The purpose of this disclosure is to explain how we make money without charging you for our content.
Our mission is to help people at any stage of life make smart financial decisions through research, reporting, reviews, recommendations, and tools.
Earning your trust is essential to our success, and we believe transparency is critical to creating that trust. To that end, you should know that many or all of the companies featured here are partners who advertise with us.
Our content is free because our partners pay us a referral fee if you click on links or call any of the phone numbers on our site. If you choose to interact with the content on our site, we will likely receive compensation. If you don't, we will not be compensated. Ultimately the choice is yours.
Opinions are our own and our editors and staff writers are instructed to maintain editorial integrity, but compensation along with in-depth research will determine where, how, and in what order they appear on the page.
To find out more about our editorial process and how we make money, click here.
The Equifax data breach of 2017 was one of the biggest leaks of personal information in history, affecting some 147 million people — many of whom had never signed up for credit monitoring or any other services offered by Equifax.
Now those impacted will be able to seek compensation: The FTC just announced that Equifax agreed to pay up to $700 million — including a maximum of $20,000 in cash payments per affected individual — to settle multiple investigations into the data breach, which compromised consumers’ driver’s license numbers, birth dates, addresses, social security numbers, credit card details, and other personal information.
The $700 million figure represents the largest data breach settlement in history, Reuters reports. Where exactly does all of that money go? How do you find out if you’re due compensation from the Equifax data breach? And how will personal data be protected going forward?
Equifax — one of America’s three major consumer credit reporting agencies, which gather personal credit and debt information used by lenders — agreed to take significant steps to enhance security and minimize collection of sensitive data. According to the settlement terms released on Monday, Equifax will also pay at least $575 million and as much as $700 million in the aftermath of the massive 2017 data breach.
Equifax is paying $100 million in penalties to the Consumer Financial Protection Bureau (CFPB), plus another $175 million that will be divided up by 48 states, Washington, D.C., and Puerto Rico. The remaining amount — at least $300 million, and perhaps $125 million more — will go to help affected consumers.
And there are many, many affected consumers: The Equifax data breach “exposed the personal information of nearly half of the consumers in the United States of America,” Maryland Attorney General Brian Frosh said in an FTC press conference on Monday morning.
Perhaps most astonishing of all, “most of the victims were not customers of Equifax,” explained Frosh. “We did not choose Equifax. Equifax, in fact, chose us. It collected our personal information. It compiled it and analyzed that information, and it sold the product and some of the raw data to other people.”
The FTC says that affected consumers have a choice to receive up 10 years of free credit monitoring services or a flat $125 if you choose not to enroll because you already have credit monitoring. (Normal prices for these services vary, but they’re typically around $17 to $25 per month.)
Equifax will also pay up to $20,000 per person to compensate people who paid out-of-pocket expenses or suffered other harm after the data breach. People can be reimbursed if they were hit with unauthorized charges to their accounts after the data breach, or if they paid for credit monitoring or credit freezes, or perhaps if they incurred fees from attorneys or accountants related to the breach or identity theft.
You can even get compensated for the time you personally spent making phone calls or dealing with the data breach or identity theft in other ways. Affected individuals will get paid $25 per hour of their time, for up to 20 hours.
In most cases, you’ll need some documentation or other proof to be reimbursed for expenses related to the Equifax data breach or identify theft. However, you can self-report and be eligible to get paid for up to 10 hours of the time you spent dealing with headaches from the data breach. At $25 per hour, that translates to $250. All you’ll have to do is estimate how much time you spent coping with the hassles when you are filing a claim, and click a box saying you are telling the truth.
How to File a Claim and Get Paid From the Equifax Settlement
The Equifax data breach settlement claims process has not begun yet. To find out when you can file a claim, you can sign up for email notification from the FTC or visit the FTC web page that will be updated with new information as it’s announced. You can also call 1-833-759-2982 or visit EquifaxBreachSettlement.com for updates on the settlement and claims process.
The FTC says that the claims process will officially open after court approval of the settlement. Until then, the FTC advises you to hang on to any documents related to the Equifax data breach or identify theft problems you experienced any time after the breach occurred. You don’t need proof that unauthorized charges or other identity theft issues were directly related to the Equifax data breach; any incidents after the September 2017 incident are eligible.
Equifax mailed notifications in the fall of 2017 to people affected by the breach. But that was a long time ago, and many people probably have no idea if they were impacted and are therefore eligible for compensation from the settlement.
Once the courts approve the settlement and the claims process has started, the website EquifaxBreachSettlement.com will be updated with a tool letting you check if you are eligible for free credit monitoring, cash payments, or other compensation.