FCA fines Equifax’s U.K. unit $13.3M over 2017 data breach
By 
Jeff Dale2023-10-13T18:57:00
The Financial Conduct Authority (FCA) fined Equifax’s U.K. unit more than 11 million pounds (U.S. $13.3 million) regarding the company’s 2017 data breach that affected approximately 13.8 million U.K. consumers.
Equifax was originally fined nearly £16 million (U.S. $19.4 million) but qualified for a 30 percent discount under executive settlement procedures, the FCA announced in a press release Friday. The U.K. regulator also noted Equifax received a 15 percent credit for its cooperation and remedial efforts.
Equifax failed to manage and secure U.K. consumer data outsourced to its parent company in the United States, the FCA alleged.
Related articles
-
News BriefBlackbaud settles with states for $49.5M over 2020 data breach
Software company Blackbaud agreed to pay $49.5 million in a multistate settlement addressing charges related to a 2020 cyberattack that exposed the personal data of approximately 13,000 consumers.
-
ArticleEquifax must spend ‘a minimum of $1B’ for data security
A massive data breach that was “entirely preventable” will cost credit-reporting agency Equifax another $1 billion to beef up its cyber-security efforts.
-
ArticleLesson from Equifax penalty (at least $575M): Breach ‘entirely preventable’
What resulted in the largest-ever breach of consumer data culminated in the largest data breach enforcement action in history.
More from Regulatory Enforcement
-
News BriefDOJ sues Uber over alleged discrimination against disabled riders
The DOJ sued Uber Thursday, alleging it violated the Americans with Disabilities Act (ADA) by denying people with disabilities equal access to its services.
-
ArticleEU targets crypto, fintech firms in push to tackle money laundering
Europe’s banking regulator warns that weak compliance at fintech, regtech, and crypto firms may let money laundering and terrorist financing risks slip through. The EBA also found EU regulators’ approaches are often inconsistent and unclear.
-
ArticleCalifornia, Colorado, and Connecticut launch joint crackdown on privacy violators
California, Colorado, and Connecticut launched a joint enforcement sweep against businesses that fail to honor consumers’ online opt-out requests, the states announced Tuesday.