|Bid||0.01 x 1200|
|Ask||142.00 x 1300|
|Day's range||141.25 - 143.85|
|52-week range||88.68 - 145.56|
|Beta (3Y monthly)||1.43|
|PE ratio (TTM)||N/A|
|Earnings date||22 Oct 2019 - 28 Oct 2019|
|Forward dividend & yield||1.56 (1.08%)|
|1y target est||141.44|
Although a faster share price rally on a year-to-date basis leads to a rich valuation for both stocks compared with the benchmark index, Equifax (EFX) is cheaper than FLEETCOR (FLT).
Equifax Inc. (NYSE:EFX) stock is about to trade ex-dividend in 4 days time. You can purchase shares before the 22nd of...
(Bloomberg) -- It took a $650,000 salary for Matt Comyns to entice a seasoned cybersecurity expert to join one of America’s largest companies as chief information security officer in 2012. At the time, it was among the most lucrative offers out there.This year, the company had to pay $2.5 million to fill the same role.“It’s a full-on war for cyber talent,” said Comyns, a managing partner at executive search firm Caldwell Partners who specializes in information security. “CEOs know that, so they play hardball. Everyone’s throwing money at this.”The threat of digital breaches -- and the fines, lawsuits and occasional executive resignations that sometimes follow -- has left companies scrambling to scoop up scarce security experts. The growing compensation packages and broadened responsibilities are a dramatic shift for a group of workers who once confined to obscure IT departments, little more than an afterthought to senior management.Unfilled JobsIn the 12 months ended August 2018, there were more than 300,000 unfilled cybersecurity jobs in the U.S., according to CyberSeek, a project supported by the National Initiative for Cybersecurity Education. Globally, the shortage is estimated to exceed 1 million in coming years, studies have shown.That’s coincided with increased frequency and sophistication of digital attacks, which range from disruption of computer systems to extortion and theft of sensitive personal information.In April, JPMorgan Chase & Co. Chief Executive Officer Jamie Dimon told shareholders that cybersecurity “may very well be the biggest threat to the U.S. financial system.” His counterpart at Bank of America Corp., Brian Moynihan, said previously that the lender’s cybersecurity unit operates with an unlimited budget.Just last week, Capital One Financial Corp. disclosed that personal data of about 100 million customers had been illegally accessed by a Seattle woman, possibly one of the largest breaches affecting a U.S. bank. The firm’s shares have fallen 8.9% since the intrusion was revealed.Equifax SettlementIn late July, credit reporting firm Equifax Inc. agreed to pay up to $700 million to settle federal and state investigations into a 2017 hack that compromised sensitive information of more than 140 million people and led to the resignation of the firm’s long-time CEO Rick Smith.High-profile breaches aside, myriad U.S. companies and employees are the subject of hacker attacks each day. Industry insiders joke that there are two types of companies: Those that have been hacked, and those that haven’t yet discovered that they’ve been hacked.“If you’re not careful, you can get numb to it,” said Andrew Howard, who leads the enterprise security division of Kudelski Group.Equifax paid Jamil Farshchi $3.89 million in 2018 to take the job as chief information security officer. He joined from Home Depot, which had hired him in the wake of a 2014 breach that exposed credit-card information belonging to 56 million customers.Directly InvolvedWhile most U.S. firms don’t disclose compensation for top information-security executives, Comyns said big tech firms on the West Coast can pay as much as $6.5 million, most of it in stock. In some cases, direct reports can make around $1 million -- more than their bosses typically would have made just a few years ago.Aware of the challenges of replacing a security chief, many companies take unprecedented measures to keep them, with CEOs often getting involved in the negotiations. In one recent instance, Comyns said, a CISO who considered leaving was told to go home and write down 10 things that would change his decision. The list included a 50% increase in salary and bonus, more than doubling his long-term incentive award, a promotion and a new