Equifax data breach: File containing details of 15.2m Brits lost to hackers

Equifax data breach: File containing details of 15.2m Brits lost to hackers

IICSA fined £200,000 for human error that exposed identities of child abuse victims

The Equifax data breach compromised personal information of nearly twice as many British citizens than the credit rating agency initially let on.

Equifax has confirmed that personal details of nearly 700,000 customers in the UK were compromised by hackers behind the breach.

Last month, U.S. credit rating agency Equifax revealed that it had suffered a major data breach that compromised details of millions of customers, including credit card details of over 209,000 citizens.

Out of 44 million British nationals whose personal and financial data were stored by Equifax, the company then announced that nearly 400,000 were affected. Even though physical addresses, passwords and financial data of the 400,000 Brits were secure, hackers were able to access their names, dates of birth, email addresses, and telephone numbers.

However, a forensic investigation commissioned by Equifax on the data breach has now come up with startling results. The investigation has revealed that the data breach affected as many as 693,665 customers in the UK, with hackers accessing their email addresses, passwords, driving license numbers, and phone numbers.

Equifax revised the number of affected UK citizens after investigators discovered that hackers got their hands on another file which was previously considered secure. The file contained records for as many as 15.2 million Britons dating between 2011 and 2016.

According to revised figures shared by Equifax, hackers behind the breach accessed phone numbers of 637,430 Britons, driving license numbers of 29,188 Britons, Equifax usernames, passwords, and partial credit card details of 14,961 Britons, and email addresses for 12,086 Britons.

'Today Equifax can confirm that a file containing 15.2m UK records dating from between 2011 and 2016 was attacked in this incident. Regrettably, this file contained data relating to actual consumers as well as sizeable test datasets, duplicates and spurious fields,' said the agency in its latest public announcement on the breach.

Adding that the affected 693,665 UK consumers are being contacted by post, the agency added that the balance of the 14.5m records potentially compromised may contain the name and date of birth of certain UK consumers.

“Once again, I would like to extend my most sincere apologies to anyone who has been concerned about or impacted by this criminal act. Let me take this opportunity to emphasise that protecting the data of our consumers and clients is always our top priority," said Patricio Remon, President for Equifax UK.

"It has been regrettable that we have not been able to contact consumers who may have been impacted until now, but it would not have been appropriate for us to do so until the full facts of this complex attack were known, and the full forensics investigation was completed.

"I urge anyone who receives a letter from Equifax to take advantage of the remedial services being offered to help mitigate against any risk, or to contact us should you have any questions," he added.

Affected customers who have had their phone numbers accessed will be offered a leading identity monitoring service for free and those who had other personal details accessed will receive Equifax Protect, an identity protection service which monitors personal data, for free.

Copyright Lyonsdown Limited 2021

Top Articles

300% increase in global cyber attacks

According to NTT's Global Threat Intelligence Report, there has been a 300% increase in cyber attacks globally Manufacturing, healthcare and finance industries all saw an increase in attacks globally (300%,…

US pipeline giant Colonial Pipeline suffers disruptive DarkSide ransomware attack

Colonial Pipeline suffered a DarkSide ransomware attack late last week that forced it to shut all pipeline operations.

NCSC's Active Cyber Defence programme helped sink 70k online scams in 2020

NCSC's Active Cyber Defence programme, which includes the Suspicious Email Reporting Service, helped in taking down over 70,000 online scams totalling 1.4 million URLs last year.

Related Articles