FCA launches Equifax cyber attack probe
US-based Equifax discovered the hack in July, but only informed consumers last month.
Britain’s financial watchdog has opened an investigation into a cyber attack at credit monitoring company Equifax that affected 700,000 UK consumers.
The Financial Conduct Authority (FCA) said that it is openly disclosing the probe as it is in the “public interest” to do so in this case.
“The FCA announces today that it is investigating the circumstances surrounding a cybersecurity incident that led to the loss of UK customer data held by Equifax Ltd on the servers of its US parent,” the watchdog said.
“This statement is made given the public interest in these matters.”
Atlanta-based Equifax discovered the hack in July, but only informed consumers last month after the breach saw information including partial credit card details, phone numbers, and driver’s licence numbers exposed.
Lenders rely on the information collected by credit bureaux such as Equifax to help them decide whether to approve financing for homes, cars and credit cards.
Equifax said a file containing 15.2 million UK records, dated between 2011 and 2016, was hacked and included data from “actual” consumers, as well as test and duplicate data.
The company said 12,086 consumers had an email address associated with their Equifax.co.uk account in 2014 accessed, while 14,961 consumers had portions of their Equifax.co.uk membership details – such as username, password, secret questions and answers and partial credit card details – from 2014 accessed.
It said 29,188 consumers had their driving licence number accessed, and 637,430 consumers had their phone numbers accessed.
Cyber attacks have become an increasing problem for big firms that hold a large amount of customer data.
HSBC and TalkTalk are among the most high profile British firms to be hit in recent years.