office. The CEO concurred, and the person stayed.Hefty raises can pale in comparison with the potential downside. The average cost of a breach for U.S. companies was about $8 million, according to a study from IBM Corp. and the Ponemon Institute. Equifax shows that the cost can be many multiples of that. This week, Marriott International Inc. reported they took a $126 million charge related to a 2018 breach of one of its reservations databases.Bigger PaychecksInsurance can cover financial expenses, but won’t help restore lost customer trust and a tarnished reputation, said James Lam, a director at E*Trade Financial Corp. who also advises companies on risk management, including cybersecurity.CEOs may be inclined to spend more because their own jobs and reputations could be on the line. Gregg Steinhafel resigned as CEO of Target Corp. in 2014 after a hacker attack that compromised 40 million credit card accounts rocked the already-struggling retailer.That episode “got everyone’s attention,” said Kudelski Group’s Howard, and led to scores of companies appointing people with cybersecurity expertise to their boards.It’s also pushed many companies to expand the responsibilities of information security staff, ensuring that their work spans the entire organization. To Comyns, that means their pay will continue to increase.“CEOs don’t know what it’s worth until it’s walking out the door,” Comyns said. “Then they stand in the door and say, ‘You’re not going anywhere.’”(Updates with Marriott breach in 15th paragraph.)To contact the reporter on this story: Anders Melin in New York at firstname.lastname@example.orgTo contact the editors responsible for this story: Pierre Paulden at email@example.com, Steven CrabillFor more articles like this, please visit us at bloomberg.com©2019 Bloomberg L.P.
Millions of people have been signing up to receive what they think is a $125cash reimbursement from Equifax for its criminal mishandling and exposure oftheir personal and financial data
Capital One’s (COF) data breach of 100 million credit card applications and accounts could become very costly for the company. “This damage to Capital One is probably going to exceed $200 to $300 million dollars by the time it’s all said and done,” said cybersecurity expert Morgan Wright on Yahoo Finance’s The Ticker. Wright is a senior fellow at the Center for Digital Government.
Capital One was hit with a lawsuit on Tuesday accusing it of serious “security failures,” less than 24 hours after it disclosed a hack that exposed the personal data of 100 million people in the U.S. and 6 million more in Canada.
(Bloomberg) -- Capital One Financial Corp., in recent years, has beat the drum every chance it got: The cloud is cheaper. The cloud is faster. And the cloud is far more secure.Then a hacker got into the cloud, siphoning off sensitive information for more than 100 million of Capital One’s customers.That revelation late Monday thrust the third-largest U.S. credit-card lender into the center of the latest massive data breach, and now threatens to upend a technology strategy personally championed by longtime Chief Executive Officer Richard Fairbank. He’s been one of the financial industry’s most vocal proponents for shifting sensitive customer information to outside cloud services -- a move that he’s promised would cut costs and offer a suite of other benefits.“We are now considered one of the most cloud-forward companies in the world,” Fairbank told shareholders in April.Just weeks before, according to U.S. prosecutors, a hacker began tapping into a vast trove of information from Amazon.com Inc. servers the bank was using. The breach is calling into question the lender’s strategy for reducing technology costs while taking advantage of the cloud’s rapid scalability and burgeoning array of applications.