Back to posts

Published: 20/09/17 by Gulraj Rijhwani

UK victims of Equifax breach identified

12 days ago, Equifax the US credit reference agency admitted to having been victim to a significant data breach exposing all of their US records.  At the time the initial claim was that no other countries were affected. Shortly after, unspecified numbers of UK and Canadian were also revealed to be at risk.  The UK ICO insisted that Equifax publish details of the risk to UK citizens, but only now has the information been forthcoming.

In a statement issued by their UK arm the company admits that due to process faults between 2011 and 2016, around 400,000 UK citizens had data mistakenly stored in the US, and that it will be contacting them to offer similar services to those already on offer the the US victims of the breach.

Since the original American announcement, a significant degree of further information has come to light as to the vulnerability that was exploited to gain access to the system.  A patch to a widely recognised vulnerability in the web platform (Apache Struts) was neglected for several months, raising questions as to why.  Answers may be forthcoming, eventually, but the consequences within the company are already being felt with both the Chief Information Officer and the Chief Security Officer “retiring”, effective immediately, and the company’s credibility being significantly dented.  And of course the consequence for the innocent subjects caught up in the aftermath is a future of uncertain security, with their risk of exposure to targeted phishing and other identity-theft attacks greatly increased.

If you are concerned about becoming the next hacking headline, get in touch to speak with one of our team about how we can help reduce your security vulnerabilities.

Let's get in touch

Send us a message
Call us

UK Office

Tel: 0161 850 0454

10th Floor, 3 Hardman Street
Spinningfields, Manchester
M3 3HF

Gibraltar Office

Tel: 540 65558

1st Floor, 138a Main Street
GX11 1AA