RegulationSecurityWorkspace

British Financial Regulator Opens Probe Into Equifax Breach

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

Follow on: Google +

The Financial Conduct Authority said it has opened an investigation into the breach of 15.2 million UK citizens’ records following a letter from Parliament

The UK markets regulator said it has opened an investigation into Equifax’s exposure of millions of customers’ personal details in a hack of its information systems.

data encryptionIn a short statement on Tuesday the Financial Conduct Authority (FCA) said it was “investigating the circumstances” of the incident.

Equifax, which has become the subject of numerous probes and lawsuits following its disclosure of the hack in September, said it “welcomed” the FCA’s involvement.

Earlier this month Nicky Morgan, chair of the House of Commons’ Treasury Committee, wrote to FCA chief executive Andrew Bailey criticising Equifax’s response to the breach and asking whether the regulator is considering taking further action.

New probe

The credit reporting agency has said 15.2 million records involving British citizens were involved in the breach, with the sensitive details of 693,665 individuals exposed.

Those details include credit accounts, user credentials, partial credit card details and drivers’ licence numbers. The remaining 14.5 million records of British customers’ names and birth dates were “potentially compromised”.

The unknown hackers’ intrusion occurred between mid-May and the end of July this year.

Equifax initially said 400,000 British citizens were affected due to a processing error, before revising the figure upward. The company has offered credit protection services to those involved.

The firm’s US customers were most affected, with data on about 143 million exposed, placing them at potential risk of identity theft and targeted scams, Equifax has acknowledged.

“The Financial Conduct Authority announces today that it is investigating the circumstances surrounding a cybersecurity incident that led to the loss of UK customer data held by Equifax Ltd on the servers of its US parent,” the FCA said in its statement. “This statement is made given the public interest in these matters.”

“We welcome this opportunity to learn the lessons from this criminal cyber-attack in order for all businesses to better protect consumers in the future,” Equifax stated.

Do you know all about security in 2017? Try our quiz!