“The magnitude of this breach is very large,” JPMorgan Chase & Co. analysts led by Richard Shane said in a note to clients. “While it is unclear whether this is directly related to Capital One’s transition to a cloud-based infrastructure,” there is likely to be “renewed concern going forward.”Capital One’s shares dropped as much as 7.9% Tuesday morning, their biggest intraday decline in almost four years. The slump pared the stock’s advance for the year to 19%, just above the gain for the 68-company S&P 500 Financials Index.Addresses, IncomeCapital One said that about 100 million U.S. consumers were impacted by the breach. The stolen data, stored on servers rented from Amazon Web Services, was personal information found on card applications, such as names, addresses and dates of birth, and some financial information, including self-reported income and credit scores.On Monday, authorities arrested and charged Paige A. Thompson, a 33-year-old former Amazon Web Services employee, with computer fraud and abuse. In a complaint filed in Seattle, prosecutors said that Thompson exploited an improperly configured firewall and accessed the data at various times between March 12 and July 17. The bank said it immediately fixed the problem once it was discovered.Capital One said its expects the incremental costs of the incident to be $100 million to $150 million, mostly expenses tied to providing credit monitoring and legal support. The company has a cyber-risk insurance policy with a $10 million deductible for $400 million in coverage.“This type of vulnerability is not specific to the cloud,” Capital One said in a statement. “The speed with which we were able to diagnose and fix this vulnerability, and determine its impact, was enabled by our cloud operating model.”Cloud PushWhile banks including JPMorgan and Discover Financial Services have been vocal proponents of cloud technology and its ability to lower costs and speed up digital advancements, industry executives have cautioned that sensitive consumer data could be put at risk on the cloud. Bank of America Corp., the second-largest U.S. bank, has been reticent to use the public cloud.Amazon Web Services is making an aggressive push for growth in the financial industry and is already working with firms including HSBC Holdings Plc, Fidelity Investments, Nasdaq Inc. and Liberty Mutual Group Inc.“We’re all in on the cloud right now,” Steve Randich, chief information officer at the Financial Industry Regulatory Authority, the U.S. brokerage industry’s main regulator, said at a conference hosted by Amazon Web Services earlier this month at New York’s Javits Center. Virtually all of the regulator’s applications and data are in the public cloud, and its net costs have decreased as a result, he said.Over the years, Capital One has become something of a poster child for Amazon’s push into financial services for its cloud business. The lender was among the first to publicly acknowledge a partnership with Amazon, and it was the subject of several case studies that Amazon published on how its technology can improve banks’ offerings.“Capital One selected AWS for its security model,” according to an Amazon Web Services website. “It is using or experimenting with nearly every AWS service to develop, test, build and run its most critical workloads, including its new flagship mobile-banking application.”Capital One is often considered a leader in banking technology, a history that goes back to its founding by Fairbank in 1988. In recent years, the company has undergone what it calls a “technology transformation” in which it hired thousands of engineers and developed its application programming interface, or API, to share data more easily.“A lot of how we built our company is not by studying banking, but by forgetting about banking,” Fairbank told investors at a conference last month. The goal is to have a “bank that is empowering your life without having to go visit it every time.”Fairbank himself has been a critic of other companies’ data breaches. He warned investors in 2017 that a breach of Equifax Inc.’s systems that exposed data for more than 140 million consumers would be costly for his firm.“These are bad things for card companies because, every time there’s been a breach, I’ve said to our folks, ‘How come card companies end up paying for this and why not the one who did the breach?’” Fairbank said at the time.\--With assistance from Christian Berthelsen.To contact the reporters on this story: Jenny Surane in New York at firstname.lastname@example.org;Lananh Nguyen in New York at email@example.comTo contact the editors responsible for this story: Michael J. Moore at firstname.lastname@example.org, Daniel Taub, David ScheerFor more articles like this, please visit us at bloomberg.com©2019 Bloomberg L.P.
