SAN FRANCISCO — A massive security breach that hit Equifax has cost the US credit bureau nearly $90 million so far, a figure that is set to rise further, its chief financial officer said on Thursday.
The company, which gathers data on consumers to help lenders determine borrowers’ creditworthiness, revealed in September that hackers had stolen the personal details, including names, dates of birth and social security numbers, of nearly 146 million people.
In the third quarter, “we incurred a one-time charge related to the cybersecurity incident of $87.5 million,” John Gamble said during a conference call on quarterly results.
Equifax is forecasting between $60 and $75 million in spending that will include information technology security in the fourth quarter, he said.
In addition to the expenses, the group’s earnings have also been affected, particularly due to customer dissatisfaction, Equifax said.
Its net income fell 27 percent to $96.3 million in the third quarter.
Equifax also said in a document sent to the US Securities and Exchange commission that it is the subject of 240 class-action lawsuits in the US and Canada as well as more than 50 investigations in the US, Canada and Great Britain.
It did not quantify the possible financial impact of the lawsuits.
Equifax interim CEO Paulino do Rego Barros said that following the security breach, its senior leadership will not receive bonuses this year.
Its CEO Richard Smith resigned in late September, as did two other Equifax executives, its chief information officer and chief security officer.