0 £0.00
This item was added to your basket

Dear visitor,
You are viewing 1 of your 2 free articles


We’ve made wider, important changes to our print and online content to enhance the value of exclusive, insightful, discerning content we create every day. Support valuable editorial content by becoming a member of our Credit Club - register for free or choose a paid plan.

Register now or Login

Cyber attack affects 143 million US Equifax consumers

A cyber attack on Equifax has exploited a website application vulnerability to gain access to consumer files, the credit reference agency reported yesterday (September 7).


Amber-Ainsley   Pritchard

Share on LinkedInShare on Twitter
Amber-Ainsley   Pritchard
Share on LinkedInShare on Twitter

A cyber attack on Equifax has exploited a website application vulnerability to gain access to consumer files, the credit reference agency reported yesterday (September 7).

 

Equifax discovered the unauthorised access on July 29 this year and acted immediately to stop the intrusion by hiring an independent cyber security firm to carry out a forensic investigation.

 

The access occurred from the middle of May through to July 2017. The company has found no evidence of unauthorised activity on Equifax’s core consumer or commercial credit reporting databases.

 

However, the information that was accessed included names, social security numbers, birth dates, addresses and, in some instances, driver’s license numbers.

 

Credit card numbers for 209,000 US consumers were accessed as well as certain dispute documents with personal identifying information for about 182,000 US consumers.

 

Equifax has also identified unauthorised access to limited personal information for certain UK and Canadian residents. It will now work with UK and Canadian regulators to determine appropriate next steps.

 

"While we’ve made significant investments in data security, we recognize we must do more. And we will"

 

Richard F. Smith, chairman and chief executive of Equifax, said: "This is clearly a disappointing event for our company, and one that strikes at the heart of who we are and what we do. I apologise to consumers and our business customers for the concern and frustration this causes.

 

"I’ve told our entire team that our goal can’t be simply to fix the problem and move on. Confronting cybersecurity risks is a daily fight. While we’ve made significant investments in data security, we recognize we must do more. And we will."

 

Commenting on the cyber attack, James Dipple-Johnstone, deputy commissioner at the Information Commissioner’s Office, said: "We are already in direct contact with Equifax to establish the facts including how many people in the UK have been affected and what kind of personal data may have been compromised. We will be advising Equifax to alert affected UK customers at the earliest opportunity.”

 

The investigation remains ongoing and is expected to be completed in the coming weeks.

 

Equifax will send direct mail notices to consumers whose credit card numbers or dispute documents with personal identifying information were impacted.

 

It has also set up a website offering TrustedID Premier, a product to help consumers determine if their information has been potentially impacted. TrustedID can be found here: equifaxsecurity2017.com

Share on LinkedInShare on Twitter
Add New Comment
LoginRegister

LATEST INDUSTRY NEWS STRAIGHT TO YOUR INBOX

Credit Strategy
LinkedIn page

Did you find our website useful?

Thank you for your input

Thank you for your feedback

creditstrategy.co.uk – an online news and information service for the UK’s commercial and consumer credit industry. creditstrategy.co.uk is published by Shard Financial Media Limited, registered in England & Wales as 5481132, Axe & Bottle Court, 70 Newcomen St, London, SE1 1YT. All rights reserved. Credit Strategy is committed to diversity in the workplace.
@ Copyright Shard Media Group