In a move to uphold consumer protection, the UK's Financial Conduct Authority (FCA) fined Equifax Ltd £11,164,400 ($13.58 million) on Monday for its mishandling of a major cybersecurity breach in 2017. The credit reporting firm failed to adequately manage and monitor the outsourcing relationship with its parent company, Equifax Inc (NYSE:EFX)., which led to the exposure of personal data of about 13.8 million UK consumers.
The breach was attributed to hackers from China’s People’s Liberation Army (PLA), affecting approximately 147 million people worldwide. In 2020, the US government indicted four PLA members for their involvement in this incident.
The FCA investigation found that Equifax issued misleading public statements about the impact of the breach and neglected quality assurance checks for complaints. The regulator also criticized the firm for its delayed response, as Equifax discovered the breach six weeks after Equifax Inc.'s detection, which resulted in delayed customer notifications and mishandling of complaints.
Post-breach, Equifax agreed to a $700 million settlement and was ordered by a US court to invest at least $1 billion in improving its data security stance. According to InvestingPro's real-time metrics, Equifax has a market cap of $21.9B USD, indicating its financial capacity to handle such a hefty settlement. The firm operates with a moderate level of debt and has maintained dividend payments for 53 consecutive years, which can be seen as a testament to its financial resilience (InvestingPro Tips).
However, the FCA's final notice indicated that the fine could have reached nearly £16 million ($19.4 million). Equifax's share price has fallen significantly over the last three months, with a 3-month price total return of -24.42% (InvestingPro Data).
FCA representatives Therese Chambers and Jessica Rusu emphasized the obligation of financial firms to secure customer data, uphold ethical responsibility in processing consumer information as per the Consumer Duty, maintain effective cybersecurity arrangements, ensure prompt data breach notifications, and implement fair complaints handling procedures.
The incident has underscored known weaknesses in Equifax Inc.'s data security systems and has highlighted the importance of an effective cybersecurity infrastructure within financial firms. Despite the recent challenges, Equifax has shown impressive gross profit margins of 55.55% and has remained profitable over the last twelve months (InvestingPro Tips).
For more insights like these, consider exploring the additional InvestingPro Tips available as part of their product offering. These tips provide valuable insights into a company's financial health, helping investors make informed decisions. You can access these tips by visiting InvestingPro.
This article was generated with the support of AI and reviewed by an editor. For more information see our T&C.