(Bloomberg) -- Capital One Financial Corp. set up an email address for tipsters -- including “white hat” hackers -- to alert the company to potential vulnerabilities in its computer systems. On July 17, the company got a hit.“Hello there,” the email said, according to federal prosecutors. “There appears to be some leaked s3 data of yours in someone’s github/gist.” A link was provided to an account at GitHub, a company that allows users to manage and store project revisions, mostly related to software development.It didn’t take Capital One long to figure out who had accessed its files. The GitHub address included a name, Paige Thompson, a former Amazon.com Inc. employee who used the online nickname “erratic” and discussed her exploits with others, according to federal prosecutors.“I’ve basically strapped myself with a bomb vest, (expletive) dropping capitol ones dox and admitting it,” Thompson allegedly wrote, under the “erratic“ alias, in a June 18 Twitter message. “There ssns...with full name and dob” -- an apparent reference to Social Security numbers.Damage AssessmentIt also didn’t take Capital One much time to assess the damage. On Monday, it announced that about 100 million people in the U.S. had been impacted by the breach, and another 6 million in Canada. The illegally accessed data, which was stored on servers rented from Amazon Web Services, was primarily related to credit card applications and included personal information, like names, addresses and dates of birth, and some financial information, including self-reported income and credit scores.Most Social Security numbers were protected, but about 140,000 were compromised, the bank said. Capital One said it was “unlikely that the information was used for fraud or disseminated by this individual.”The company described the tipster to the hack as an “external security researcher.”Thompson, 33, was charged with computer fraud and abuse. In a court hearing Monday, she broke down and laid her head on the defense table. On Tuesday, New York Attorney General Letitia James announced that her office is opening an investigation into the Capital One breach.The scale of the breach ranks it as possibly one of the largest-ever impacting a U.S. bank, although the consequences may be limited if the data wasn’t distributed to others or used for fraud.Capital One shares fell as much as 6.5% Tuesday morning, their biggest decline in six months.Security LapsesThe breach shows how hackers can steal vast troves of consumer data as the result of lapses made by the companies that collect it. In 2017, Equifax Inc. failed to patch a known flaw in its servers, resulting in the theft of 145 million Social Security numbers, along with the names and dates of birth of possibly a third of the U.S. population.In the Capital One case, Thompson was allegedly able to steal vast buckets of personal data because of an improperly configured firewall -- among the most basic digital security tools. The bank said it immediately fixed the problem once it was discovered.In a complaint filed Monday in Seattle, prosecutors said that Thompson accessed the data at various times between March 12 and July 17. A file on her GitHub account, timestamped April 21, contained a list of more than 700 folders and buckets of data, according to prosecutors.The Capital One data had been stored on servers it contracted from a cloud computing company that isn’t identified, though the charges against Thompson refer to information stored on S3, a reference to Amazon Web Services’ popular data storage software.An AWS spokesman confirmed that the company’s cloud had stored the Capital One data that was allegedly stolen, and said it wasn’t accessed through a breach or vulnerability in its systems.Cloud AdvocateCapital One has been one of the most vocal advocates for using cloud services among banks. The lender has said it is migrating an increasing percentage of its applications and data to the cloud and plans to completely exit its data centers by the end of 2020. The move will help lower costs, the company has said.The lender has been the subject of several case studies published by Amazon Web Services that noted the cloud services provider has helped the company develop new technologies faster and improve certain services including its call center.“We have embraced the public cloud and are well on our way to migrating our applications and data to the cloud,” Chief Executive Officer Richard Fairbank told analysts on a conference call in April. “We are now considered one of the most cloud forward companies in the world.”Thompson, previously an Amazon Web Services employee, last worked at Amazon in 2016, a spokesman said. The breach described by Capital One didn’t require insider knowledge, he said.‘Wa Wa Wa’Much of what could be learned about her Monday was information she had posted online. On her GitHub Account, she was writing code dealing with The Onion Router, or Tor, an anonymity tool that allows users to conceal their identities. Capital One investigators determined that Thompson used it in her hack of the bank, according to federal prosecutors.In online interactions, Thompson suggested she was careful to hide her digital tracks with various security tools, including Tor. But the federal complaint against her outlines relatively simple ways Capital One and the FBI were able to establish her identity, including the name on her GitHub Page.Thompson was active in the hacking community on Twitter, and she wrote recently about struggling emotionally, and about euthanizing her beloved cat.On June 27, “erratic” posted about several companies, including Capital One, in an online group, according to court records.“don’t go to jail plz,” another user wrote.“Wa wa wa wa, wa wa wa wa wa wa wawaaaaaaaaaaaa,” Thompson responded, and later added, “I just don’t want it around though. I gotta find somewhere to store it.”On July 29, Federal Bureau of Investigation agents executed a warrant to search Thompson’s residence. In one bedroom, they found digital devices with files that referenced Capital One and its cloud computing company. The devices also included the alias “erratic.”(Updates with New York attorney general investigation in eighth paragraph.)\--With assistance from Matt Day and Michael Riley.To contact the reporters on this story: Christian Berthelsen in New York at email@example.com;William Turton in New York at firstname.lastname@example.org;Jenny Surane in New York at email@example.comTo contact the editors responsible for this story: Andrew Martin at firstname.lastname@example.org, Peter ElstromFor more articles like this, please visit us at bloomberg.com©2019 Bloomberg L.P.
