The massive Equifax breach, the security failures that contributed to it, the company’s resulting settlement with the FTC, CFPB and 50 states and territories, and the FTC’s public statements about the case hold a trove of lessons for companies. Companies should pay particular attention to the FTC’s guidance on the matter. “There is an expectation that companies and organizations are going to learn from the mistakes of their peers and do a better job,” Karen Hornbeck, senior manager at Consilio, told the Cybersecurity Law Report. We distill compliance lessons from the settlement. See “Equifax and Facebook Settlements Overshadow More Routine FTC Summer Settlements” (Jul. 24, 2019).