For HomeFor BusinessFor Partners
Industry News
1 min read

UK Watchdog Fines Equifax $13.4 Million over 2017 Data Breach

Filip TRUȚĂ

October 16, 2023

Promo Protect all your devices, without slowing them down.
Free 30-day trial
UK Watchdog Fines Equifax $13.4 Million over 2017 Data Breach

The UK’s Financial Conduct Authority has fined credit reporting agency Equifax 11 million pounds ($13.4 million) for gravely mishandling a run-in with hackers in 2017.

In 2017, Equifax’s parent company, Equifax Inc, suffered one of the largest data breaches ever recorded, the FCA notes. The attackers made off with the personal data of approximately 13.8 million UK consumers because Equifax outsourced data to Equifax Inc’s servers in the US for processing.

The data accessed by the hackers ranged from names to dates of birth, phone numbers, Equifax membership login details, partially exposed credit card details and residential addresses.

“The cyberattack and unauthorised access to data was entirely preventable,” according to the watchdog. “Equifax did not treat its relationship with its parent company as outsourcing. As a result, it failed to provide sufficient oversight of how data it was sending was properly managed and protected. There were known weaknesses in Equifax Inc’s data security systems and Equifax failed to take appropriate action in response to protect UK customer data.”

Equifax’s UK branch was only informed of the incident some five minutes before it was announced by the US parent company, the FCA notes, which meant it was unable to cope with complaints and incurred delays in contacting UK customers.

When faced with inquiries, the credit reporting agency “gave an inaccurate impression of the number of consumers affected [and] treated consumers unfairly by failing to maintain quality assurance checks for complaints following the cybersecurity incident, meaning complaints were mishandled,” stresses the FCA.

Equifax had so far only paid a meagre 500,000 pound fine to the UK Information Commissioner’s Office under the 1998 Data Protection Act (DPA), which the EU’s General Data Protection Regulation replaced in 2018. However, since the breach took place before the GDPR went into effect, the ICO’s fine had to be issued under the older legislation.

tags

Industry News

Author

Filip TRUȚĂ

Filip TRUȚĂ

Filip has 15 years of experience in technology journalism. In recent years, he has turned his focus to cybersecurity in his role as Information Security Analyst at Bitdefender.

View all posts

Right now Top posts

Netizens Fear Scammers Will Steal Their Savings but Do Little to Defend Themselves, Bitdefender Survey Shows
Industry News Scam

Netizens Fear Scammers Will Steal Their Savings but Do Little to Defend Themselves, Bitdefender Survey Shows

July 01, 2024

7 min read
Uncovering IoT Vulnerabilities: Highlights from the Bitdefender - Netgear 2024 Threat Report
Smart Home

Uncovering IoT Vulnerabilities: Highlights from the Bitdefender - Netgear 2024 Threat Report

June 26, 2024

2 min read
UEFA EURO 2024 Scams Are Already Here – How to Stay Safe
Scam Tips and Tricks

UEFA EURO 2024 Scams Are Already Here – How to Stay Safe

June 25, 2024

5 min read
Most People Still Write Important Passwords Down, Bitdefender Report Finds
Digital Privacy Threats

Most People Still Write Important Passwords Down, Bitdefender Report Finds

June 07, 2024

2 min read

FOLLOW US ON SOCIAL MEDIA

You might also like

Cybersecurity Grand Prix: Pole Position Passwords
Cybersecurity Grand Prix

Cybersecurity Grand Prix: Pole Position Passwords
Bitdefender

June 21, 2024

3 min read
The Safety Formula - Episode 10: Human Intuition Meets Advanced Technology
The Safety Formula

The Safety Formula - Episode 10: Human Intuition Meets Advanced Technology
Bitdefender

April 17, 2024

2 min read
Ukraine claims it hacked Russian Ministry of Defence, stole secrets and encryption ciphers
Industry News

Ukraine claims it hacked Russian Ministry of Defence, stole secrets and encryption ciphers
Graham CLULEY

March 06, 2024

2 min read

Bookmarks

loader