Skip to main content
close search
site logo
Dive Brief

Patch up or pay up: Equifax spent $243M on data breach recovery costs

Published April 26, 2018
Samantha Schwartz's headshot
Samantha Schwartz Reporter
Getty / edited by Industry Dive

Dive Brief:

  • Equifax has spent $242.7 million related to data breach remediation since the incident was disclosed in September 2017, the company said in its Q1 2018 earnings Wednesday.

  • Costs relating to the cybersecurity mishap include $45.7 million for the redesign of its IT infrastructure and data security; $28.9 million for its legal fees and costs of other professional services used during the investigation of the incident; and $4.1 million for the services Equifax now offers to impacted customers for free.  

  • Even with the additional costs related to the breach, the company still had a 4% increase in revenue compared to Q1 2017. 

Dive Insight:

Equifax's data breach revelations placed a spotlight on the long-term breach recovery expenses businesses can incur. 

The actual breach occurred between mid-May through July, leaving 145.5 million of Equifax's customers' PII vulnerable. Yet the company waited until September to disclose the breach, resulting in a near immediate retirement of its CIO and CSO.

Not long after their departure, Equifax's CEO Richard Smith also retired. Though Smith had his own days in court, Equifax's acting CEO Paulino do Rego Barros Jr. appeared before Congress alongside Yahoo's former CEO and Smith, and the executives were effectively told that apologies cannot take the place of penalties, according to Sen. Richard Blumenthal, D-CT.

Equifax named Mark Begor its new CEO in March, who will replace Barros, according to a company announcement. Barros is set to retire early 2019 and will aid Begor's move to the firm in the time being.

Equifax's story, coupled with that of Yahoo, Uber and perhaps even Facebook, highlights the need for overcoming data negligence and accountability across company leadership. So many companies possess an abundance of information on users, which users expect will be treated with care.

The foundation of cybersecurity is often ignored in favor of another layer of new applications and services. Often, the new layers don't resolve an underlying issue and distract from basic maintenance and timely system patching, which Equifax failed to do

Recommended Reading

Filed Under: Security, Corporate

Editors' picks

Company Announcements

View all | Post a press release
Productboard Launches AI-Powered Productboard Pulse To Integrate Voice of Customer Into Produc…
From Productboard
October 29, 2024
Newgen Recognized in Gartner® Magic Quadrant™ for Enterprise Low-code Application Platforms Fi…
From Newgen Software
October 30, 2024
NeuBird Named a Cool Vendor in the 2024 Gartner® Cool Vendors™ in IT Operations Leveraging Gen…
From NeuBird
November 11, 2024
TrustNet Named 2024’s Best Compliance Advisory and Audit Firm at CDM’s Annual Top InfoSec Inno…
From TrustNet
November 06, 2024
Editors' picks
Latest in Security
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell