After a massive data breach two years ago, credit reporting company Equifax has settled with 50 attorneys general and the federal government.
It has agreed to pay out hundreds of millions of dollars to people whose information was compromised.
All told, the breach affected more than 147 million people—over half the US population.
In Pennsylvania alone, more than five million people were impacted.
The commonwealth’s attorney general, Josh Shapiro, called it the biggest-ever breach of consumer data, and said it was only possible because Equifax knew it was vulnerable, and didn’t fix the issue.
Sarah Frasch, a Chief Deputy Attorney General, said now the company has agreed to boost that security and offer extra credit monitoring.
She said they’ll also put up to $425 million for compromised people into a Consumer Restitution Fund.
“They’re going to get information about the claims process through an email notice, and then it’s important that they actually log on and submit their claims timely,” she said.
Frasch noted, the settlement doesn’t change any case law.
She said Shapiro and other attorneys general hope it serves as a blueprint for other companies to protect consumer data.
“If you’re going to be obtaining personal information from people, it’s important that you invest that money to protect their information, or you could be facing something similar to what Equifax had to deal with,” she said.