Equifax Confirms 400,000 UK Consumers Affected By Huge US Data Breach

Credit monitoring firm Equifax has confirmed that 400,000 UK consumers are affected by the massive data breach it suffered earlier this year.

It emerged last week that 143 million Americans – half the population – were affected by the hack and that some Brits were also impacted.

That number had remained a mystery until a statement from Equifax’s UK subsidiary was released late on Friday afternoon.

Read More: What can businesses learn from Equifax data breach?

Equifax UK breach

Equifax said its UK systems were separate to those in the US and therefore weren’t hacked, but due to a “process error”, some data on British consumers was stored in America. Equifax has attributed the beach to a web server vulnerability,

“Regrettably the investigation shows that a file containing UK consumer information may potentially have been accessed,” it said. “This was due to a process failure, corrected in 2016, which led to a limited amount of UK data being stored in the US between 2011 and 2016.

“The information was restricted to: Name, date of birth, email address and a telephone number and Equifax can confirm that the data does not include any residential address information, password information or financial data.

Loading ...

“Having concluded the initial assessment Equifax has established that it is likely to need to contact fewer than 400,000 UK consumers in order to offer them appropriate advice and a range of services to help safeguard and reassure them.”

Equifax said it was unlikely that the breach would lead to identify theft, but it would be offering support and identity protection services to any UK resident affected. The company said it is working with the Financial Conduct Authority (FCA) and the Information Commissioner’s Office (ICO).

“We apologise for this failure to protect UK consumer data,” said Patricio Remon, President of Equifax Ltd. “Our immediate focus is to support those affected by this incident and to ensure we make all of the necessary improvements and investments to strengthen our security and processes going forward.”

Quiz: Do you know all about security in 2017?

Steve McCaskill

Steve McCaskill is editor of TechWeekEurope and ChannelBiz. He joined as a reporter in 2011 and covers all areas of IT, with a particular interest in telecommunications, mobile and networking, along with sports technology.

View Comments

  • Well, that's lucky. With "just" my name, DoB, email address and mobile number that means two-factor authentication is no-longer safe. Lucky that my mothers maiden name didn't get breached too...

Recent Posts

Spyware Maker NSO Group Found Liable In US Court

Landmark ruling finds NSO Group liable on hacking charges in US federal court, after Pegasus…

1 day ago

Microsoft Diversifying 365 Copilot Away From OpenAI

Microsoft reportedly adding internal and third-party AI models to enterprise 365 Copilot offering as it…

1 day ago

Albania Bans TikTok For One Year After Stabbing

Albania to ban access to TikTok for one year after schoolboy stabbed to death, as…

1 day ago

Foldable Shipments Slow In China Amidst Global Growth Pains

Shipments of foldable smartphones show dramatic slowdown in world's biggest smartphone market amidst broader growth…

1 day ago

Google Proposes Remedies After Antitrust Defeat

Google proposes modest remedies to restore search competition, while decrying government overreach and planning appeal

1 day ago

Sega Considers Starting Own Game Subscription Service

Sega 'evaluating' starting its own game subscription service, as on-demand business model makes headway in…

1 day ago