Bri­tish vic­tims of Equifax hack surge

The Daily Telegraph - Business - - Front Page - By Cara McGoogan

EQUIFAX has ad­mit­ted that al­most dou­ble the num­ber of UK cus­tomers had their in­for­ma­tion stolen in a ma­jor data breach ear­lier this year than it orig­i­nally thought, and that mil­lions more could have had their de­tails com­pro­mised.

The credit rat­ing firm said it was con­tact­ing nearly 700,000 cus­tomers in the UK to alert them that their data had been stolen in the at­tack, which was re­vealed in Septem­ber. The com­pany orig­i­nally es­ti­mated that the num­ber of peo­ple af­fected in the UK was “fewer than 400,000”. But last night it emerged that cy­ber crim­i­nals had tar­geted 15.2 mil­lion records in the UK. It said 693,665 peo­ple could have had their data ex­posed, in­clud­ing email ad­dresses, pass­words, driv­ing li­cence num­bers and phone num­bers. The stolen data in­cluded par­tial credit card de­tails of less than 15,000 cus­tomers.

Hack­ers po­ten­tially com­pro­mised a fur­ther 14.5 mil­lion records that could have con­tained names and dates of birth. Equifax orig­i­nally said the com­pro­mised records did not con­tain pass­words, ad­dresses or fi­nan­cial in­for­ma­tion. It as­sured con­sumers that, be­cause of the na­ture of the in­for­ma­tion, iden­tity theft was “un­likely”.

But se­cu­rity ex­perts have warned the de­tails could be used by fraud­sters to re­trieve full pay­ment de­tails. The re­vised fig­ure comes after in­ves­ti­ga­tors look­ing into the Equifax breach dis­cov­ered an­other file had been stolen.

Cy­ber crim­i­nals breached Equifax’s sys­tems in the US be­tween mid-May and July, steal­ing the in­for­ma­tion of mil­lions of cus­tomers.

Around 14.5 mil­lion con­sumers in the US could have been af­fected in the at­tack, a fig­ure that Equifax had also un­der­es­ti­mated ini­tially. The US-based credit ref­er­ence agency said the de­tails of some Bri­tish peo­ple had been stored across the At­lantic, re­sult­ing in them be­ing im­pli­cated in the hack. The com­pany has de­tails for around 44 mil­lion UK-based and 143 mil­lion US-based con­sumers. Equifax said last month that its UK com­puter sys­tems had not been af­fected and that a “process fail­ure” meant a file con­tain­ing Bri­tish con­sumers’ de­tails had been stored in the US from 2011 to 2016.

Richard Smith, Equifax chief ex­ec­u­tive and chair­man, stepped down in the weeks after the hack was re­ported. The com­pany, which holds data on around 820 mil­lion con­sumers and 91 mil­lion com­pa­nies, said it faced a “mas­sive” task re­spond­ing to the hack.

Pa­tri­cio Re­mon, Equifax’s pres­i­dent for Europe, said: “Once again, I would like to ex­tend my most sin­cere apolo­gies to any­one who has been con­cerned about or im­pacted by this crim­i­nal act. It has been re­gret­table that we have not been able to con­tact con­sumers who may have been im­pacted un­til now, but it would not have been ap­pro­pri­ate for us to do so un­til the full facts of this com­plex at­tack were known, and the full foren­sics in­ves­ti­ga­tion was com­pleted.”

Newspapers in English

Newspapers from UK

© PressReader. All rights reserved.