This time it's the financial giant and credit card issuer Capital One, which revealed on Monday a credit file breach affecting 100 million Americans and 6 million Canadians. Consumers and small businesses affected are those who obtained one of the company's credit cards dating back to 2005. Seattle resident and software developer Paige A. Thompson, 33, was arrested and detained pending trial.
(Bloomberg) -- Consumers are looking forward to $125 settlement checks from Equifax Inc. stemming from a data breach two years ago. Hackers, however, are using the claims as another opportunity to steal their personal information.“Beware of fake websites claiming to be the Equifax settlement claims website,” the Federal Trade Commission warned Twitter users Monday morning. The tweet directed consumers to the commission’s Equifax page, where users can learn more about the breach, find out if their information was exposed and file a claim.In September 2017, credit-rating company Equifax announced a data breach that exposed personal information for more than 140 million people, including Social Security numbers and birth dates. Last week, the commission and Equifax reached a $700 million settlement agreement, allowing affected consumers to file claims for free credit monitoring or a $125 payment -- but also giving fraudsters a whole new avenue for thievery.\--With assistance from Jenny Surane.To contact the reporter on this story: Elizabeth Rembert in New York at email@example.comTo contact the editors responsible for this story: Michael J. Moore at firstname.lastname@example.org, Daniel TaubFor more articles like this, please visit us at bloomberg.com©2019 Bloomberg L.P.
Equifax (EFX) delivered earnings and revenue surprises of 2.94% and 0.95%, respectively, for the quarter ended June 2019. Do the numbers hold clues to what lies ahead for the stock?
"On Monday night, we discovered that some user credentials were stored in a readable format within our internal systems," said the email seen by Reuters. Robinhood, based in Menlo Park, California, said it found no evidence that the information was improperly accessed. Lawmakers have been calling for stricter legislation to protect sensitive consumer data following high profile breaches at companies including Equifax Inc and American Express Co .
Credit reporting agency Equifax (EFX) agreed to pay up to $700 million to settle investigations associated with its massive data breach in 2017.
Federal Trade Commission officials said those among the 147 million consumers who had to spend time or money to protect their information or fight identity theft after the September 2017 data breach could be entitled to compensation. Consumers can file documents detailing what sort of information might have been stolen or harmed by identity theft. Consumers can also seek repayment for time spent responding to the Equifax breach, at $25 per hour for up to 20 hours.
In a historic victory for U.S. consumers, credit reporting firm, Equifax (EFX), has agreed to settle a nationwide class action stemming from one of the most notorious data breaches in U.S. history. The massive 2017 breach, which exposed the Social Security numbers, birth dates, addresses and, in some cases, the driver’s license and credit card numbers of over 147 million consumers, was resolved in a settlement valued at over $1.5 billion. The class action settlement includes up to $505.5 million to pay benefits for cash compensation including time spent dealing with the breach, credit monitoring, and assistance with identity restoration.
The following are seven of the largest data breach settlements in recent years. Following its 2017 data breach, Equifax will pay up to $700 million to the U.S. Federal Trade Commission, the Consumer Financial Protection Bureau and nearly all U.S. states and territories.