View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
October 11, 2017

UK Equifax data breach victims double as truth emerges

The Equifax data breach has been woefully handled, and the extent of the attack is worsening.

By Tom Ball

In the wake of the Equifax data breach it was thought that less than 400,000 UK customers were hit, in fact nearer 700,000 were left vulnerable and 15 million UK records had been targeted.

The discovery of the true UK figure was made when the firm identified a further stolen file, proving to be yet another damning oversight in the handling of the major cyber incident.

Equifax has said that the additional customers have been contacted, with passwords, email addresses, phone numbers, driving license number and card details potentially stolen.

UK Equifax data breach victims double as truth emerges

Initially the credit rating firm reassured customers that the data accessed in the breach was not critical enough that theft was likely, but security professionals have disputed this.

Following the colossal breach, both the CIO and the CSO resigned, and in the days following this, the CEO also stepped down due to the poor handling of the situation. The blundering response to the incident is even more shocking due to the fact that GDPR is near at hand, arriving in May 2018.

Cybercriminals face the sword of justice with new London court
DDoS attacks double as corporate data becomes new target
SonicWall CEO: Putting malware cocktails on the menu with machine learning

The story of cyber disaster for Equifax began before the major summertime breach, with the company admitting to another incident earlier this year. Equifax did at least bring the independent cybersecurity firm, Mandiant, on board to investigate both attacks, but this has not assuaged the concern caused by the company’s lacking communication.

Content from our partners
How the retail sector can take firm steps to counter cyberattacks
How to combat the rise in cyberattacks
Why email is still the number one threat vector

Communication from the company when the Equifax data breach hit was non-existent to begin with, leaving the UK’s National Cyber Security Centre to raise awareness to the result of the attack. The prompt announcement of data breaches will be a focus area of GDPR, with penalties threatening organisations that fail to inform quickly enough.

News of the true extent of the numbers of UK customer hit by the breach comes at a time when the nation is still reeling from the crippling effect of the WannaCry ransomware attack, a standout incident that raised general cyber awareness massively.

Topics in this article: , ,
Websites in our network
NEWSLETTER Sign up Tick the boxes of the newsletters you would like to receive. Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
I consent to New Statesman Media Group collecting my details provided via this form in accordance with the Privacy Policy
SUBSCRIBED

THANK YOU