Protection Bureau.
07/22/2019 Preliminary Approval Date. The Court entered an Order approving notice to the individuals who were impacted by the 2017 data breach, or “class members” in the lawsuit.
11/19/2019 Deadline to Exclude Yourself or Opt-Out of the Settlement. This is the deadline to exclude yourself from the settlement, which you can do by informing the Settlement Administrator that you want to “opt-out.” If the settlement becomes final, this is the only option that allows you to retain your rights to separately sue Equifax for claims related to the Data Breach. If you opt-out, you may not make a claim for benefits under the settlement.
11/19/2019 Deadline to Object to the Settlement. This is the deadline to object to the settlement, which you can do by writing to explain to the Court why you don’t think the settlement should be approved. If you object, you will remain a Settlement Class Member, and if the settlement is approved, you will be eligible for the benefits of the settlement and give up your right to sue on certain claims described in the Settlement Agreement, which is available here.
12/19/2019 Final Approval Hearing. This is the date of the Court’s final approval hearing, when it will determine whether to approve the settlement. Please note that no settlement benefits will be distributed or available until after the Court finally approves the settlement. For more information, see FAQ 25.
01/22/2020 Initial Claims Period Deadline. This is the deadline for the Initial Claims Period. You must file a claim by this deadline in order to receive the Free Credit Monitoring Services offered under the settlement, or Alternative Reimbursement Compensation up to $125, and for any out-of-pocket losses or time spent before this deadline.
01/22/2024 Extended Claims Period Deadline. You must file a claim by this deadline in order to receive benefits for losses that occurred after the Initial Claims Period deadline