Consumer credit reporting agency Equifax has lost a considerable amount of money dealing with legal and security costs in the fallout of its major data breach.
The company’s first quarter earnings report reveals it has spent US$28.9 million (about AU$38.3 million) for legal and investigative fees tied to the breach. On top of those costs, Equifax has also paid US$45.7 million (about AU$60.5 million) for the quarter on IT and data security, as well as US$4.1 million (about AU$5.4 million) in product liability expenses.
In total, Equifax spent US$78.7 million (pre-tax) responding to the data breach and for legal costs for the quarter, before insurance recoveries.
The credit agency’s insurance coverage, however, cannot keep up with the losses.
In Q1 of 2018, the agency’s insurance covered for only US$10 million, bringing the total costs to a still-considerable US$68.7 million. ZDNet reported that Equifax has $125 million in cybersecurity insurance and a $7.5 million deductible.
Previously, Equifax spent a net US$114 million on the data breach in Q4 2017, when the cyber incident occurred. At that time, the company’s insurance covered for only US$50 million of data breach costs.
For now, the company is turning its attention towards improving its cyber security. Equifax CEO Mark Begor revealed in a conference call with analysts that the company would focus on its IT at least through 2019.
“We're being very aggressive about attracting the absolute best talent in the IT and data security space,” Begor said. “We're investing heavily to ensure we're market leaders around data security and we will also enhance the transparency of all our transformation efforts with all our constituents, our customers, consumers and the public as we drive this transformation forward.