WSJ says Equifax to Pay $700 million settlement for 2017 breach

Pierluigi Paganini July 22, 2019

The Wall Street Journal revealed that Equifax will pay around $700 million to settle with the Federal Trade Commission over the 2017 data breach.

According to The Wall Street Journal, Equifax will pay around $700 million to settle with the Federal Trade Commission over the 2017 data breach.

The security breach suffered by Equifax in 2017 exposed private information of nearly 150 million individuals. Compromised records included names, social security numbers, birth dates, home addresses, credit-score dispute forms, and for some users also the credit card numbers and driver license numbers.

“Equifax Inc. is nearing a deal to settle a slew of state and federal investigations into a 2017 data breach that exposed nearly 150 million Americans’ Social Security numbers and other sensitive personal information.” states The WSJ.

“Under the agreement, the credit-reporting firm would pay around $700 million to settle with the Federal Trade Commission, the Consumer Financial Protection Bureau and most state attorneys general, according to people familiar with the matter. The deal would also resolve a nationwide consumer class-action lawsuit, they said.”

According to unnamed sources familiar with the matter, that settlement could be announced as soon as Monday.

Back in 2017, attackers exploited the CVE-2017-5638 Apache Struts vulnerability. The vulnerability affected the Jakarta Multipart parser upload function in Apache and could be exploited by an attacker to make a maliciously crafted request to an Apache web server.

The vulnerability was fixed back in March 2017, but Equifax did not update its systems, the thesis was also reported by an Apache spokeswoman to the Reuters agency.

Equifax revealed this week its earnings release related to the security breach suffered by the credit bureau back in 2017, the incident has cost about $1.4 billion plus legal fees.

Early 2019, the company confirmed that it had set aside around $690 million to cover anticipated settlements and fines.

“In a May securities filing, Equifax said it had set aside $690 million to cover expenses pertaining to investigations and lawsuits. Chief Executive Mark Begor told analysts that month that a global settlement was in the works that would cover “many of the significant issues facing the company.” concludes the WSJ.

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – Equifax, settlement)

[adrotate banner=”5″]

[adrotate banner=”13″]

Pierluigi Paganini July 11, 2025

U.S. CISA adds Citrix NetScaler ADC and Gateway flaw to its Known Exploited Vulnerabilities catalog

Pierluigi Paganini July 10, 2025