Federal Trade Commission Fines Equifax and Facebook

Hot on the heals on each other, Equifax and Facebook have each settled for large fines in unrelated privacy and data breach cases. All I can say is “about time” and “is that all?”

The FTC has fined Facebook $5 billion for data misuse and other issues related to Cambridge Analytica, the European GDPR, the last US Presidential Elections, and the Brexit campaign.  This sounds like a lot of money, but for Facebook, it is really just a wrist slap.

And speaking of slapping, Equifax settled its incredibly bad data breach for somewhat less than $700 million.  Again, sounds like a lot, but that is basically 7 bucks for each person affected by the breach.   Your credit history is worth $7?  Is that what they charge their customers, the banks, credit card companies, mortgage companies and auto dealers that use these reports?  I think it might be something more than $7.  So Equifax gets to skate.

Some states have funds set up so you can make a claim against any actual damages you may have experienced due to the breach.  Check with your state’s Attorney General for details.

As a society, we have become numb to the never-ending string of data breaches and misuse of our personal information by online businesses.  This is unfortunate, but unavoidable.  I still think these kinds of “mistakes” need to result in more than fines.  I think it would be great if the C-Suite or Board were up for some jail time.  I bet they would quit kicking the cybersecurity can down the road if they could face prison.

More information:


About the Author:

Cybersecurity analyst, pen-tester, trainer, and speaker. Owner of the WyzCo Group Inc. In addition to consulting on security products and services, Bob also conducts security audits, compliance audits, vulnerability assessments and penetration tests. Bob also teaches Cybersecurity Awareness Training classes. Bob works as an information technology and cybersecurity instructor for several training and certification organizations. Bob has worked in corporate, military, government, and workforce development training environments Bob is a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. Bob has been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com
  Related Posts

Add a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.