Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Risk Management

Moody’s Downgrades Equifax Outlook to Negative Over 2017 Data Breach

Moody’s has revised its Equifax outlook from stable to negative, citing the effect of the 2017 data breach. This is the first time that a cybersecurity incident has resulted in a Moody’s outlook downgrading.

Moody’s has revised its Equifax outlook from stable to negative, citing the effect of the 2017 data breach. This is the first time that a cybersecurity incident has resulted in a Moody’s outlook downgrading.

It isn’t all down to the hack. A difficult consumer and mortgage credit lending market is complicating matters. Growth in the latter half of 2019 could improve matters, but Moody’s describes this as ‘uncertain’. 

In the meantime, the financial fallout from the breach continues. In September 2017, Equifax announced a breach that had led to the potential loss of personal information for approximately 145.5 million U.S. consumers, 19,000 Canadians, and 15 million Britons (for which it was fined the maximum possible £500,000 by the UK data protection regulator). The breach occurred in May, but wasn’t discovered until July.

The British fine is likely to be dwarfed by U.S. sanctions, and it is the combination of uncertain but sizable future costs against the background of a difficult market that has Moody’s concerned. It expects the total legal and IT costs to Equifax to exceed $1.4 billion. This is more than earlier estimates, and contributes to the downgrading.

On May 10, 2019, Equifax announced that it had taken a charge of $690 million in the fiscal quarter ending March 31, 2019. This represents the company’s estimate for settling ongoing class-action litigation, and potential state and federal fines. A further $400 million this year, and $400 million next year will be spent on cybersecurity expenses and capital investments.

While the negative rating from Moody’s is not currently a fatal blow to Equifax, it is significant as being the first time Moody’s has downgraded the financial outlook for a company based primarily on the effect of a cybersecurity incident. It demonstrates how damaging a major breach can be.

Related: Industry Reactions to Equifax Hack: Feedback Friday 

Related: Equifax Was Aware of Cybersecurity Weaknesses for Years, Senate Report Says 

Advertisement. Scroll to continue reading.

Related: U.S. House Report Blasts Equifax Over Poor Security Leading to Massive Breach 

Related: Equifax Warned About Vulnerability, Didn’t Patch It: Ex-CEO 

Written By

Kevin Townsend is a Senior Contributor at SecurityWeek. He has been writing about high tech issues since before the birth of Microsoft. For the last 15 years he has specialized in information security; and has had many thousands of articles published in dozens of different magazines – from The Times and the Financial Times to current and long-gone computer magazines.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...

Cybersecurity Funding

2022 Cybersecurity Year in Review: Top news headlines and trends that impacted the security ecosystem

Endpoint Security

Today, on January 10, 2023, Windows 7 Extended Security Updates (ESU) and Windows 8.1 have reached their end of support dates.

Email Security

Many Fortune 500, FTSE 100 and ASX 100 companies have failed to properly implement the DMARC standard, exposing their customers and partners to phishing...

Artificial Intelligence

Two of humanity’s greatest drivers, greed and curiosity, will push AI development forward. Our only hope is that we can control it.

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...